On Wed, 2006-01-18 at 18:57 -0600, Oscar A. Valdez wrote:
El mié, 18-01-2006 a las 15:24 -0600, Oscar A. Valdez escribió:
> El lun, 16-01-2006 a las 18:01 -0600, Oscar A. Valdez escribió:
> > El sáb, 14-01-2006 a las 23:08 -0700, Craig White escribió:
> > > If you are going to use a tool like the PADL migration tool
> > > (migrate_passwd.pl), obviously you aren't going to get attributes
beyond
> > > the posixAccount stuff. Samba has some tools - smbldap-tools which can
> > > attributes for the samba-schema...
> >
> > Thanks for your response. I'm going to read the "SMB LDAP PDC
Howto"
> > found at
http://samba.idealx.org/samba-ldap-howto.pdf. It's by the folks
> > who put together the smbldap-tools.
>
> Do the smbldap-tools work "out of the box" with the Fedora Directory
> Server? They're not tailored too tightly to OpenLDAP?
To answer my own question: they seem to work with FDS. I just installed
them, and tried the smbldap-passwd command on a test account. The error
I get seems to be a permissions error:
Unable to change password: Insufficient 'write' privilege to the
'userPassword' attribute of entry
'uid=ovaldez,ou=people,dc=duraflex,dc=com,dc=sv'
Any ideas on how to fix this?
----
sure - you need to use a dn with sufficient access...
i.e. cn=Directory Manager
or by default, uid=ovaldez,ou=people,dc=duraflex,dc=com,dc=sv should
have sufficient access to the userPasswd attribute
you probably want to create a 'super user' account which can change all
entries in 'dc=duraflex,dc=com,dc=sv' tree (see ACi) and set that to be
the user that is 'ldap admin' in smb.conf and in smbldap-tools.
Craig