Dies hier sollte ggf. nach Samba/MitLdapOhnePam verschoben werden:

Wenn also dieser Patch funktioniert und noch aktuell ist, mache das bitte.

--- passdb/pdb_ldap.c.old       2003-05-01 16:42:49.000000000 +0200
+++ passdb/pdb_ldap.c   2003-05-01 19:50:44.000000000 +0200
@@ -365,6 +365,76 @@
 /* New Interface is being implemented here */

 /**********************************************************************
+Initialize SAM_ACCOUNT from an LDAP query (unix attributes only)
+Backport from CVS SAMBA_3_0-Branch
+*********************************************************************/
+
+struct passwd* setup_pwret ( struct passwd * pass );
+
+static BOOL get_unix_attributes (LDAP *ldap_struct,
+                                SAM_ACCOUNT * sampass,
+                                LDAPMessage * entry)
+{
+        pstring  homedir;
+        pstring  temp;
+        uid_t uid;
+        gid_t gid;
+        char **ldap_values;
+        char **values;
+       struct passwd   sys_user;
+
+        if ((ldap_values = ldap_get_values (ldap_struct, entry, "objectClass")) == NULL) {
+                DEBUG (1, ("get_unix_attributes: no objectClass! \n"));
+                return False;
+        }
+
+        for (values=ldap_values;*values;values++) {
+                if (strcasecmp(*values, "posixAccount") == 0) {
+                        break;
+                }
+        }
+
+        if (!*values) { /*end of array, no posixAccount */
+                DEBUG(10, ("get_unix_attributes: user does not have posixAcccount attributes\n"));
+                ldap_value_free(ldap_values);
+                return False;
+        }
+        ldap_value_free(ldap_values);
+
+        if (!get_single_attribute(ldap_struct, entry, "homeDirectory", homedir))
+                return False;
+
+        if (!get_single_attribute(ldap_struct, entry, "uidNumber", temp))
+                return False;
+
+        uid = (uid_t)atol(temp);
+
+        if (!get_single_attribute(ldap_struct, entry, "gidNumber", temp))
+                return False;
+
+        gid = (gid_t)atol(temp);
+
+       // Disabled as this function is not used in 2.2
+       //pdb_set_unix_homedir(sampass, homedir);
+        pdb_set_uid(sampass, uid);
+        pdb_set_gid(sampass, gid);
+
+       // Kind of Hack, lets use the cache to override the missing local information
+
+       sys_user.pw_name="ffranz";
+       sys_user.pw_uid=uid;
+       sys_user.pw_gid=gid;
+       sys_user.pw_dir=homedir;
+       DEBUG(5, ("get_unix_attributes: Hack - Setting cache for homedir\n"));
+
+       //setup_pwret(&sys_user);
+       sys_setpwnam(&sys_user);
+
+        DEBUG(10, ("get_unix_attributes: user has posixAcccount attributes\n"));
+        return True;
+}
+
+/**********************************************************************
 Initialize SAM_ACCOUNT from an LDAP query
 (Based on init_sam_from_buffer in pdb_tdb.c)
 *********************************************************************/
@@ -506,13 +576,22 @@
        /* These values MAY be in LDAP, but they can also be retrieved through
         *  sys_getpw*() which is how we're doing it
         */
-       sys_user = sys_getpwnam(username);
-       if (sys_user == NULL) {
-               DEBUG (2,("init_sam_from_ldap: User [%s] does not ave a uid!\n", username));
-               return False;
+       if (!get_unix_attributes(ldap_struct, sampass, entry))
+       {
+               sys_user = sys_getpwnam(username);
+               if (sys_user == NULL) {
+                       DEBUG (2,("init_sam_from_ldap: User [%s] does not ave a uid!\n", username));
+                       return False;
+               }
+               else
+               {
+                       pdb_set_uid(sampass, sys_user->pw_uid);
+                       pdb_set_gid(sampass, sys_user->pw_gid);
+                       free(sys_user);
+               }
+
        }

-
        /* FIXME: hours stuff should be cleaner */

        logon_divs = 168;
@@ -543,8 +622,6 @@
        pdb_set_hours_len(sampass, hours_len);
        pdb_set_logon_divs(sampass, logon_divs);

-       pdb_set_uid(sampass, sys_user->pw_uid);
-       pdb_set_gid(sampass, sys_user->pw_gid);
        pdb_set_user_rid(sampass, user_rid);
        pdb_set_group_rid(sampass, group_rid);

--- lib/system.c.old    2003-05-01 20:37:30.000000000 +0200
+++ lib/system.c        2003-05-01 19:54:11.000000000 +0200
@@ -744,6 +744,11 @@
        endpwent();
 }

+void sys_setpwnam(struct passwd* sys_user)
+{
+       setup_pwret(sys_user);
+}
+
 /**************************************************************************
  Wrapper for getpwnam(). Always returns a static that can be modified.
 ****************************************************************************/

Obiger Patch ermöglicht samba 2.2.3 mit ldap ohne pam zu nutzen. (Und ohne den meiner Meinung nach eher Hack mit adduser-on-the-fly)

configure mit --with-ldap --with-ldap-sam

OHNE: --with-pam

cu

Fabian :-)

FabianFranz%SambaPatch (zuletzt geändert am 2007-12-23 22:45:15 durch localhost)