does ldapsam:trusted=yes really work?
Tomasz Chmielewski
mangoo at wpkg.org
Mon Jan 30 10:00:31 GMT 2006
According to smb.conf, with ldapsam:trusted=yes "Samba can completely
bypass the NSS system to query user information".
I thought I will give it a try, and removed "ldap" from
/etc/nsswitch.conf, leaving only files - to make sure NSS is really
bypassed:
passwd: files
shadow: files
group: files
Restarted Samba, tried to logon, and unfortunately:
User Administrator in passdb, but getpwnam() fails!
[2006/01/30 10:42:41, 0] auth/auth_sam.c:check_sam_security(327)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_NO_SUCH_USER'
[2006/01/30 10:42:41, 3] auth/auth_winbind.c:check_winbind_security(80)
check_winbind_security: Not using winbind, requested domain [MAGISTA]
was for this SAM.
[2006/01/30 10:42:41, 2] auth/auth.c:check_ntlm_password(317)
check_ntlm_password: Authentication for user [Administrator] ->
[Administrator] FAILED with error NT_STATUS_NO_SUCH_USER
Why does Samba still want to use NSS with "ldapsam:trusted=yes" in smb.conf?
Perhaps I need to do some more to use that feature?
I tried that on two different systems with Samba 3.0.20 and Samba 3.0.21a.
--
Tomasz Chmielewski
http://wpkg.org
More information about the samba-technical
mailing list