Re: [Samba] Adding a machine; I think I am onto something

[Jim C]

<chuckle>OK, I got this one figured. The reason this took so long for me to figure out is because there weren't any good scripts for adding users so I had to write and debug my own. I couldn't debug the other issues until I had good users. Anyway, it turns out my ACL's were not properly set up for ou=Computers yet and I did still have a few bugs in my scripts. So I fixed those and then changed two lines in /etc/ldap.conf:

#nss_base_passwd                ou=People,dc=microverse,dc=net?one
#nss_base_shadow                ou=People,dc=microverse,dc=net?one
nss_base_passwd         dc=microverse,dc=net?sub
nss_base_shadow         dc=microverse,dc=net?sub

...and now it works fine. :):):):):):)
I guess the real trouble is learning how to think 3 dimensionaly through a tree instead of thinking in SQL db tables.


Dariush Forouher wrote:

Am Sam, 2003-01-18 um 23.56 schrieb Jim:

So anyway I have some theories I would like verified.
I've found that I can add a posix based machine name and that works fine BUT it only works in ou=People. The system cannot find a machine account in ou=Computers.

Is ou=Computers below ou=People? If not, neither Samba nor pam will
notice it.

Theoretically, it did not find one because there is no objectClass sambaAccount in the entry HOWEVER, I know from previous attempts it does find the posix only Computer account when it is placed in ou=People. Is there perhaps a different search performed the fist time around despite the log entry or is my understanding of "(&(uid=spartack_)(objectclass=sambaAccount))" flawed?

Samba itself doesn't lookup posix things in LDAP. That is the job of
nsswitch/pam. You have to configure in your libnss-ldap.conf a
searchbase that includes ou=People and ou=Computers as well.

regards
Dariush

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba