On the samba-technical mailing list there is this exact problem
detailed, so your help is no longer needed to configure reading of
unixHomeDirectory and loginShell by other users, but the question about
anonymous access still stands - it would be much better for each client
to have anonymous access to LDAP rather than needing the dedicated user,
which brings with it security holes.
On 14/12/12 18:03, Rob McCorkell wrote:
In our current testing environment, we are using nslcd to get user and
group information from the Samba4 LDAP server, using the last part of
objectSid as uidNumber. The configuration is designed to pull down
unixHomeDirectory and loginShell if they exist, but they default to
standard values if they do not. nslcd on each machine binds to LDAP
using a dedicated user account, nslcd-service, and the entire setup
works pretty well.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba