Ok so I've been trying to setup a samba PDC using ldap as its backend and its been a bit crazy up to this point.
The machine I'm trying to login to is a RHEL v4 box. Going with the howto found on idealx website (
http://www.idealx.com/downloads/samba3-ldap-howto.pdf ), I've edited the /etc/ldap.conf and various files. Still no luck. I get an error in the /var/log/secure about pam not able to find any information about my user. I went and edited the /etc/pam.d files to include pam_ldap.so, but still not luck, though now when I try to login, it asks for two passwords.
Here is the acl from slapd.conf:
access to attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=nssldap,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by self write
by anonymous auth
by * none
access to attrs=objectClass,entry,homeDirectory,uid,uidNumber,gidNumber,memberUid
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by * read
access to attrs=cn,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaLogonTime,sambaLogoffTime,sambaKickoff Time,sambaPwdCanChange,sambaPwdMustChange,sambaAcctFlags,displayName,sambaHomePath,sambaHomeDrive,sa mbaLogonScript,sambaProfilePath,description,sambaUserWorkstations,sambaPrimaryGroupSID,sambaDomainNa me,sambaMungedDial,sambaBadPasswordCount,sambaBadPasswordTime,sambaPasswordHistory,sambaLogonHours,s ambaSID,sambaSIDList,sambaTrustFlags,sambaGroupType,sambaNextRid,sambaNextGroupRid,sambaNextUserRid, sambaAlgorithmicRidBase,sambaShareName,sambaOptionName,sambaBoolOption,sambaIntegerOption,sambaStrin gOption,sambaStringListoption,sambaPrivilegeList
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by self read
by * none
access to dn.base="dc=cbi,dc=utsa,dc=edu"
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by * none
# probably need "by * read" for solaris
access to dn="ou=people,dc=cbi,dc=utsa,dc=edu"
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by * none
access to dn="ou=group,dc=cbi,dc=utsa,dc=edu"
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by * none
access to dn="ou=machines,dc=cbi,dc=utsa,dc=edu"
by dn="cn=samba,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by dn="cn=smbldap-tools,ou=DSA,dc=cbi,dc=utsa,dc=edu" write
by * none
access to *
by self write
by * read
I'm at my wits end. The setup was going good at this point, but then this. Any ideas?
Thanks