# Samba remote LDAP read-only



## leonetix (Sep 23, 2011)

Hi,

I am trying to get samba working with a remote ldap server. I only want to authenticate the users, I don't want the users to change their settings/passwords. I looked around but all the examples require having an LDAP Admin password which I don't have/need.

Any ideas?

Thanks,
~L


----------



## leonetix (Oct 7, 2011)

Just wanted to give a little more detail, so maybe it will be more useful.

I have a FreeBSD 8.2 machine that is used for backup that authenticates users over an external ldap server. It works fine with ssh/netatalk...

I would also like to set up samba for windows machines. I just want users to authenticate for their backups. I don't want them to be able to change their passwords,etc.. 

All the example configs involve giving read-write permissions for ldap authentication using secrets.tbd. I couldn't find any example that does read-only authentication.

Is it possible to do that?

Here is my ldapsearch output:

```
dn: xxxx
        objectClass: account
        objectClass: posixAccount
        objectClass: top
        objectClass: shadowAccount
        objectClass: sambaSamAccount
        uid: xxx
        cn: xxx
        loginShell: xxx
        uidNumber: xxx
        gidNumber: xxx
        homeDirectory: xxx
        gecos: xxx
        sambaSID: S-x-x-xx-xxx-xxx-xxxx
```

Thanks,
~L


----------

