I would like to use OPSI on my Samba+LDAP server. Samba can only use one user backend, so because I'm using LDAP I can't have the pcpatch and opsiconfd users stored locally. Instead I've manually put pcpatch and opsiconfd into LDAP, and tried to make the configuration correct ie. I've given them home directories of /var/lib/opsi and also added the opsiconfd user to the "opsiadmin" group in LDAP, and the "shadow" group in the local /etc/group file. After these changes I fix permissions with "opsi-setup --set-rights".
Question - Why does opsiconfd need read access to /etc/shadow? Does this mean OPSI doesn't use NSS and therefore can't look up shadow info from LDAP or other sources?
Things are obviously not working for me - I can't start opsiconfd. This is my error message :
# /etc/init.d/opsiconfd start
Starting opsi config service..No directory, logging in with HOME=/
.... (failed).
...I don't know how to proceed. Is it even possible?
Samba+LDAP
Re: Samba+LDAP
Hi,
we also use ldap as central user database for samba.
You need to have in LDAP:
* user pcpatch
* group pcpatch
* group opsiadmin
user opsiconfd should be a local (system) user (and samba do not need to know about this user)
does this help ?
regards
d.oertel
we also use ldap as central user database for samba.
You need to have in LDAP:
* user pcpatch
* group pcpatch
* group opsiadmin
user opsiconfd should be a local (system) user (and samba do not need to know about this user)
does this help ?
regards
d.oertel
Vielen Dank für die Nutzung von opsi. Im Forum ist unser Support begrenzt.
Für den professionellen Einsatz und individuelle Beratung empfehlen wir einen Support-Vertrag und eine Schulung.
Gerne informieren wir Sie zu unserem Angebot.
uib GmbH
Telefon: +49 6131 27561 0
E-Mail: sales@uib.de
Re: Samba+LDAP
Yes, that certainly did the trick. Thankyou very much for your time.