Hi:
I have heard that with samba 3 you don't need to have posixAccount objectclass as part of the entries in the ldap directory anymore. I couldn't find any information about how to get this going, so I am recurring to this list.
What I want to achieve is to have my ldap directory to validate windows users through samba. I just want to validate the users to have access to the windows hosts, and I don't want to give any user access to a share in the samba server.
I tried to follow many of the howtos that I did find in google, but failed to achieve my goal.
As far as I know when you do 'getent passwd', nss_ldap looks in the ldap directory for a entry that has the posixAccount objectclass, so in this case I couldn't use this to test if the samba is seeing the ldap correctly.
I tell you this, because in my tests, I always got in the samba log files: 'User myuser in passdb, but getpwnam() failed!". And right after that the error messages that the user cannot logon.
This makes me think that I cannot avoid the posixAccount entry in my samba users... is this right?
Why is the posixAccount entry needed in the first place? I dont want to give these users any kind of access to my samba (linux) server....
I hope you can understand my problem, and that you can give me any kind of answer in order to overcome it
regards
ricardo
pd: sorry for the long long mail , but I couldn't write less to fully explain my situation
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba