Strange problem with samba and nss_ldap
Andrew Bartlett
abartlet at pcug.org.au
Wed Dec 5 13:16:01 GMT 2001
Andreas Moroder wrote:
>
> Hello,
>
> we are using samba on Suse Linux togheter with pam_ldap and nss_ldap.
>
> Whe a user logs in to the samba server we get the follwing error messae
>
> smbd: nss_ldap: could not search LDAP server - Bad search fi
> lter
>
> We change the sources of ldap_nns.c to show us what filter is wrong.
> Now we get
>
> Dec 5 13:01:12 mir smbd: nss_ldap: AM could not search LDAP server - (&(objectc
> lass=posixAccount)(uid=ADOM\ALI)) base:dc=sb-brixen,dc=it
>
> This was a login from smbclient on the same machine where samba runs.
>
> The question is why samba does add the domain to the uid ?
> ADOM is the domain and ALI is the user.
>
> The login works well and the users can work, but our log/messages gets full of
> this warnings.
>
> Is there a reason for this behaviour ?
Samba will attmept to lookup domain\username before just username to
work with winbind and some other 'domain member' configurations.
nss_ldap should be escaping the filter correctly, but as a quick
workarond just change the 'winbind seperator' in smb.conf to somthing
less problomatic.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list