On Wed, 2013-08-28 at 00:30 +0200, Luca Olivetti wrote: > Al 27/08/13 23:56, En/na Gary Greene ha escrit: > > > If you set it up with '--use-rfc2307', nslcd needs configured as though it > > is talking to an SFU 3.5 DC. The RFC 2307bis attributes never add > > additional classes to the AD member objects, even in an SFU environment. > > Thank you, that gave me an hint: I added a > > filter passwd (objectclass=user) > > to /etc/nslcd.conf > > and that gave me the missing users. > I suppose I should add also a > > filter group (objectclass=group) > > for groups. > > Note that those filters are also, e.g. here > https://help.ubuntu.com/community/ADWin2k8KerberosLDAP > > but I overlooked them.
With recent versions of nslcd, neither of the filters are needed and serve only to slow down lookups. All that is needed is: uid nslcd gid nslcd uri ldap://your.f.q.d.n base dc=foo,dc=bar map passwd uid samAccountName map passwd homeDirectory unixHomeDirectory sasl_mech GSSAPI sasl_realm SOME.REALM krb5_ccname /tmp/nslcd.tkt hth to speed things up a little. Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
