[samba] Authentification avec ldap
Je cherche à effectuer une authentification via mon serveur openldap pour samba.
J'ai ajouté le fichier samba.schema dans /etc/ldap/schema (include /etc /ldap /schema/ samba.schema)
J'ai effectué un ldapadd avec le fichier samba.ldif (ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif)
voici la partie [global] de mon smb.conf
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
tls enabled = yes
passdb backend = ldapsam:ldap://srv.***.lan
ldap admin dn = cn=admin,dc=***,dc=lan
ldap group suffix =
ldap idmap suffix =
ldap machine suffix =
ldap passwd sync = Yes
ldap suffix = dc=***,dc=lan
ldap user suffix = cn=%u,ou=People
idmap backend = ldap:ldap://srv.***.lan
idmap uid = 10000-20000
idmap gid = 10000-20000
add user script = /var/lib/samba/sbin/smbldap-useradd -a '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel '%u'
add group script = /var/lib/samba/sbin/smbldap-groupadd -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel '%g'
add user to group script = /var/lib/samba/sbin/smbldap-groupmod -m '%u''%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod -x '%u' '%g'
add group script = /var/lib/samba/sbin/smbldap-groupadd -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel '%g'
add user to group script = /var/lib/samba/sbin/smbldap-groupmod -m '%u''%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod -x '%u' '%g' |
Pour me connecter via pgina, j'utilises le search dn cn=%u,ou=People,dc=***,dc=lan
*** remplace le nom réellement choisi.
Si quelqu'un peut m'aider à comprendre ou ça coince, merci d'avance.
