[Samba] Bug in LDAP code for smbpasswd and pdbedit?
Miroslav Zubcic
mvz at crol.net
Thu Feb 21 08:49:04 GMT 2002
I'm using samba 2.2.3a with OpenLDAP server.
My smbd(8) is working fine, that is, it can find user when user is
opening some share on w2k boxes:
(ldap log - local4)
Feb 21 17:21:17 click.crol.net slapd[20169]: conn=30 op=1
BIND dn="SMBSERVER=CLICK,OU=SAMBA,OU=SERVERS,DC=CROL,DC=NET"
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
And this entity has ability to read/write samba and posixAccount
atributes for users, so this is OK.
But when I try to change password or add sambaAccount with
smbpasswd(8) or pdbedit(8) i get this:
Feb 21 17:29:05 click.crol.net slapd[20149]:
daemon: conn=36 fd=25 connection from IP=192.168.0.17:44459 (IP=0.0.0.0:34049) accepted.
Feb 21 17:29:05 click.crol.net slapd[20970]:
conn=36 op=0 BIND dn="" method=128
^^^^^^^^^^^^^
Feb 21 17:29:05 click.crol.net slapd[20970]:
conn=36 op=0 RESULT tag=97 err=0 text=
Feb 21 17:29:05 click.crol.net slapd[20151]:
conn=36 op=1 MOD dn="uid=novi,ou=People,ou=Accounts,dc=crol,dc=net"
Feb 21 17:29:05 click.crol.net slapd[20151]:
conn=36 op=1 RESULT tag=103 err=50 text=
^^^^^^^^^^^
strace -e open shows me that smbpasswd IS opening secrets.tdb
open("/etc/samba/secrets.tdb", O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 3
But anyway smbpasswd(8) is binding to LDAP server like anonymous and
get of course - access denied for write operation.
in debug mode (-D 10) smbpasswd(8) is writing to stdout/stderr this:
ldap_connect_system: Binding to ldap server as
"smbserver=click,ou=Samba,ou=Servers,dc=crol,dc=net"
But this is not what he is actually doing (when I look in ldap log for
bindDN).
Im' doing this as root of course.
--
This signature intentionally left blank
More information about the samba
mailing list