Trying to get Samba working with LDAP

Greg Dickie greg at discreet.com
Mon Mar 1 13:01:09 GMT 1999


Are you sure infmin is already in the smbpasswd file?

Greg

On 01-Mar-99 Tony Moran wrote:
> 
> On Thu, 25 Feb 1999, Martin Hofbauer Bacher Systems EDV wrote:
>> 
>> You have differences in  the "dn:"
>> 
>> dn: .... o=uk  in smb.conf
>> 
>> dn:  ....c=uk  in the LDAP -db
> 
> Thanks Martin, that was it - (doh) - the other differences were on
> purpose cos of my editing..  However, all is not solved :
> Smbpasswd still won't work.
> 
> If you can spot anything here, I'd be indebted..thanks,   Tony
> 
> 
> 
>###Start
> webemea# /usr/local/samba/bin/smbpasswd -D 10 infmin
> New SMB password:
> Retype new SMB password:
> Connected to LDAP server
> Searching in [sn=Samba, o=3Com GIS, c=uk] for
> [(&(uid=infmin)(objectclass=sambaAccount))]
> 1 matching entries found
> get: [uid] = [infmin]
> Retrieving account [infmin]
> get: [uidNumber] = [1001]
> get: [ntuid] = [1]
> get: [rid] = [2001]
> get: [lmPassword] = [1]
> get: [ntPassword] = [2]
> get: [pwdLastSet] = [35C11F1B]
> Connection closed
> pwdb_smb_map_names
> lookupsmbpwnam: unix user name infmin
> lookupsmbpwuid: unix uid 1001
> initialising map 
> lookupsmbpwuid: unix uid 1001
> sid_to_string returning S-1-5-21-1108334765-1890153664-4018903297-8193
> lookupsmbpwsid: nt sid S-1-5-21-1108334765-1890153664-4018903297-8193
> lookupsmbpwntnam: nt user name 1
> name '1' split into domain: and nt name:1'
> Failed to find entry for user infmin.
> Failed to change password entry for infmin
>###End
> 
> 
> 
> Heres the debug info from ldap - sorry about the length of it
> 
>###Start
> webemea# /etc/rc2.d/S101ldap
> slapd 1.2.0-Beta2 (Mon Feb 22 11:02:19 GMT 1999)
>         root at webemea:/usr/local/depot/ldap/servers/slapd
> slapd starting
> listening for connections on 3, activity on:
> before select active_threads 0
> select activity on 1 descriptors
> new connection on 5
> activity on:
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 40 contents:
> ber_dump: buf 0x5e548, ptr 0x5e548, end 0x5e570
>           current len 40, contents:
>         02 01 01  `  # 02 01 02 04 1c  c  n  =  M  a  n
>          a  g  e  r  , 20  o  =  3  C  o  m 20  G  I  S
>          , 20  c  =  u  k 80 00 
> do_bind
> do_bind: version 2 dn (cn=Manager, o=3Com GIS, c=uk) method 128
> ==> ldbm_back_bind: dn: CN=MANAGER,O=3COM GIS,C=UK
> dn2entry_r: dn: "CN=MANAGER,O=3COM GIS,C=UK"
> => dn2id( "CN=MANAGER,O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 0)
> <= dn2id NOID
> dn2entry_r: dn: "O=3COM GIS,C=UK"
> => dn2id( "O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> <= ldbm_cache_open (cache 0)
> <= dn2id 1
> => id2entry_r( 1 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 1)
> => str2entry
> <= str2entry 0x5eb38
> entry_rdwr_rlock: ID: 1
> <= id2entry_r( 1 ) (disk)
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 1
> send_ldap_result 0::
> ber_flush: 14 bytes to sd 5
>          0 0c 02 01 01  a 07 0a 01 00 04 00 04 00 
> listening for connections on 3, activity on: 5r
> before select active_threads 0
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 96 contents:
> ber_dump: buf 0x5e510, ptr 0x5e510, end 0x5e570
>           current len 96, contents:
>         02 01 02  c  [ 04 1a  s  n  =  S  a  m  b  a  ,
>         20  o  =  3  C  o  m 20  G  I  S  , 20  c  =  u
>          k 0a 01 01 0a 01 00 02 01 00 02 01 00 01 01 00
>         a0  , a3 0d 04 03  u  i  d 04 06  i  n  f  m  i
>          n a3 1b 04 0b  o  b  j  e  c  t  c  l  a  s  s
>         04 0c  s  a  m  b  a  A  c  c  o  u  n  t  0 00
>         (end)
> do_search
> SRCH "SN=SAMBA,O=3COM GIS,C=UK" 1 0    0 0 0
>     filter: (&(uid=INFMIN)(objectclass=SAMBAACCOUNT))
>     attrs:
> => ldbm_back_search
> using base "SN=SAMBA,O=3COM GIS,C=UK"
> onelevel_candidates: base: "SN=SAMBA,O=3COM GIS,C=UK"
> dn2entry_r: dn: "SN=SAMBA,O=3COM GIS,C=UK"
> => dn2id( "SN=SAMBA,O=3COM GIS,C=UK" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/dn2id.gdbm", 2, 600 )
> <= ldbm_cache_open (cache 0)
> <= dn2id 2
> => id2entry_r( 2 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> <= ldbm_cache_open (cache 1)
> => str2entry
> <= str2entry 0x5ea40
> entry_rdwr_rlock: ID: 2
> <= id2entry_r( 2 ) (disk)
> subtree_candidates: base: "SN=SAMBA,O=3COM GIS,C=UK" 
> => filter_candidates
> => list_candidates 0xa0
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "id2children" "=" "2" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2children.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 2)
> <= index_read 1 candidates
> <= ava_candidates 1
> <= filter_candidates 1
> => filter_candidates
> => list_candidates 0xa0
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "uid" "=" "INFMIN" )
> <= index_read 4 candidates (allids - not indexed)
> <= ava_candidates 4
> <= filter_candidates 4
> => filter_candidates
> => ava_candidates 0xa3
> => index_read( "objectclass" "=" "SAMBAACCOUNT" )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/objectclass.gdbm", 2,
> 600 )
> ldbm_cache_open (blksize 8192) (maxids 2046) (maxindirect 2)
> <= ldbm_cache_open (opened 3)
> <= index_read 1 candidates
> <= ava_candidates 1
> <= filter_candidates 1
> <= list_candidates 1
> <= filter_candidates 1
> listening for connections on 3, activity on: 5r
> before select active_threads 1
> <= list_candidates 1
> <= filter_candidates 1
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 2
> => id2entry_r( 3 )
> => ldbm_cache_open( "/usr/local/openldap/trial-slapd/id2entry.gdbm", 2,
> 600 )
> <= ldbm_cache_open (cache 1)
> => str2entry
> <= str2entry 0x5f828
> entry_rdwr_rlock: ID: 3
> <= id2entry_r( 3 ) (disk)
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => send_search_entry (uid=infmin, sn=Samba, o=3Com GIS, c=uk)
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> => acl_get: edn UID=INFMIN,SN=SAMBA,O=3COM GIS,C=UK
> ber_flush: 470 bytes to sd 5
>          0 82 01 d2 02 01 02  d 82 01 cb 04  &  u  i  d
>          =  i  n  f  m  i  n  , 20  s  n  =  S  a  m  b
>          a  , 20  o  =  3  C  o  m 20  G  I  S  , 20  c
>          =  u  k  0 82 01 9f  0 0f 04 03  u  i  d  1 08
>         04 06  i  n  f  m  i  n  0  " 04 02  c  n  1 1c
>         04 1a  I  n  f  o  r  m  a  t  i  o  n 20  S  e
>          r  v  i  c  e  s 20  A  d  m  i  n  0  ( 04 0b
>          d  e  s  c  r  i  p  t  i  o  n  1 19 04 17  3
>          C  o  m 20  W  I  S 20  A  d  m  i  n  i  s  t
>          r  a  t  i  o  n  0 13 04 09  u  i  d  n  u  m
>          b  e  r  1 06 04 04  1  0  0  1  0 12 04 09  g
>          i  d  n  u  m  b  e  r  1 05 04 03  1  0  1  0
>         0c 04 05  n  t  u  i  d  1 03 04 01  1  0 0d 04
>         03  r  i  d  1 06 04 04  2  0  0  1  0 12 04 08
>          g  r  o  u  p  r  i  d  1 06 04 04  2  0  0  0
>          0 11 04 0a  l  m  p  a  s  s  w  o  r  d  1 03
>         04 01  1  0 11 04 0a  n  t  p  a  s  s  w  o  r
>          d  1 03 04 01  2  0 18 04 0a  p  w  d  l  a  s
>          t  s  e  t  1 0a 04 08  3  5  C  1  1  F  1  B
>          0 1c 04 07  s  m  b  h  o  m  e  1 11 04 0f  \
>          \  s  a  m  b  a  1  \  i  n  f  m  i  n  0 10
>         04 09  h  o  m  e  d  r  i  v  e  1 03 04 01  Z
>          0 15 04 06  s  c  r  i  p  t  1 0b 04 09  l  o
>          g  o  n  .  b  a  t  0  $ 04 07  p  r  o  f  i
>          l  e  1 19 04 17  \  \  s  a  m  b  a  1  \  i
>          n  f  m  i  n  \  p  r  o  f  i  l  e  0 18 04
>         0c  w  o  r  k  s  t  a  t  i  o  n  s  1 08 04
>         06  t  m  o  r  a  n  0 1d 04 0b  o  b  j  e  c
>          t  c  l  a  s  s  1 0e 04 0c  s  a  m  b  a  A
>          c  c  o  u  n  t 
> <= send_search_entry
> ====> cache_return_entry_r
> entry_rdwr_runlock: ID: 3
> send_ldap_result 0::
> ber_flush: 14 bytes to sd 5
>          0 0c 02 01 02  e 07 0a 01 00 04 00 04 00 
> select activity on 1 descriptors
> activity on: 5r
> read activity on 5
> ber_get_next
> ber_get_next: tag 0x30 len 5 contents:
> ber_dump: buf 0x5d0e0, ptr 0x5d0e0, end 0x5d0e5
>           current len 5, contents:
>         02 01 03  B 00 
> do_unbind
> listening for connections on 3, activity on:
> before select active_threads 0
>###End
> 
> 
> 
> 
> 
> 
> Heres what I've got in my test Directory :
> 
>###Start
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' infmin
> ldap_search: Bad search filter
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' 'uid=infmin'
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk'
> 'objectClass=Samba'
> webemea# bin/ldapsearch -b 'sn=Samba, o=3Com GIS, c=uk' 'objectClass=*'
> webemea# bin/ldapsearch -b 'o=3Com GIS, c=uk' 'objectclass=*'
> o=3Com GIS, c=uk
> o=3Com GIS
> description=3Com GIS Europe at Hemel Hempstead
> objectclass=organization
> 
> sn=Samba, o=3Com GIS, c=uk
> sn=Samba
> description=GIS Samba Service Directory
> authority=Tony Moran <tony_moran at ayahuasca.net>
> objectclass=sn
> 
> uid=infmin, sn=Samba, o=3Com GIS, c=uk
> uid=infmin
> cn=Information Services Admin
> description=3Com WIS Administration
> uidnumber=1001
> gidnumber=101
> ntuid=1
> rid=2001
> grouprid=2000
> lmpassword=1
> ntpassword=2
> pwdlastset=35C11F1B
> smbhome=\\samba1\infmin
> homedrive=Z
> script=logon.bat
> profile=\\samba1\infmin\profile
> workstations=tmoran
> objectclass=sambaAccount
>###End

---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet logic
Montreal 
(514) 954-7171
greg at discreet.com



More information about the samba-technical mailing list