I've set up Samba on Ubuntu use LDAP, but it insists on using the host name for the sambaDomainName
query, instead of the configured workgroup, and so it fails to get the domain info.
If I set netbios name
to the workgroup name, then it works, but then the server shows up on the network with the workgroup name instead of the host name, which is not what I want.
I can query LDAP using ldapsearch
with the right sambaDomainName
, so I'm pretty sure that part is good.
I'm using Samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.2
Partial config:
[global]
security = domain
passdb backend = ldapsam:"ldap://ldap-server"
workgroup = MYGROUP
netbios name = HOSTNAME
I've tried with security=user
, and server role = standalone
but they make no difference. I don't have a Windows domain, just a workgroup and an LDAP server provided by JumpCloud (They have the Samba schema configured, and it works for all my other non-Samba LDAP clients).
Regardless of how I configure this I know I have other things to finish with the actual idmap setup, but AFAIK it won't make any difference unless it can properly query LDAP in the first place, thus the partial config above.
The missing config entries, which I found after digging through the samba source code, where:
[global] security = user domain logons = yes
That will make it use the
workgroup
config entry instead of thenetbios name
. Internally this is determined based on a combination of thesecurity
,domain logons
, andserver role
settings.server role
can be omitted from the config as the default will be valid with the two settings above.