On Oct 19, 2011, at 8:16 AM, Al wrote: > This isn't what I was talking about ... Let me be a little more specific ... I've got an openldap system configured, just need to setup Samba to use openldap to allow them to access there shells via Windows Explorer. They usually login via SSH, but want to have the ability to copy things over to the Windows without using SFTP. ---- I can't see how that actually matters because you want them to gain access to the samba server using their accounts and samba requires both a POSIX & a SAMBA user and the logical place for a SAMBA user is to have their SAMBA attributes in the same LDAP record. At that point, they could easily mount a SAMBA share on their Windows box using the same account (though Windows passwords use a Windows compatible hashed password). Basically, the user account in LDAP has both POSIX & SAMBA attributes including userPassword (POSIX) and sambaNTPassword (SAMBA) and group memberships that may be one or both (though I tend to create groups that are both). The easiest way to demonstrate is to use my own setup... # ldapsearch -x '(uid=craig)' -D uid=craig,ou=people,dc=azapple,dc=com -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=azapple,dc=com> (default) with scope subtree # filter: (uid=craig) # requesting: ALL # # craig, people, azapple.com dn: uid=craig,ou=people,dc=azapple,dc=com sambaPwdMustChange: 2147483647 labeledURI: http://linuxserver/horde/kronolith/fb.php?c=craig sambaSID: S-1-5-21-1423820788-2381578139-XXXXXXXXXX-1000 calFBURL: http://srv2.azapple.com/horde/kronolith/fb.php?c=craig sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 displayName: Craig White sambaMungedDial: 1 shadowMax: 99999 sambaLogonScript: logon.bat sambaProfilePath: \\SRV2\profiles\craig cn: Craig White uidNumber: 1000 shadowWarning: 7 sambaPrimaryGroupSID: 1423820788-2381578139-XXXXXXXXXX-513 sambaAcctFlags: [U ] gecos: Craig White shadowLastChange: 15199 sambaPwdLastSet: 1313206319 mail: craig at azapple.com userPassword:: REMOVED... sambaLMPassword: REMOVED uid: craig sambaPwdCanChange: 1313206319 sambaHomePath: \\SRV2\homes\craig homeDirectory: /home/craig description: Craig is a local user objectClass: posixAccount objectClass: shadowAccount objectClass: person objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: top objectClass: calEntry gidNumber: 100 sambaDomainName: AZAPPLE givenName: Craig sambaHomeDrive: h: sambaNTPassword: REMOVED sn: White loginShell: /bin/bash # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1