On Thu, 2004-12-09 at 16:37 -0500, Misty Stanley-Jones wrote: > On Thursday 09 December 2004 14:50, Chuck Theobald wrote: > > John, > > > > I use: > > > > ldap group suffix = ou=group > > ldap machine suffix = ou=people > > ldap user suffix = ou=people > > > > because the docs I was following stated that there was a bug in Samba that > > prevented a group suffix of ou=computers from working. I can't put my > > hands on this doc right now, though. Perhaps someone could comment on > > whether this issue is resolved in 3.0.9 or whether it was an issue at all. > > > > Chuck > > > > It hasn't been an issue for a long time now. I don't remember if it was with > Samba or smbldap-tools. But you need to be using a newer smbldap-tools (ones > that do not end in .pl). --- I don't know about the newer smbldap-tools but I think the problem lies more with the requirement that samba users must be posixAccounts and thus, the posix information for these machine accounts need to be located when connected.
There has been numerous discussions about using 'sub' instead of 'one' when parsing the ldap directory which has load/performance implications and these scaling issues are something to be dealt with. It gets cumbersome to answer for those that are having problems. These issues are difficult for those that don't have familiarity with ldap and when you get the processes down, it's easy enough to move the machine accounts to another container and until then, the far easier route is to put them in the user container. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba