Trying to get Samba working with LDAP
Martin Hofbauer Bacher Systems EDV
mh at bacher.at
Thu Feb 25 21:34:20 GMT 1999
You have differences in the "dn:"
dn: .... o=uk in smb.conf
dn: ....c=uk in the LDAP -db
^
but also, there must be diffent levels of information, that
you have provided us:
o=3Com GIS, in the output of smbpasswd ( derived from smb.conf )
o= GIS, in smb.conf
o=SWAT GIS in the slapd log
-------------------------------------------------------------------
Martin Hofbauer IT-Consulting
phone : +43 (1) 60 126-34 Bacher Systems EDV GmbH
fax : +43 (1) 60 126-4 Wienerbergstr. 11B
e-mail: mh at bacher.at A-1101 Vienna, Austria
--
On Fri, 26 Feb 1999, Tony Moran wrote:
>
> Hi, I'm running CVS Samba [2.1.0-prealpha] on Solaris 2.6 [gcc 2.8.1]
> and OpenLDAP 1.2 +GDBM, both of which are now running fine, I just
> have problems trying to get them working together.. Apart from
> the LDAP Support in Samba document at openldap.org I'm mostly in the
> dark..
>
> Below are the smb.conf entries for LDAP, what my LDAP tree looks
> like and the error responses from trying to change the password
> of a sambaAccount uid with smbpasswd. I've entered a dummy password
> into the LDAP sambaAccount entry, and am trying to enter the right one
> with smbpasswd. Possibly I'm just missing something basic in what I'm
> trying to do... in any case, any help is much appreciated, and
> I'll certainbly do a write up of this whole process soon as I get
> it right.
>
> Thanks, Tony
>
>
>
> Firstly heres what smbpasswd spits back at me with Debug level -10
>
> webemea# /usr/local/samba/bin/smbpasswd -D 10 infmin
> New SMB password:
> Retype new SMB password:
> Connected to LDAP server
> Searching in [sn=Samba, o=3Com GIS, o=uk] for
> [(&(uid=infmin)(objectclass=sambaAccount))]
> search: No such object
> 0 matching entries found
> Connection closed
> pwdb_smb_map_names
> Failed to find entry for user infmin.
> Failed to change password entry for infmin
>
>
>
> Here's some of the debug info from slapd that comes upat the same time
> (sorry about the voluminousness of this)
>
>
>
> elect activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 40 contents:
> ber_dump: buf 0x5f610, ptr 0x5f610, end 0x5f638
> current len 40, contents:
> 02 01 01 ` # 02 01 02 04 1c c n = M a n
> a g e r , 20 o = 20 G I S, 20 o = u k 80 00
> do_bind
> do_bind: version 2 dn (cn=Manager, o=GIS, o=uk) method 128
> send_ldap_result 0::
> ber_flush: 14 bytes to sd 5
> 0 0c 02 01 01 a 07 0a 01 00 04 00 04 00
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 96 contents:
> ber_dump: buf 0x5f748, ptr 0x5f748, end 0x5f7a8
> current len 96, contents:
> 02 01 02 c [ 04 1a s n = S a m b a ,
> 20 o = S w a t 20 G I S , 20 o = u
> k 0a 01 01 0a 01 00 02 01 00 02 01 00 01 01 00
> a0 , a3 0d 04 03 u i d 04 06 i n f m i
> n a3 1b 04 0b o b j e c t c l a s s
> 04 0c s a m b a A c c o u n t 0 00
> (end)
> do_search
> SRCH "SN=SAMBA,O=GIS,O=UK" 1 0 0 0 0
> filter: (&(uid=INFMIN)(objectclass=SAMBAACCOUNT))
> attrs:
> send_ldap_result 32::
> ber_flush: 14 bytes to sd 5
> 0 0c 02 01 02 e 07 0a 01 20 04 00 04 00
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 5 contents:
> ber_dump: buf 0x5d450, ptr 0x5d450, end 0x5d455
> current len 5, contents:
> 02 01 03 B 00
> do_unbind
>
>
>
>
>
> My smb.conf:
>
> [global]
>
> ldap suffix = "cn=Samba o=GIS, o=uk"
> ldap bind as = "cn=Manager, o=GIS, o=uk"
> ldap passwd file = /usr/local/samba/private/ldappasswd
> ldap server = localhost
> ldap port = 389
>
> My LDAP data so far :
>
> I've set up my Directory in stages, using ldapadd.
>
> firstly I created the database and root using an input file of:
>
> dn: o=GIS, c=uk
> o: GIS
> description: GIS Company Services
> objectClass: organization
>
> Then secondly I ran ldapadd on :
>
> dn: sn=Samba, o=GIS, c=uk
> sn: Samba
> description: GIS Samba Service Directory
> authority: Tony Moran <tony_moran at ayahuasca.net>
> objectClass: sn
>
> and finally to enter my first Samba uid [Scheme taken from 'OpenLDAP
> Support in Samba' i used :
>
> dn: uid=infmin, sn=Samba, o=GIS, c=uk
> uid: infmin
> cn: Information Services Admin
> description: WIS Administration
> uidNumber: 1001
> gidNumber: 101
> rid: 2001
> grouprid: 2000
> lmPassword: 1
> ntPassword: 2
> pwdLastSet: 35C11F1B
> smbHome: \\samba1\infmin
> homeDrive: Z
> script: logon.bat
> profile: \\samba1\infmin\profile
> workstations: tmoran
> objectClass: sambaAccount
>
> All the additions to the Directory seem to pass without any problems and
> ldapsearches work fine thus :
>
> webemea# ldapsearch -h localhost -b "o=GIS, c=uk" \
> webemea# 'objectclass=sambaAccount' infmin
>
> uid=infmin, sn=Samba, o=GIS, c=uk
>
>
> Most of the information in my infmin account is dummy info - I just wanna
> see if I can get Samba communicating/authenticating via LDAP.
>
>
> Finally, this is my slapd.conf, which seems ok..
>
> pidfile /usr/local/openldap/var/slapd.pid
> argsfile /usr/local/openldap/var/slapd.args
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> database ldbm
> suffix "o=GIS, c=uk"
> directory /usr/local/openldap/trial-slapd
> rootdn "cn=Manager, o=GIS, c=uk"
> rootpw secret
>
>
>
>
>
>
More information about the samba-technical
mailing list