I did drop it and it added.. # extended LDIF # # LDAPv3 # base <dc=softeng,dc=com> with scope sub # filter: (objectclass=*) # requesting: ALL #
# softeng.com dn: dc=softeng,dc=com objectClass: dcObject objectClass: organization o: Software Engineering dc: softeng # Manager, softeng.com dn: cn=Manager,dc=softeng,dc=com objectClass: organizationalRole cn: Manager # Idmap, softeng.com dn: ou=Idmap,dc=softeng,dc=com objectClass: organizationalUnit ou: idmap # search result search: 2 result: 0 Success # numResponses: 4 # numEntries: 3 But now when I do a getent passwd, I get: Jun 10 02:31:05 wwweng1 winbindd[4233]: ldap_allocate_id: single sambaUnixIdPool object not found Jun 10 02:31:05 wwweng1 winbindd[4233]: [2004/06/10 02:31:05, 0] sam/idmap_ldap.c:ldap_allocate_id(413) Jun 10 02:31:05 wwweng1 winbindd[4233]: [2004/06/10 02:31:05, 0] sam/idmap_ldap.c:ldap_get_id_from_sid(621) Jun 10 02:31:05 wwweng1 winbindd[4233]: ldap_allocate_id: cannot acquire id lock! and the getent returns nothing from winbind. When I remove the "ldap" entries from smb.conf, the getnet command works fine. (so winbind is working) As for DSA, I am not sure what you mean. I am doing nothing fancy like SSL or the like. Thanks, JMS P.S. My SLDAP.CONF: # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org #pidfile //var/run/slapd.pid #argsfile //var/run/slapd.args # Create a replication log in /var/lib/ldap for use by slurpd. #replogfile /var/lib/ldap/master-slapd.replog # Load dynamic backend modules: # modulepath /usr/sbin/openldap # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # # The next two lines allow use of TLS for connections using a dummy test # certificate, but you should generate a proper certificate by changing to # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on # slapd.pem so that the ldap user or group can read it. # TLSCertificateFile /usr/share/ssl/certs/slapd.pem # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem # # Sample Access Control # Allow read access of root DSE # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # #access to dn="" by * read #access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default is: # Allow read by all # # rootdn can always write! ####################################################################### # ldbm database definitions ####################################################################### database ldbm suffix "dc=softeng,dc=com" rootdn "cn=Manager,dc=softeng,dc=com" rootpw {SSHA}l3niIBoW8kJe1gEzqK5VW426vNh+PW69 directory /var/lib/ldap # Indices to maintain index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial # Replicas to which we should propagate changes #replica host=ldap-1.example.com:389 tls=yes # bindmethod=sasl saslmech=GSSAPI # authcId=host/[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba