Hi Sorry, I accidentally did not send my initial reply to the list.
On 5 July 2010 08:26, Jorijn Schrijvershof <jor...@jorijn.com> wrote: > On Fri, Jul 2, 2010 at 3:53 PM, Michael Wood <esiot...@gmail.com> wrote: >> >> For a start just try: >> $ ldapsearch -x -h localhost >> >> That should print out a whole bunch of stuff. >> >> You can also restrict your search to a certain part of the tree like this: >> >> $ ldapsearch -x -h localhost -b CN=Users,DC=samba,DC=example,DC=com >> >> (assuming your realm is samba.example.com.) >> >> And if you just want their Windows login name, try: >> >> $ ldapsearch -x -h localhost -b CN=Users,DC=samba,DC=example,DC=com >> sAMAccountName >> >> If you want to try authenticating to the LDAP server, try: >> >> ldapsearch -x -h localhost -b CN=Users,DC=samba,DC=example,DC=com -D >> CN=Administrator,CN=Users,DC=samba,DC=example,DC=com -W sAMAccountName >> >> or like this: >> >> $ sudo apt-get install libsasl2-modules-gssapi-heimdal >> (or libsasl2-modules-gssapi-mit) >> $ kinit Administrator >> $ ldapsearch -Y gssapi -h localhost -b >> CN=Users,DC=samba,DC=example,DC=com sAMAccountName >> >> I hope that helps. > > Thank you all, this helped a lot. I am able to connect and browse the > internal ldap server now. Now for the passwords; > Google supports sha1, md5 and plaintext passwords during synchronisation, > where are these located, and if not supported, how to make them supported? > Thanks a lot :-) I am not sure this will be possible unless you use plain text passwords because I believe Windows uses its own hashing algorithms. I don't know anything about Google's LDAP server/schema, but if you authenticate as an admin user I think you should be able to access the passwords. You might need to fiddle with the access control settings if you have access to that. -- Michael Wood <esiot...@gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
