[Samba] Samba 3.2 Ldap problem
Ernesto Silva
silva at ort.edu.uy
Wed Jul 2 00:16:56 GMT 2008
Hi,
I've running a samba 3.0.22-13.30 server in standalone mode (security=user) for quite a while. It's authenticated against an openLdap and works great, say Server A.
A few days ago I've installed OpenSuSE 11 Beta 2 in another server, it came with samba 3.2.0-18, so as I'm very lazy I copied the smb.conf file from the working server to the new one with little modifications like the netbios name and which shares it serves, say Server B. I'm connecting to the same Ldap server.
The problem is that I can't reach any share, from the Server B logs...
[2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:init_sam_from_ldap(567)
init_sam_from_ldap: No uid attribute found for this user!
[2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
ldapsam_getsampwnam: init_sam_from_ldap failed for user 'xxxxx'!
I've been "googleing" for the last 8 hours and I can't fix the problem, with a more verbose debug level I can see that the Ldap connection works fine. I've also checked the Ldap logs and everything is fine.
May be it's a problem with idmap-ing.
Here is my smb.conf file from the Server B, I've placed comments on lines which differ from the Server A and commented out lines I believe are not relevant to Server B.
-----------------------------------------------------------------
[global]
passdb expand explicit = no
utmp = Yes
workgroup = CPD
netbios name = OPEN # I've changed the
server string = File Server
passdb backend = ldapsam:ldap://ldapon.my.company
time server = Yes
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
username map = /etc/samba/smbusers
map to guest = Bad User
wins support = no # it's 'Yes' in the old server
local master = no # it's 'Yes' in the old server
domain master = no # it's 'Yes' in the old server
domain logons = no # it's 'Yes' in the old server
security = user
preferred master = no
os level = 64
encrypt passwords = yes
# logon script = test.bat
# logon path = \\%L\profiles\%U
# logon home = \\%L\%U
# logon drive = z:
# add user script = ldapsmb -a -u "%u"
# delete user script = ldapsmb -d -u "%u"
# add machine script = ldapsmb -a -s -wks "%u" -v --logfile /var/log/samba/ldapsmb.log
# add group script = ldapsmb -a -g "%g"
# delete group script = ldapsmb -d -g "%g"
# add user to group script = ldapsmb -j -u "%u" -g "%g"
# delete user from group script = ldapsmb -j -u "%u" -g "%g"
# set primary group script = ldapsmb -m -u "%u" -gid "%g"
ldap admin dn = cn=Manager,dc=my,dc=company
ldap suffix = dc=my,dc=company
ldap machine suffix = ou=Computers
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap user suffix = ou=People
ldap passwd sync = Yes
log file = /var/log/samba/%m.log
log level = 1
load printers = no
[www2]
comment = webpages
path = /path/to/webpages
public = no
writeable = yes
browseable = yes
valid users = +groupA +groupB
force user = www2
create mask = 0775
dont descend = /bin,/boot,/dev,/etc,/lib,.....
-----------------------------------------------------------------
Please, any ideas?
Best regards,
--
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: silva at ort.edu.uy
Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102
Fax: (+5982) 900-2952
More information about the samba
mailing list