Hello List,
i am trying to understand the LDAP-backend i just set up. Maybe someone
can help me a little understanding the whole magic.
In smb.conf i have my smbldap-tools scripts:
# use the smbldap-tools scripts
add user script = /usr/sbin//smbldap-useradd -m "%u"
delete user script = /usr/sbin//smbldap-userdel "%u"
add machine script = /usr/sbin//smbldap-useradd -w "%u"
add group script = /usr/sbin//smbldap-groupadd -p "%g"
delete group script = /usr/sbin//smbldap-groupdel "%g"
add user to group script = /usr/sbin//smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin//smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin//smbldap-usermod -g "%g" "%u"
and some ldap specific stuff:
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=example,dc=net
ldap suffix = dc=example,dc=net
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
idmap backend = ldap://127.0.0.1
#ldap ssl = start tls
ldap delete dn = Yes
1.) Now how does the authentification excatly work? Does samba talk
directly to the ldap database and verifies user/password?
2.) I guess changing/deleting passwords/users is beeing made by the
smblda-tools.
3.) How does samba get the user ids? By contacting the ldap database
directl again?
4.) How does samba get he user/group of files and folders? By nss?
5.) Has samba got anything to do with nss/libnss-ldap?
Thanks, Mario
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
