What does your getent passwd show? What does your getent group show? Can your ldap-user login to your linux/unix box? Is your linux-box auth set to your ladp-server?
Do you have something like this in your slapd.conf!?: access to attrs=userPassword,shadowLastChange by anonymous auth by self write by dn="cn=youradmin,dc=xxx,dc=xxx" write by * none access to attrs=sambaLMPassword by self write by anonymous auth by dn="cn=youradmin,dc=xxx,dc=xxxx" write by * none access to attrs=sambaNTPassword by self write by anonymous auth by dn="cn=youradmin,dc=xxx,dc=xxxx" write by * none access to attrs=sambaPwdLastSet,sambaPwdMustChange by self write by anonymous auth by dn="cn=youradmin,dc=xxx,dc=xxxx" write by * none access to * by dn="cn=youradmin,dc=xxx,dc=xxxx" write by users read by self write by * read ----------------------------------------------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Ursprüngliche Nachricht----- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Francesco Storti Gesendet: Donnerstag, 13. Oktober 2011 12:46 An: samba@lists.samba.org Betreff: [Samba] Samba, OpenLDAP and Passwords Hi, I have an existing OpenLDAP directory, that I want to use as the backend for a Samba 3 instance. I do not want for now making Samba a Domain Controller, but only define in it some shares accessible by users on LDAP. I have imported in my slapd.conf the samba schema, and I have inserted in my smb.conf all the directives for connecting to an LDAP server: passdb backend = ldapsam:ldaps://slap1.xxxx.xx ldap suffix = dc=xxxx,dc=xx ldap admin dn = "cn=admin,dc=xxxx,dc=xx" ldap delete dn = No ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap password sync = yes I have defined the admin password with the smbpasswd utility, and everything is working. If I want that a LDAP user uses Samba, I have to use again the smbpasswd utility for adding him to the samba users and defining a new password that will be the LDAP attribute SambaNTPassword (and the new password overwrites the LDAP userPassword, thanks to the "ldap password sync = yes" directive in smb.conf). If I want to permit that a user can change his LDAP userPassword and align it to the SambaNTPassword, I have seen that I can do it by using the smbk5pwd overlay and pam_password exop. But I do not know a method for using the existing LDAP userPassword for Samba authentication: I do not want that all the users have to redefine their passwords. Someone of you knows a way for doing that? Thank you in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba