[Samba] ldapsam, Sun JES Directory Server, Solaris 9

Jason Signalness jason at btiadmin.net
Tue Jun 14 19:11:40 GMT 2005 

Tony Earnshaw wrote:

>tir, 14.06.2005 kl. 17.47 skrev Jason Signalness:
>  
>
>>Help!!  I'm struggling with ldapsam.
>>
>>I'm trying to configure Samba to use our LDAP directory (Sun's directory 
>>server) for the storage of Samba user accounts.  It already stores our 
>>unix system accounts.  I have successfully imported the schema file into 
>>our directory server and have compiled samba with the 
>>"--prefix=/opt/btifs/samba --with-ldapsam" options.  I did not notice 
>>any errors during compile.
>>
>>When I go to start Samba (smbd -D), the daemon dies quickly and this 
>>error is written to the log:
>>
>>  smbd version 3.0.14a started.
>>  Copyright Andrew Tridgell and the Samba Team 1992-2004
>>[2005/06/14 09:09:02, 0] passdb/pdb_interface.c:make_pdb_methods_name(721)
>>  No builtin nor plugin backend for ldapsam_compat found
>>[2005/06/14 09:09:02, 1] passdb/pdb_interface.c:make_pdb_context_list(825)
>>  Loading ldapsam_compat failed!
>>
>>Here is my smb.conf file:
>>
>>[global]
>>        workgroup = BTIWG1
>>        netbios name = FS1V
>>        encrypt passwords = Yes
>>        allow trusted domains = No
>>        log level = 1
>>        guest account = nobody
>>        map to guest = Bad User
>>#       passdb backend = ldapsam:ldap://ce.btinet.net
>>#       ldap admin dn = cn=Directory Manager
>>#       ldap suffix = ou=People,o=tildebob.com,o=usergroups
>>    
>>
>
>Why did you comment out all the stuff you need?
>
>Even if you hadn't, your ldap admin dn = cn=Directory Manager wouldn't
>work, it's not qualified with the rest of the suffix.
>
>Also, the ldap suffix is probably wrong. In fact, your whole DIT is
>probably incorrectly implemented :(
>
>You'd also be missing the machine, group and user suffixes, unless
>they're under the ldap suffix.
>
>--Tonni
>
>--
>  
>

You are right, our "test" LDAP DIT is a little messy, and is not 
organized like our production directories at the moment.  But it should 
work.  And yes our users and groups are under the "ldap suffix" in the DIT.

Here is an updated smb.conf file that has what I believe are the correct 
options:

[global]
        workgroup = BTIWG1
        netbios name = FS1V
        encrypt passwords = Yes
        allow trusted domains = No
        log level = 1
        guest account = nobody
        map to guest = Bad User
        passdb backend = ldapsam:ldap://ce.btinet.net
        ldap admin dn = uid=smbadmin,ou=People,o=btidemo.net,o=usergroups
        ldap suffix = ou=People,o=admins,o=usergroups

smbd still dies immediately with the errors:

  smbd version 3.0.14a started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2005/06/14 14:01:58, 0] passdb/pdb_interface.c:make_pdb_methods_name(721)
  No builtin nor plugin backend for ldapsam found
[2005/06/14 14:01:58, 1] passdb/pdb_interface.c:make_pdb_context_list(825)
  Loading ldapsam:ldap://ce.btinet.net failed!

Thanks,
Jason

More information about the samba mailing list