[Samba] Problem: LDAP as idmap backend
Chris Osicki
osk at admin.swisscom-mobile.ch
Thu Aug 13 15:26:37 MDT 2009
Hi
I've just upgraded Samba on Solaris 10 from the bundled version (3.0.33)
to 3.4.0 and winbind don't want to cooperate with LDAP as idmap backend
anymore.
The smb.conf I use is:
[global]
workgroup = CORPROOT
netbios name = usonfs
security = domain
log level = 10
preferred master = no
bind interfaces only = yes
interfaces = usonfs
password server = sg000057.corproot.net sg1006z.corproot.net
winbind uid = 20000-21000
winbind gid = 20000-21000
winbind enum users = no
winbind enum groups = no
# Using ldap server as winbindd backend
idmap backend = ldap:ldap://usoldap01.swissptt.ch ldap:ldap://usoldap02.swissptt.ch
ldap admin dn = uid=idmapadm,ou=idmap,dc=swissptt,dc=ch
ldap idmap suffix = ou=idmap
ldap suffix = dc=swissptt,dc=ch
I compiled Samba myself: configure; make; make install.
It must be something obvious I'm overlooking I hope somebody could
point it out.
Running winbindd as:
/usr/local/samba/sbin/winbindd -d 3 -i -n
I see those messages:
[ 8286]: sid to uid S-1-5-21-796845957-1547161642-839522115-187984
idmap_init: using 'ldap' as remote backend
Failed to issue the StartTLS instruction: Connect error
Connection to LDAP server failed for the 1 try!
Failed to issue the StartTLS instruction: Connect error
Connection to LDAP server failed for the 3 try!
Failed to issue the StartTLS instruction: Connect error
Connection to LDAP server failed for the 5 try!
Failed to issue the StartTLS instruction: Connect error
Connection to LDAP server failed for the 7 try!
Thanks for your time.
Regards,
Chris
More information about the samba
mailing list