I have OES LX sp2 installed with Novell Samba enabled. I've noticed a
few problems that I need to get past as I'm trying to integrate the
Tobit David Mail server to use eDirectory authentication for its mail

Problem 1: samba-windbind
I've noticed an apparent problem with the basic installation. Although I
followed the documentation, I could not create a map to a samba share
until I installed the samba-windbind package from the OES install CDs. I
also cannot manage the Samba server without this package installed. Is
this a known problem or do I have "special" installation CDs?

Problem 2: root user and samba
In order to administer the Tobit mail server, I need to map a samba
share to a windows client using the "root" user. The root user does not
seem to be samba enabled on the default OES installation, and my
attempts to enable it using "smbpasswd -a root" fail. I get an error
message referencing an LDAP error and saying that the "root" user cannot
be found in the base LDAP (eDir)context. If I try to manage the Samba
Server in Yast, to make sure all the configurations are correct (I don't
change anything, just click "finish"), I receive an error message also
stating that the "root" user cannot be enabled. If I edit the smb.conf
file and change the "passdb backend" entry, listing "smbpasswd" before
the "NDSldapsam" entry, then the "smbpasswd -a root" command seems to
work, but the error mesage still appears in the Samba configuration in Yast.

Both of these problems are minor and I can work around them. Where I
really get stuck is the following:

Problem 3: setting up mail users
Tobit mail relies on samba being installed properly and when a mail user
is created in the mail system, it looks to see if the user exists on the
linux server (locally or via ldap). If the user exists, a file system
structure is created with that user as owner. The mail client expects
that a samba share for that user is available for the client to function
properly. My problem is that the mail server does not recognize that the
linux-enabled eDirectory users (who are also samba-enabled) are
available to the system. If I use Yast to look at the available users
and groups, I also cannot see the eDirectory users, even when I use the
LDAP filter and tell YAST the login password for the LDAP server. I
suspect, that if I cannot see the eDir users in Yast, then the mail
server cannot see them as well.

I have tried the following with mixed results:

In Yast I configure the LDAP Client to point to my eDirectory server
(basically I just change the default base context from the default AD
configuration entry to the base eDir context, using LDAP notation of
course) and enable LDAP authentication. I've had two different outcomes
to this action:
1. LDAP authentication to eDirectory is completely broken and I don't
know how to fix it. This is the worst case. Can anyone tell me how
reestablish the authentication to eDir? If configuring the LDAP Client
in YAST breaks the OES LDAP/eDir authentication, why is there no
warning of this? Restoring the LDAP client configuration back to the
original state also does not fix the problem. Starting the Novell OES
LDAP Authentication Configuration in YAST also doesn't help. All you can
do there is set the eDir LDAP context and change a password if you want.

2. if authentication does not break, then searching for users in YAST
using the LDAP filter yields all linux-enabled users and groups in eDir,
but these users and groups get imported into the local users and groups
lists and a local login to the linux server yields the following prompt:
"I have no name@linusserver>:" Also, when the OES server boots to
Runlevel 5, it automatically logs in to a desktop as user "". No login
screen, no password, nothing. The upside, is that the mail server is now
able to set up the users (presumably because they appear locally, but
I don't know what else broken in this scenario.

Can anyone explain how the LDAP client modules work/don't work in
relation to the OES LDAP authentication model? If I get this to work,
then I can use OES with LUM to manage the email server. If not, then I
have to use SLES9 without LUM and deal with seperate samba / edirectory
password management (not happy).
Thanks for your help.