[Samba] Samba with LDAP - conflict with pam_ldap?
chauvirey at free.fr
Tue Jun 11 01:57:02 GMT 2002
> I'm using Samba 2.2.4 with LDAP support (OpenLDAP 2.0.23), and with
> pam_ldap included in the rpm nss_ldap 1.86 from Redhat (I'm on Linux
> Redhat 7.2).
> All these things are working well (I use the same object SambaAcount
> under PosixAccount in order to authenticate all these things), but a
> problem appears when I'm trying to list all the accounts and groups from
> my Win2000 Workstation (select a file shared by Samba, security, add).
> Using NIS to authentificate, it takes me less than 1 sec to get all the
> users and groupes from Win2000.
> Using LDAP (PAM_LDAP), it takes about 1 mn in order to have it.
I had a similar problem (slow lookup with Outlook plugged into my openldap)
until I set an index on the attributes used for the requests :
-- slapd.conf :
# Indices to maintain
index objectClass eq
index uid pres,eq
index uidNumber,gidNumber,memberUid,rid eq
index mail,cn,sn,givenName eq,sub
> Looking for LDAP logs, it appears that Samba is looking over and over
> again with the same request. Don't know which.
Perhaps the timeout because of the time the request takes... It might depend
on your db size.
> I'm using authconfig tool from Redhat to configure pam_ldap and nss_ldap
> (files /etc/pam.d/system-auth, /etc/ldap.conf and /etc/nsswitch.conf).
> Does my problem could be because of using the same object to
> authenticate both Samba and Unix, or because of conflicts between samba
> and pam_ldap, or something else???
No, I'm doing this also and it's just fine.
> When I try to do the same thing using PAM_LDAP instead of NIS, it works
> fine until I restart the Samba server.
Seems to prove Samba is not the cause of your problem.
More information about the samba