At 08:54 AM 9/23/2005, Greg Folkert wrote:
On Thu, 2005-09-22 at 14:48 -0600, Ric Tibbetts wrote:
> >
> >There is a terribly good howto:
> >
> >http://www.idealx.org/prj/samba/smbldap-howto.en.html
>
>
> Thank you!
> That helped, I'm closer.
> I left out one line from my smb.conf
> I found it from digging through that how-to.
>
> password server = <LDAP server>
>
> With that in, it now picks up the users from LDAP, which is exactly
> what I was after!
> Now I just need to work out a performance issue. getting the IDs from
> LDAP is SLOW!!!!
> It works, just as I wanted it to. It's just slow.
Well, it depends. How *slow* is slow?
And also, have you cranked up the logging on the auth part?
log level = passdb:10 auth:10
Also have you set:
passdb backend = ldapsam ldap://auth.yourhost.com
I am also assuming you have all the LDAP stuff setup properly, of
course as needed/if needed.
ldap admin dn
ldap delete dn
ldap filter
ldap group suffix
ldap idmap suffix
ldap machine suffix
ldap passwd sync
ldap replication sleep
ldap suffix
ldap timeout
ldap user suffix
Hopefully, if you have good throughput, its all in these settings. If
you don't have good throughput... well time to check the networking
tweaks for samba.
Also, if the delay turns out to be a lookup delay, try hard coding the
name and ipaddr in the /etc/hosts file on the AIX box. This sometimes is
a good work around for DNS queries gone bad.
Greg;
Well, what was working yesterday, has stopped today. This is getting
frustrating.
In short: I'm trying to use Samba in it's most basic form. I don't
need a windows login server, nor a domain controller, none of that.
I just, very simply, need it serve out shares to already logged in
windows users. I've done this many times, in other places. I can't
possibly imagine why it's not working now. I don't need a passwd
database. I don't even need passwords.
The process is:
1) users are at a PC (which is already logged in via the Windows ADS.
2) Users need a share from Unix server "X"
3) uinx server "X" should only need to validate that the request is
coming from a valid subnet, from a valid user. They don't need
anything else. Just the share.
That's it. This is Samba at it's simplest.
The only wrinkle in this whole thing is that the user names between
the windows side, and the Unix side, don't match. So I have a
smbusers file to translate that. Other than that, it's all pretty basic.
I'm getting crazy errors in the logs. Everything from unknown user,
to no domain controller, to no password server, etc... It's almost random.
What was working yesterday, is dead today, and I didn't change
anything while I was at home last night.
I'll strip it all down "again" today, and piece it back together, and
hope I can make it work again.
This is just nuts.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
