[Samba] Solaris 9 and secondary group info from LDAP
Sojka Reinhard
reinhard.sojka at parlinkom.gv.at
Thu Feb 5 19:00:27 GMT 2004
Hi,
we are running several test installations of Samba 3 on Solaris 8 and
Solaris 9. On Solaris 9, there is a strange behaviour in terms of
getting secondary group information from LDAP.
With later revisions of patch 112960, only /etc/group is interpreted,
but there is no query on the LDAP server for (Unix-) group information.
Here is a short overview about our results:
common configuration:
* OpenLDAP-Server
* native Sun LDAP-Client
* Samba 3.0.x (last: 3.0.2rc1) with LDAP support
* OpenLDAP Libraries
result:
* Solaris 8 with patch 108993-23 -> OK
* Solaris 9 no patches (=very first version) -> OK
* Solaris 9 with patch 112960-03 -> OK
* Solaris 9 with patch 112960-08 or higher -> no info about
secondary groups from LDAP server (no query in server
logs,
"truss" shows errors)
This behaviour can be watched very nicely in the LDAP server logs, and
if you do a truss on smbd with
truss -u '*' smbd -i
the result looks very similar to this one
http://lists.samba.org/archive/samba-technical/2003-December/033482.html
though he was using Samba 2.2.8a an the iPlanet Directory Server.
( I will provide logs and debug output if anybody is interested. )
Regarding the above test results, I have several questions
* Is this a know problem or bug?
* Or, at least, is it related to a know problem or bug (bug# 395) ?
* Is it possible to link Samba 3.0.x with Sun/Netscape LDAP libraries?
Had no luck with it, didn't find a workaround for the
missing ldap_initialize() and ldap_domain2hostlist.
* My impression is that there is something wrong with the interaction
OpenLDAP libs <-> Solaris libs. Is this assumption correct?
* Am I at the right place to ask for help? Is it better to ask the
people at OpenLDAP.org or, maybe, even at Sun?
Thanks,
Reinhard
--
Reinhard Sojka <reinhard.sojka at parlinkom.gv.at>
System- & Networkadmin
Parlamentsdirektion
+43 1 40110 2824
More information about the samba
mailing list