[Samba] Samba LDAP PDC help - can't login.

George Farris farrisg at mala.bc.ca
Thu Mar 28 15:37:02 GMT 2002 

On Thu, 2002-03-28 at 15:07, Andrew Bartlett wrote:
> George Farris wrote:
> > 
> > On Thu, 2002-03-28 at 14:45, Andrew Bartlett wrote:
> > > George Farris wrote:
> > > >
> > > > I have followed the samba ldap pdc howto and am able to login and have
> > > > ldap authenticate shell accounts via the console and ssh.  However, when
> > > > I try to login via smbclient or a Windows 98 machine it won't
> > > > authenticate.  The ldap search actually ends up looking for a UID with
> > > > the domain included.  Log file shows thus:
> > > >
> > > > daemon: conn=0 fd=9 connection from IP=127.0.0.1:1214 (IP=0.0.0.0:34049)
> > > > accepted.
> > > > conn=0 op=0 BIND dn="" method=128
> > > > ber_flush: 14 bytes to sd 9
> > > > deferring operation
> > > > conn=0 op=0 RESULT tag=97 err=0 text=
> > > > conn=0 op=1 SRCH base="dc=cc,dc=mala,dc=bc,dc=ca" scope=2
> > > > filter="(&(objectClass=posixAccount)(uid=APOLLO\5CGEORGE))"
> > > > ber_flush: 14 bytes to sd 9
> > > > conn=0 op=1 SEARCH RESULT tag=101 err=0 text=
> > > >
> > > > Shouldn't the objectClass be sambaAccount not posixAccount?
> > > > Shouldn't the uid = george and not apollo\5cgeorge?
> > >
> > > This is the search that samba makes via nss_ldap (hence the
> > > posixAccount) when attempting to find usernames in the form
> > > domain\username.  If this doesn't exist, then it tries 'username'.  This
> > > isn't the cause of your problems.
> > >
> > > Andrew Bartlett
> > 
> > Do you have any suggestions?  I don't see it search for username after
> > domain\username.  Is this a bug in samba?  I'm using 2.2.3a, compiled as
> > follows on a redhat-7.2 machine.
> 
> Just see what you find in the Samba logfiles.
> 

It says:

[2002/03/28 15:37:33, 0] passdb/pdb_ldap.c:ldap_connect_system(172)
  Bind failed: Can't contact LDAP server

which is odd since I can see the ldap log spewing out error messages as
seen above.

-- 
==================================================================
George Farris		                 Computer Support Cowichan
farrisg at mala.bc.ca                    Malaspina University-College

A conclusion is simply the place where you got tired of thinking.
                           
------- Electronic Frontier Foundation  http://www.eff.org -------

More information about the samba mailing list