[Samba] Fwd: Migrating server

Rob Thoman emailthomasrob at gmail.com
Thu Mar 1 06:05:36 UTC 2018 

Yes please for the notes.

I re-ran the tests without the smbldap-tools. I installed phpldapadmin and
am able to login to the apache page using the cn=admin, dn=mydomain and
create entries. This kind of tells me that LDAP is working

Then I run the pdbedit -Lv and it lists all the users.

The following happens when I add the LDAP bits to smb.conf and restart
samba.The issue seems to be with samba and ldap intergration. Just to
re-iterate we have samba 3.6. The following errors keeps coming up.

pdbedit -Lv
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=MYDOMAIN))]
smbldap_open_connection: connection opened
add_new_domain_info: failed to add domain dn=
sambaDomainName=MYDOMAIN,dc=mydomain with: Invalid DN syntax
        invalid DN
smbldap_search_domain_info: Adding domain info for MYDOMAIN failed with
NT_STATUS_UNSUCCESSFUL
pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the
domain
pdb_init_ldapsam: Continuing on regardless, will be unable to allocate new
users/groups, and will risk BDCs having inconsistent SIDs


         obey pam restrictions = no
        dns forwarder = 8.8.8.8
passdb backend = ldapsam:ldap://sam3dc.mydomain/
    ldap admin dn = cn=admin,dc=mydomain
  ldap group suffix = ou=Groups
  ldap idmap suffix = ou=Users
  ldap machine suffix = ou=Computers
  ldap passwd sync = yes
    ldap suffix = dc=mydomain
  ldap user suffix = ou=Users
ldap ssl = off
ldap passwd sync = yes

/etc/ldap/ldap.conf
BASE    dc=mydomain
URI     ldap://sam3dc.mydomain ldap://sam3dc.mydomain:666





On Thu, Mar 1, 2018 at 10:51 AM, Rob Thoman <emailthomasrob at gmail.com>
wrote:

> Yes please
>
> On Wed, Feb 28, 2018 at 9:34 PM, Rowland Penny via samba <
> samba at lists.samba.org> wrote:
>
>> On Wed, 28 Feb 2018 20:41:43 +1000
>> Rob Thoman via samba <samba at lists.samba.org> wrote:
>>
>> >
>> > root at sam3dc # smbldap-populate
>> > Use of qw(...) as parentheses is deprecated at /usr/share/perl5/
>> > smbldap_tools.pm line 1423, <DATA> line 522.
>> > Unable to open /etc/smbldap-tools/smbldap.conf for reading !
>> > Compilation failed in require at /usr/sbin/smbldap-populate line 30.
>> > BEGIN failed--compilation aborted at /usr/sbin/smbldap-populate line
>> > 30.
>> >
>>
>> The problem is that smbldap-tools appears to be a dead project, last
>> time I looked, it had disappeared from the internet.
>> That's the bad news, the good news is, you do not need it ;-)
>>
>> You have (in your smb.conf):
>>
>> ldapsam:trusted = yes
>> ldapsam:editposix = yes
>>
>> With these lines, Samba itself can admin ldap, I can provide you with
>> some notes I made last year when testing this very subject, interested ?
>>
>> >
>> >
>> > The file in question doesn't even exist. Any ideas?
>> >
>> > Also, in one of the samba list articles, I read that we'll need to run
>> > pdbedit -i tdbsam -e ldapsam to import the info from tdb to ldap.
>> > When do we do this one?
>>
>> Presumably, once you get your PDC up and running, the how is a
>> question I cannot answer ;-)
>>
>> Rowland
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>

More information about the samba mailing list