Trying to get Samba working with LDAP
Greg Dickie
greg at discreet.com
Mon Mar 1 13:01:09 GMT 1999
Are you sure infmin is already in the smbpasswd file?
Greg
On 01-Mar-99 Tony Moran wrote:
>
> On Thu, 25 Feb 1999, Martin Hofbauer Bacher Systems EDV wrote:
>>
>> You have differences in the "dn:"
>>
>> dn: .... o=uk in smb.conf
>>
>> dn: ....c=uk in the LDAP -db
>
> Thanks Martin, that was it - (doh) - the other differences were on
> purpose cos of my editing.. However, all is not solved :
> Smbpasswd still won't work.
>
> If you can spot anything here, I'd be indebted..thanks, Tony
>
>
>
>###Start
> webemea# /usr/local/samba/bin/smbpasswd -D 10 infmin
> New SMB password:
> Retype new SMB password:
> Connected to LDAP server
> Searching in [sn=Samba, o=3Com GIS, c=uk] for
> [(&(uid=infmin)(objectclass=sambaAccount))]
> 1 matching entries found
> get: [uid] = [infmin]
> Retrieving account [infmin]
> get: [uidNumber] = [1001]
> get: [ntuid] = [1]
> get: [rid] = [2001]
> get: [lmPassword] = [1]
> get: [ntPassword] = [2]
> get: [pwdLastSet] = [35C11F1B]
> Connection closed
> pwdb_smb_map_names
> lookupsmbpwnam: unix user name infmin
> lookupsmbpwuid: unix uid 1001
> initialising map
> lookupsmbpwuid: unix uid 1001
> sid_to_string returning S-1-5-21-1108334765-1890153664-4018903297-8193
> lookupsmbpwsid: nt sid S-1-5-21-1108334765-1890153664-4018903297-8193
> lookupsmbpwntnam: nt user name 1
> name '1' split into domain: and nt name:1'
> Failed to find entry for user infmin.
> Failed to change password entry for infmin
>###End
>
>
>
> Heres the debug info from ldap - sorry about the length of it
>
>###Start
> webemea# /etc/rc2.d/S101ldap
> slapd 1.2.0-Beta2 (Mon Feb 22 11:02:19 GMT 1999)
> root at webemea:/usr/local/depot/ldap/servers/slapd
> slapd starting
> listening for connections on 3, activity on:
> before select active_threads 0
> select activity on 1 descriptors
> new connection on 5
> activity on:
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 40 contents:
> ber_dump: buf 0x5e548, ptr 0x5e548, end 0x5e570
> current len 40, contents:
> 02 01 01 ` # 02 01 02 04 1c c n = M a n
> a g e r , 20 o = 3 C o m 20 G I S
> , 20 c = u k 80 00
> do_bind
> do_bind: version 2 dn (cn=Manager, o=3Com GIS, c=uk) method 128
> ==> ldbm_back_bind: dn: CN=MANAGER,O=3COM GIS,C=UK
> dn2entry_r: dn: "CN=MANAGER,O=3COM GIS,C=UK"
> => dn2id( "CN=MANAGER,O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 0)
> <= dn2id NOID
> dn2entry_r: dn: "O=3COM GIS,C=UK"
> => dn2id( "O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> <= ldbm_cache_open (cache 0)
> <= dn2id 1
> => id2entry_r( 1 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 1)
> => str2entry
> <= str2entry 0x5eb38
> entry_rdwr_rlock: ID: 1
> <= id2entry_r( 1 ) (disk)
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 1
> send_ldap_result 0::
> ber_flush: 14 bytes to sd 5
> 0 0c 02 01 01 a 07 0a 01 00 04 00 04 00
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 96 contents:
> ber_dump: buf 0x5e510, ptr 0x5e510, end 0x5e570
> current len 96, contents:
> 02 01 02 c [ 04 1a s n = S a m b a ,
> 20 o = 3 C o m 20 G I S , 20 c = u
> k 0a 01 01 0a 01 00 02 01 00 02 01 00 01 01 00
> a0 , a3 0d 04 03 u i d 04 06 i n f m i
> n a3 1b 04 0b o b j e c t c l a s s
> 04 0c s a m b a A c c o u n t 0 00
> (end)
> do_search
> SRCH "SN=SAMBA,O=3COM GIS,C=UK" 1 0 0 0 0
> filter: (&(uid=INFMIN)(objectclass=SAMBAACCOUNT))
> attrs:
> => ldbm_back_search
> using base "SN=SAMBA,O=3COM GIS,C=UK"
> onelevel_candidates: base: "SN=SAMBA,O=3COM GIS,C=UK"
> dn2entry_r: dn: "SN=SAMBA,O=3COM GIS,C=UK"
> => dn2id( "SN=SAMBA,O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> <= ldbm_cache_open (cache 0)
> <= dn2id 2
> => id2entry_r( 2 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> <= ldbm_cache_open (cache 1)
> => str2entry
> <= str2entry 0x5ea40
> entry_rdwr_rlock: ID: 2
> <= id2entry_r( 2 ) (disk)
> subtree_candidates: base: "SN=SAMBA,O=3COM GIS,C=UK"
> => filter_candidates
> => list_candidates 0xa0
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "id2children" "=" "2" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2children.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 2)
> <= index_read 1 candidates
> <= ava_candidates 1
> <= filter_candidates 1
> => filter_candidates
> => list_candidates 0xa0
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "uid" "=" "INFMIN" )
> <= index_read 4 candidates (allids - not indexed)
> <= ava_candidates 4
> <= filter_candidates 4
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "objectclass" "=" "SAMBAACCOUNT" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/objectclass.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 3)
> <= index_read 1 candidates
> <= ava_candidates 1
> <= filter_candidates 1
> <= list_candidates 1
> <= filter_candidates 1
> listening for connections on 3, activity on: 5r
> before select active_threads 1
> <= list_candidates 1
> <= filter_candidates 1
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 2
> => id2entry_r( 3 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> <= ldbm_cache_open (cache 1)
> => str2entry
> <= str2entry 0x5f828
> entry_rdwr_rlock: ID: 3
> <= id2entry_r( 3 ) (disk)
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => send_search_entry (uid=infmin, sn=Samba, o=3Com GIS, c=uk)
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> ber_flush: 470 bytes to sd 5
> 0 82 01 d2 02 01 02 d 82 01 cb 04 & u i d
> = i n f m i n , 20 s n = S a m b
> a , 20 o = 3 C o m 20 G I S , 20 c
> = u k 0 82 01 9f 0 0f 04 03 u i d 1 08
> 04 06 i n f m i n 0 " 04 02 c n 1 1c
> 04 1a I n f o r m a t i o n 20 S e
> r v i c e s 20 A d m i n 0 ( 04 0b
> d e s c r i p t i o n 1 19 04 17 3
> C o m 20 W I S 20 A d m i n i s t
> r a t i o n 0 13 04 09 u i d n u m
> b e r 1 06 04 04 1 0 0 1 0 12 04 09 g
> i d n u m b e r 1 05 04 03 1 0 1 0
> 0c 04 05 n t u i d 1 03 04 01 1 0 0d 04
> 03 r i d 1 06 04 04 2 0 0 1 0 12 04 08
> g r o u p r i d 1 06 04 04 2 0 0 0
> 0 11 04 0a l m p a s s w o r d 1 03
> 04 01 1 0 11 04 0a n t p a s s w o r
> d 1 03 04 01 2 0 18 04 0a p w d l a s
> t s e t 1 0a 04 08 3 5 C 1 1 F 1 B
> 0 1c 04 07 s m b h o m e 1 11 04 0f \
> \ s a m b a 1 \ i n f m i n 0 10
> 04 09 h o m e d r i v e 1 03 04 01 Z
> 0 15 04 06 s c r i p t 1 0b 04 09 l o
> g o n . b a t 0 $ 04 07 p r o f i
> l e 1 19 04 17 \ \ s a m b a 1 \ i
> n f m i n \ p r o f i l e 0 18 04
> 0c w o r k s t a t i o n s 1 08 04
> 06 t m o r a n 0 1d 04 0b o b j e c
> t c l a s s 1 0e 04 0c s a m b a A
> c c o u n t
> <= send_search_entry
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 3
> send_ldap_result 0::
> ber_flush: 14 bytes to sd 5
> 0 0c 02 01 02 e 07 0a 01 00 04 00 04 00
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 5 contents:
> ber_dump: buf 0x5d0e0, ptr 0x5d0e0, end 0x5d0e5
> current len 5, contents:
> 02 01 03 B 00
> do_unbind
> listening for connections on 3, activity on:
> before select active_threads 0
>###End
>
>
>
>
>
>
> Heres what I've got in my test Directory :
>
>###Start
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' infmin
> ldap_search: Bad search filter
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' 'uid=infmin'
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk'
> 'objectClass=Samba'
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' 'objectClass=*'
> webemea# bin/ldapsearch -b 'o=3Com GIS, c=uk' 'objectclass=*'
> o=3Com GIS, c=uk
> o=3Com GIS
> description=3Com GIS Europe at Hemel Hempstead
> objectclass=organization
>
> sn=Samba, o=3Com GIS, c=uk
> sn=Samba
> description=GIS Samba Service Directory
> authority=Tony Moran <tony_moran at ayahuasca.net>
> objectclass=sn
>
> uid=infmin, sn=Samba, o=3Com GIS, c=uk
> uid=infmin
> cn=Information Services Admin
> description=3Com WIS Administration
> uidnumber=1001
> gidnumber=101
> ntuid=1
> rid=2001
> grouprid=2000
> lmpassword=1
> ntpassword=2
> pwdlastset=35C11F1B
> smbhome=\\samba1\infmin
> homedrive=Z
> script=logon.bat
> profile=\\samba1\infmin\profile
> workstations=tmoran
> objectclass=sambaAccount
>###End
---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet logic
Montreal
(514) 954-7171
greg at discreet.com
More information about the samba-technical
mailing list