SAMBA4 provision against LDAP backend getting SASL error
abartlet at samba.org
Fri Dec 3 19:45:13 MST 2010
On Fri, 2010-12-03 at 20:27 -0600, Joe Comeaux wrote:
> > I think you are misunderstanding how the Samba4 OpenLDAP backend
> > works, and are both thinking to hard about the problem, and attempting
> > to 'fix'
> > too many things at once.
> I can't deny that I am absolutely misunderstanding something somewhere.
I think it partly comes from not starting at the right place:
I've taken the liberty of CCing this back to the mailing list, so that
others can also understand a bit more about how the OL backend works,
and how to set it up.
> > It is *not* possible to just connect Samba4 to an existing LDAP
> > server, and it will fail if you do so.
> This is exactly what I was trying to do, which I will now attempt to
> let the provision script "build" the ldap back end.
> > If you are having problems, you should first run Samba4 from
> > the GIT repo, compiled with all libraries internally, or use
> > Jelmer's PPA for current versions of Samba4.
> I installed samba4 both from the ubuntu repository, and from the GIT
> repository, both with the same results. I don’t have my notes in front
> of me for the exact history, but the current iteration is basically as
> OpenLDAP installed from ubuntu repository, tested and working as
> expected ( ldap home when launched from /etc/init.d/slapd =
> /etc/ldap/slapd.d/ ).
OpenLDAP HEAD from thier CVS is known to work.
> The directory structure is there, but the slapd.d directory is
> completely empty. Same thing when installing Samba4 from the ubuntu
> apt-get repository. Ubuntu puts it in /var/lib/samba/ ..., but the
> slapd.d directory is still empty. That's why I assumed it was up to me
> to populate it with some good ldap back end data.
> Did I miss an installation step that populates that slapd.d directory,
> or is that something I'm expected to build in order to be able to kick
> off the provision script?
That is the slapd -Tslaptest invocation earlier in the script, which
converts from the slapd.conf into the config directory. I can't see any
reason why we don't detect a failure here, but I'll do what I can to
make it more robust.
But I think you may be missing overlays. You must follow the
http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP to get all
the right overlays installed. That is easiest done from a source
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 190 bytes
Desc: This is a digitally signed message part
More information about the samba-technical