05-29-2008
haha thanks guys but I only need the Sun One...
melanie_pfefer pls kindly enlighten me on this - if I tar up my secondary ldap directory, reformat my primary ldap server, then untar the secondary ldap into my primary, then change the hostname in the config file, would my primary ldap server works? Or I need to export the db first, re-install my primary, then import back the db?
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am running iPlanet 6 on HP-UX 11, and presently all users can access the site.
There are 6000 users accessing the website from an Windows Network. I would like users to access the site, but would also like to log user ID's in the access log, without prompting users for an ID/Password.
Is... (1 Reply)
Discussion started by: shuterj
1 Replies
2. UNIX for Advanced & Expert Users
Hi all,
I experienced a problem when making a LDAP search from Unix Netscape or Unix Mozilla adressbooks into my Active Directory LDAP db for email addresses.
I add my Domain Controller hostname and the LDAP root dir to search in.
For example:
Name: AD
LDAP server: gullvi
Search Root:... (0 Replies)
Discussion started by: tonlu
0 Replies
3. UNIX and Linux Applications
Hi there just wondering if anyone can help me on SunOne Directory? I have some problem with ldapcmp comparing 2 subtrees wrt replication issue (0 Replies)
Discussion started by: xiaochensg
0 Replies
4. Solaris
I am need of some help in installing sunone Directory server in windows.I have done the following but i am unable to proceed further..I downloaded the sunone identity management suite and ran the setup.bat file to install it.. The installation proceeded with all the default selections made and the... (0 Replies)
Discussion started by: achilles14
0 Replies
5. UNIX for Advanced & Expert Users
Hello, I asked this question in the AIX subforum but never received an answer, probably because the AIX forum is not that heavily trafficked. Anyway, here it is..
I have never had any issues like this when compiling applications from source. When I try to compile samba-3.5.0pre2, configure runs... (9 Replies)
Discussion started by: raidzero
9 Replies
6. Red Hat
Hi Friends,
I need your help to get some solution of one of my problem.
Ours is a mixed domain. Most of the servers are windows and very little linux servers. We are using the MS AD for authentication. My problem is, I want to authenticate linux servers against AD. I donot want to use any... (1 Reply)
Discussion started by: arumon
1 Replies
7. Solaris
Hi, FYI, I'm new in Solaris
I'm trying to use Kerberos on authenticating LDAP Client with the Active Directory on Windows Server 2003 on both Solaris 10 5/08 and Solaris 10 9/10 by referring to the pdf file kerberos_s10.pdf available at sun official site.
... (0 Replies)
Discussion started by: chongzh
0 Replies
8. Shell Programming and Scripting
Hello Experts,
I have this specific requirment where i need to download/extract from AD (Firstname, LastName, etc) and upload the same to Ldap used by Zimbra mail server running on Suse Linux.
I know how to manually do that, but that is the not the solution. I am not yet sure on how to start... (3 Replies)
Discussion started by: Siddheshk
3 Replies
9. UNIX for Beginners Questions & Answers
Hi,
How can we check users added through LDAP or AD. Users added through a group of AD or LDAP group. (2 Replies)
Discussion started by: Nishit
2 Replies
LEARN ABOUT CENTOS
idmap_ldap
IDMAP_LDAP(8) System Administration tools IDMAP_LDAP(8)
NAME
idmap_ldap - Samba's idmap_ldap Backend for Winbind
DESCRIPTION
The idmap_ldap plugin provides a means for Winbind to store and retrieve SID/uid/gid mapping tables in an LDAP directory service.
In contrast to read only backends like idmap_rid, it is an allocating backend: This means that it needs to allocate new user and group IDs
in order to create new mappings.
IDMAP OPTIONS
ldap_base_dn = DN
Defines the directory base suffix to use for SID/uid/gid mapping entries. If not defined, idmap_ldap will default to using the "ldap
idmap suffix" option from smb.conf.
ldap_user_dn = DN
Defines the user DN to be used for authentication. The secret for authenticating this user should be stored with net idmap secret (see
net(8)). If absent, the ldap credentials from the ldap passdb configuration are used, and if these are also absent, an anonymous bind
will be performed as last fallback.
ldap_url = ldap://server/
Specifies the LDAP server to use for SID/uid/gid map entries. If not defined, idmap_ldap will assume that ldap://localhost/ should be
used.
range = low - high
Defines the available matching uid and gid range for which the backend is authoritative.
EXAMPLES
The following example shows how an ldap directory is used as the default idmap backend. It also configures the idmap range and base
directory suffix. The secret for the ldap_user_dn has to be set with "net idmap secret '*' password".
[global]
idmap config * : backend = ldap
idmap config * : range = 1000000-1999999
idmap config * : ldap_url = ldap://localhost/
idmap config * : ldap_base_dn = ou=idmap,dc=example,dc=com
idmap config * : ldap_user_dn = cn=idmap_admin,dc=example,dc=com
This example shows how ldap can be used as a readonly backend while tdb is the default backend used to store the mappings. It adds an
explicit configuration for some domain DOM1, that uses the ldap idmap backend. Note that a range disjoint from the default range is used.
[global]
# "backend = tdb" is redundant here since it is the default
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config DOM1 : backend = ldap
idmap config DOM1 : range = 2000000-2999999
idmap config DOM1 : read only = yes
idmap config DOM1 : ldap_url = ldap://server/
idmap config DOM1 : ldap_base_dn = ou=idmap,dc=dom1,dc=example,dc=com
idmap config DOM1 : ldap_user_dn = cn=idmap_admin,dc=dom1,dc=example,dc=com
NOTE
In order to use authentication against ldap servers you may need to provide a DN and a password. To avoid exposing the password in plain
text in the configuration file we store it into a security store. The "net idmap " command is used to store a secret for the DN specified
in a specific idmap domain.
AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
Source project similar to the way the Linux kernel is developed.
Samba 4.0 06/17/2014 IDMAP_LDAP(8)