Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )

Advanced DNS Management
New ZoneEdit. New Managment.


Sign Up Now
Reply to this topicStart new topic
> Problems retrieving user info
post Dec 15 2005, 04:47 PM
Post #1

Whats this Lie-nix Thing?

Group: Members
Posts: 1
Joined: 15-December 05
Member No.: 5,866

I have a Fedora Core 4 machine that is authenticating users against an Active Directory server. The authentication works perfectly, but I can't seem to pull any user info from the Active Directory. In my ldap.conf, I have the following:

nss_base_passwd ou=Support Web Admins,dc=mydomain,dc=net?sub
nss_base_shadow ou=Support Web Admins,dc=mydomain,dc=net?sub
nss_base_group ou=Support Web Admins,dc=mydomain,dc=net?sub
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute loginShell msSFU30LoginShell
nss_map_attribute gecos name
nss_map_attribute userPassword msSFU30Password
nss_map_attribute homeDirectory msSFU30HomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute uniqueMember msSFU30PosixMember
nss_map_attribute cn cn
pam_login_attribute sAMAccountName
pam_filter objectclass=user
pam_member_attribute msSFU30PosixMember
pam_password crypt

My smb.conf is as follows:

workgroup = MYDOMAIN
server string = Samba Server
log file = /var/log/samba/%m.log
max log size = 50
password server =
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
password server = ONLINE-MAIL.mydomain.NET
realm = mydomain.NET
security = ads
template homedir=/home/%U

If I comment out the lines for idmap uid, idmap gid, template shell and template homedir, then I can't log on because it won't pull the user info from AD. If I leave them in, I can log in, but it uses the info from smb.conf rather than that in AD. Any ideas what I'm doing wrong?
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:


RSS Lo-Fi Version Time is now: 19th July 2018 - 08:39 AM