Antwort: Re: [Samba] Getting samba ldap to work?

Mathias.Wohlfarth at mw-eb.de Mathias.Wohlfarth at mw-eb.de
Wed Jan 19 17:16:42 GMT 2005 

Hi,
happy to see AIX here. We mostly get no answers here.
I will try:
The key message is No builtin nor plugin backend for ldapsam found
configure did not find the ldap modules and includes.

befor starting configure set the following environment variables:
export CPPFLAGS="-I<your path to the ldap include files>
export LDFLAGS="-L<your path to the ldap loadmodules>
do not use --with-ldapsam for configure, this add support for backlevel

we are using openldap and not the IBM LDAP and had problems to compile 
loadable modules for ldap. So we compiled samba with static modules wich 
requires
--- configure 4 Jan 2005 15:36:26 -0000 1.1.1.1
+++ configure 4 Jan 2005 15:51:48 -0000 1.2
@@ -332,6 +332,7 @@ srcdir=
 verbose=
 x_includes=NONE
 x_libraries=NONE
+LDAP_LIBS="-llber -lldap -lssl -lcrypto"

 # Installation directory options.
 # These are left unexpanded so users can "make install exec_prefix=/foo"

I can send you the compiled binaries (13 MB for smbd and nmbd, 12 MB for 
swat and winbindd - we don't use - so not tested) smbd also contains a fix 
to change the password on AIX (does not work by default) and better 
performance when samba internaly switches the userid.
 
Mathias Wohlfarth EDV-Beratung
Thomas-Mann-Str.1
53111 Bonn
Tel.    0172 / 53 45 591
        01801 / 777 555 33 01
Fax     0228 / 9469181
Email   mathias.wohlfarth at mw-eb.de




Roberto Morelli <r.morelli at usl11.toscana.it>
Gesendet von: samba-bounces+mathias.wohlfarth=mw-eb.de at lists.samba.org
19.01.2005 17:10
Bitte antworten an Roberto Morelli
 
        An:     Tim Tyler <tyler at beloit.edu>, "samba at lists.samba.org" 
<samba at lists.samba.org>
        Kopie: 
        Thema:  Re: [Samba] Getting samba ldap to work?



----- Messaggio Originale -----
OGGETTO:Â [Samba] Getting samba ldap to work?
DA: Â Tim Tyler 
A:Â 
DATA:Â 19-01-2005 16:46

Hi Tim,

   Samba experts,
    I am having problems getting samba 3.0.8 working with ldap 
authentication on an aix 5.1 system.   I have successfully gotten
ldap to 
work with telnet, ftp, ssh, finger, etc.   But, I seem to be really
stuck 
on getting samba to work for some reason.   I am running my ldap
server on 
another host (Debian).  I did enter in a samba schema into the
slapd.conf 
file.   I have both opendlap and nss_ldap installed on the aix
server, 
though I am not sure if samba even tries to use them or not.
  Questions:
1. Does samba use openldap or nss_ldap?

I think that Samba needs an ldap client to connect to server ldap, if
your ldap server (on Debian host) is OpenLDAP you need to install and
use
succesfully OpenLDAP client on Samba Server (nss_ldap is not
necessary in this phase).
 
2. Should I consider using pam support?  If so, do I need to
recompile 
samba for pam support?

I think that pam support is not necessary in this contest and for
your specific problem.

3. I notice that some people configure their smb.conf file to use
ldap 
server or passdb backend =.  Which should I be using?
#      passdb backend = ldapsam:"ldap://lincon.beloit.edu"

         ldap suffix        = "ou=People,dc=lincon,dc=beloit,dc=edu"

I suggest  this value for ldap suffix
ldap suffix = "dc=lincon,dc=beloit,dc=edu" if your accounts are in
"ou=People,dc=lincon,dc=beloit,cd=edu" subtree 

         ldap admin dn      = "cn=admin,dc=lincon,dc=beloit,dc=edu"
#       ldap port          = 389
         ldap server        = 144.89.254.9
         ldap ssl           = no
         ldap machine suffix = ou=Machine
         ldap user suffix = ou=People
         ldap group suffix = ou=Group

NOTE: When I use passdb backend, I never get a prompt to login with
my 
username and password.  It simply fails stating their is no backend.
    [2005/01/18 14:54:05, 0]
passdb/pdb_interface.c:make_pdb_methods_name(664)
   No builtin nor plugin backend for ldapsam found
[2005/01/18 14:54:05, 1]
passdb/pdb_interface.c:make_pdb_context_list(765)
   Loading ldapsam:ldap://lincon.beloit.edu failed!
[2005/01/18 14:54:05, 0]
passdb/pdb_interface.c:make_pdb_methods_name(664)
   No builtin nor plugin backend for ldapsam found
[2005/01/18 14:54:05, 1]
passdb/pdb_interface.c:make_pdb_context_list(765)
   Loading ldapsam:ldap://lincon.beloit.edu failed!

If you have ldap client installed, be sure that your configure line
of Samba (if you have build from source) have -with-ldapsam switch

  When I comment out that and use the ldap server line (with ldap
port 
commented out), I get a prompt, but get these errors in the logs:
2005/01/18 15:20:11, 1] lib/util_sock.c:get_peer_name(959)
   Gethostbyaddr failed for 144.89.40.114
[2005/01/18 15:20:12, 1] lib/util_sock.c:get_peer_name(959)
   Gethostbyaddr failed for 144.89.40.114

In this test you can try to change this line
ldap server = 144.89.254.9
with 
ldap server = lincon.beloit.edu
if you have (as you hope) a DNS or host resolution for this name.

I feel like its not really getting to the point of inquiring for a 
username, etc.  Any suggestions are much appreciated! -thanks
  Tim

I hope these suggestions may help you.
Bye 

Roberto Morelli
Azienda U.S.L. 11 
Empoli (FI)
Tim Tyler
Network Engineer - Beloit College
tyler at beloit.edu 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list