[Samba] Problem with "ldapsam:trusted = yes"
"M. Müller"
malte.mueller at ewetel.net
Fri Mar 25 13:58:24 GMT 2005
Hi,
either my question was dumb or nobody ever used that parameter. The
latter could be excluded easely: Does anybody sucessfully use
ldapsam:trusted = yes? If so, could you point out any difference between
your confgiguration and mine?
Thanks a lot,
Malte Mueller
M. Müller schrieb:
> Hi,
> I updated from 3.0.11 to 3.0.12 and tried the new ldapsam:trusted
> parameter. Alas smbd dies silently a second after startup.
> With debug level 2 I can't see any reason in the logfile. My smb.conf
> is (relevant part I hope):
> =================================
> [global]
> workgroup = BBS_XXX
> netbios aliases = fileserver revreselif
> passdb backend = ldapsam:ldap://localhost
> idmap backend = ldapsam:ldap://localhost
> ldap suffix = dc=bbs-xxx,dc=schule
> ldap user suffix = ou=accounts
> ldap group suffix = ou=groups
> ldap machine suffix = ou=hardware
> ldap idmap suffix = ou=idmap
> idmap uid = 40000-60000
> idmap gid = 40000-60000
> ldap admin dn = cn=root,dc=bbs-xxx,dc=schule
> ldap ssl = off
> #ldapsam:trusted = yes #smbd doesn't work with ldapsam:trusted
> = yes
> utmp = yes
> invalid users = @wheel, mail, daemon, adt
> interfaces = eth0
> bind interfaces only = yes
> log level = 2
> syslog = 0
> log file = /var/log/samba-%G.log
> getwd cache = yes
> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
> SO_RCVBUF=8192 SO_SNDBUF=8192
> keep alive = 60
> dead time = 50
> locking = yes
> map hidden = yes
> map archive = yes
> map system = yes
> security = user
> encrypt passwords = yes
> domain master = yes
> domain logons = yes
> preferred master = yes
> os level = 30
> time server = yes
> logon script = %U.cmd
> logon path =
> logon home =
> logon drive = p:
> load printers = yes
> printing = cups
> printcap name = cups
> dos charset = 850
> unix charset = ISO-8859-15
> display charset = ISO-8859-15
> =================================
>
> All acounts samba should know have a posixAccount and sambaSamAccount
> e.g.:
> ======================
> dn: uid=administrator,ou=accounts,dc=bbs-xxx,dc=schule
> displayName: administrator
> mailLocalAddress: administrator at fileserver.bbs-xxx.schule
> objectClass: posixAccount
> objectClass: account
> objectClass: mailRecipient
> objectClass: spezifikumUser
> objectClass: sambaSamAccount
> sambaLogonTime: 0
> sambaHomeDrive: P:
> uid: administrator
> mail: administrator@<official-mail-address>
> uidNumber: 5471
> cn: administrator
> cn: M. Mueller
> cn:: TS4gTcO8bGxlcg==
> sambaLogoffTime: 2147483647
> mailDeliveryOption: accept
> loginShell: /bin/bash
> gidNumber: 501
> description: Administrator
> homeDirectory: /home/lehrer/administrator
> sambaKickoffTime: 2147483647
> sambaHomePath: \\fileserver\administrator
> script: if not exist t: net use t: \\revreselif\treiber
> sambaPrimaryGroupSID: S-1-5-21-1091375802-1471697927-1951840895-2003
> sambaSID: S-1-5-21-1091375802-1471697927-1951840895-512
> sambaAcctFlags: [U ]
> mailAlternateAddress: mamue at fileserver
> sambaPwdMustChange: 2147483647
> sambaPasswordHistory:
> 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaPwdCanChange: 1108028782
> sambaPwdLastSet: 1108028782
> ======================
> Neither root, nor the ldap-manager do have their account in the
> directory (doesn't make sense i believe). Besides that, samba is
> running flawlessly, but I always had some perfomance problems due to
> large groups so i wondered if ldapsam:trusted could help me.
> Nscd is not running, winbindd is not running. I tried both a self
> compiled samba and the binaries.
> System is SuSE9.2.
>
> Can anybody give me a hint what I could test to find the source of
> this problem?
>
> Thanks a lot,
> Malte Mueller
More information about the samba
mailing list