On Fri, Jul 01, 2005 at 12:08:38PM -0500, Alex Canizales wrote: > > Well, first, already the domain it's working, the schema was created, and > other problems was solved, i can join machines to domain, log in to them, > and assign privileges using ldap groups into OID. Right now the problem is > only when i change the password from windows dialog box, even when i change > the password from smbladp-password command it's works fine. > > >This will not help you for two reasons: 1: it's an OpenLDAP server ACL > >and is only applicable to the server configuration; 2: it only gives > >read access anyway. > > At the second point, the OID have the way to put ACL's at the rootDSE > level too, not in way of the OpenLDAP, on text plain file, it's trough the > oidadmin console or using ldapmodify command and i'd have put this exactly. > > I need to know which is the difference between the passwod change from > smbldap-password and the password change from windows dialog box in order > to put the privileges in the correct place. I believe that the problem is > because it's trying to access at some attribute in other level when is > execute from windows.
I have
access to attrs=sambaLMPassword,sambaNTPassword
by self ssf=128 write
by anonymous ssf=128 auth
by dn="cn=smbadmin,ou=People,dc=gpm,dc=stappers,dc=nl" ssf=128 write
by dn="cn=admin,ou=People,dc=gpm,dc=stappers,dc=nl" ssf=128 write
by * none
smbldap-password probably uses smbadmin ( has write accces on OID )
Windows probably uses "self" ( has no write access on OID )
Cheers
Geert Stappers
signature.asc
Description: Digital signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
