[Samba] Samba with LDAP - conflict with pam_ldap?

Laurent BLIN laurent.blin at iemm.univ-montp2.fr
Mon Jun 10 09:39:03 GMT 2002


Hi,

I'm using Samba 2.2.4 with LDAP support (OpenLDAP 2.0.23), and with 
pam_ldap included in the rpm nss_ldap 1.86 from Redhat (I'm on Linux 
Redhat 7.2).

All these things are working well (I use the same object SambaAcount 
under PosixAccount in order to authenticate all these things), but a 
problem appears when I'm trying to list all the accounts and groups from 
my Win2000 Workstation (select a file shared by Samba, security, add).

Using NIS to authentificate, it takes me less than 1 sec to get all the 
users and groupes from Win2000.
Using LDAP (PAM_LDAP), it takes about 1 mn in order to have it.

Looking for LDAP logs, it appears that Samba is looking over and over 
again with the same request. Don't know which.

I'm using authconfig tool from Redhat to configure pam_ldap and nss_ldap 
(files /etc/pam.d/system-auth, /etc/ldap.conf and /etc/nsswitch.conf).

Does my problem could be because of using the same object to 
authenticate both Samba and Unix, or because of conflicts between samba 
and pam_ldap, or something else???

When I try to do the same thing using PAM_LDAP instead of NIS, it works 
fine until I restart the Samba server.


----------

Samba LOGS:
Doesn't seem to say anything

------

OpenLDAP logs:

(don't know where is the beginning or the end of the request):

do_search
ber_scanf fmt ({aiiiib) ber:
ber_scanf fmt ({oo}) ber:
ber_scanf fmt ({oo}) ber:
ber_scanf fmt ({v}}) ber:
=> ldbm_back_search
dn2entry_r: dn: "DC=OBIWAN,DC=FR"
=> dn2id( "DC=OBIWAN,DC=FR" )
====> cache_find_entry_dn2id("DC=OBIWAN,DC=FR"): 547 (1 tries)
<= dn2id 547 (in cache)
=> id2entry_r( 547 )
====> cache_find_entry_id( 547 ) "dc=obiwan,dc=fr" (found) (1 tries)
<= id2entry_r( 547 ) 0x80e2c70 (cache)
search_candidates: base="DC=OBIWAN,DC=FR" s=2 d=0
=> filter_candidates
=> list_candidates 0xa0
=> filter_candidates
=> dn2idl( "@DC=OBIWAN,DC=FR" )
=> ldbm_cache_open( "dn2id.dbb", 73, 600 )
<= ldbm_cache_open (cache 0)
<= filter_candidates 12
=> filter_candidates
=> list_candidates 0xa1
=> filter_candidates
=> equality_candidates
=> ldbm_cache_open( "objectClass.dbb", 73, 600 )
<= ldbm_cache_open (cache 3)
=> key_read
<= index_read 0 candidates
<= equality_candidates NULL
<= equality_candidates 0
<= filter_candidates 0
=> filter_candidates
=> list_candidates 0xa0
=> filter_candidates
=> equality_candidates
=> ldbm_cache_open( "objectClass.dbb", 73, 600 )
<= ldbm_cache_open (cache 3)
=> key_read
<= index_read 3 candidates
<= equality_candidates 3
<= filter_candidates 3
=> filter_candidates
=> equality_candidates
=> ldbm_cache_open( "uid.dbb", 73, 600 )
<= ldbm_cache_open (cache 4)
=> key_read
<= index_read 0 candidates
<= equality_candidates NULL
<= equality_candidates 0
<= filter_candidates 0
<= list_candidates NULL
<= filter_candidates 0
<= list_candidates 0
<= filter_candidates 0
<= list_candidates NULL
<= filter_candidates 0
====> cache_return_entry_r( 547 ): returned (0)
ldbm_search: no candidates
send_ldap_search_result 0::
send_ldap_response: msgid=826 tag=101 err=0
ber_flush: 15 bytes to sd 9
connection_get(9): got connid=27
connection_read(9): checking for input on id=27
ber_get_next
ber_get_next: tag 0x30 len 200 contents:
ber_get_next
ber_get_next on fd 9 failed errno=11 (Resource temporarily unavailable)





More information about the samba mailing list