Samba4 OpenLDAP backend

nitin bhadauria bhadauria.nitin at gmail.com
Tue Apr 27 06:42:49 MDT 2010 

Hi Andrew,

Now i have recompiled openldap with sasl support ..

ldd /usr/local/libexec/slapd
    linux-gate.so.1 =>  (0x00c5e000)
    libltdl.so.3 => /usr/lib/libltdl.so.3 (0x04ace000)
    libdl.so.2 => /lib/libdl.so.2 (0x00d36000)
    libuuid.so.1 => /lib/libuuid.so.1 (0x00110000)
    libdb-4.7.so => /usr/lib/libdb-4.7.so (0x00de9000)
    libpthread.so.0 => /lib/libpthread.so.0 (0x00d3c000)
*    libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x001e6000)
*    libssl.so.6 => /lib/libssl.so.6 (0x04879000)


Now when i try to configure it i get the following error..

./setup/provision --realm=SAMBA.DOMAIN.COM <http://samba.domain.com/>--domain=
DOMAIN.COM <http://samba.domain.com/> --adminpass=passw0rd
--ldap-backend-type=openldap --slapd-path="/usr/local/libexec/slapd"
--server-role='domain controller'
Failed to bind - LDAP client internal error:
NT_STATUS_UNEXPECTED_NETWORK_ERROR
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'


Am i supposed to configure a running ldap server on some other port and then
run provision script.
If so how will i define ldap port with the  provision script.

Please guide me if there is some doc's that i have to follow..

Regards,
Nitin B.

On Mon, Apr 26, 2010 at 5:59 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Mon, 2010-04-26 at 12:34 +0530, nitin bhadauria wrote:
> > As you said now i am using Openldap from CVS and i end up with error..
> >
> > /usr/local/bin/python setup/provision --realm=SAMBA.DOMAIN.COM
> > --domain=domain.com --adminpass=passw0rd --ldap-backend-type=openldap
> > --slapd-path="/usr/local/libexec/slapd" --server-role='domain
> > controller'
> > config file testing succeeded
> > Failed to bind - LDAP client internal error:
> > NT_STATUS_UNEXPECTED_NETWORK_ERROR
> > Failed to connect to 'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%
> > 2Fldapi'
> > Setting up share.ldb
> > Setting up secrets.ldb
> > Setting up the registry
> > Setting up the privileges database
> > Setting up idmap db
> > Setting up SAM db
> > Setting up sam.ldb partitions and settings
> > Setting up sam.ldb rootDSE
> > Pre-loading the Samba 4 and AD schema
> > Adding DomainDN: DC=samba,DC=domain,DC=com
> > pdc_fsmo_init: no domain object present: (skip loading of domain
> > details)
> >
> > Traceback (most recent call last):
> >   File "setup/provision", line 249, in <module>
> >
> > nosync=opts.nosync,ldap_dryrun_mode=opts.ldap_dryrun_mode,useeadb=eadb)
> >   File "bin/python/samba/provision.py", line 1327, in provision
> >     dom_for_fun_level=dom_for_fun_level)
> >   File "bin/python/samba/provision.py", line 919, in setup_samdb
> >     "DESCRIPTOR": descr
> >   File "bin/python/samba/provision.py", line 242, in setup_add_ldif
> >     ldb.add_ldif(data, controls)
> >   File "bin/python/samba/__init__.py", line 251, in add_ldif
> >     self.add(msg,controls)
> > _ldb.LdbError: (8, 'LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -
> > <modifications require authentication> <>')
> > A transaction is still active in ldb context [0xa721748]
> > on /usr/local/samba/private/secrets.ldb
> >
>
> That's very odd.  Did you somehow compile OpenLDAP on a system without
> SASL support?  I've not see that error before.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                                http://samba.org/~abartlet/<http://samba.org/%7Eabartlet/>
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Cisco Inc.
>

More information about the samba-technical mailing list