[Samba] Does samba use NSS to find users/groups ?
Saullius Gurklys
sagu at isl.vtu.lt
Mon Nov 11 05:40:02 GMT 2002
It is really strange, but I've installed OpenLDAP + pam_ldap + nss_ldap
and I can login with LDAP (only !) user using ssh, login ,
"id user" works just fine, BUT samba can NOT find such user? :(
I mean if there is sambaAccount/posixAccount class account in LDAP and I try to connect
to samba, connection fails, but if I add same user to /etc/passwd everything
works just fine.
If other services find user in LDAP, but samba does not, does it
mean that I misconfigured something ?
With samba 2.2.6 I've found that first time, where samba can not find LDAP user
occurs in pdb_ldap.c line 591 ( calling function sys_getpwnam ):
588 /* These values MAY be in LDAP, but they can also be retrieved through
589 * sys_getpw*() which is how we're doing it
590 */
591 sys_user = sys_getpwnam(username);
592 if (sys_user == NULL) {
593 DEBUG (2,("init_sam_from_ldap: User [%s] does not ave a uid!\n", username));
594 return False;
595 }
in log :
StartTLS issued: using a TLS connection
ldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
ldap_search_one_user: searching for:[(&(uid=ldapuser)(objectclass=sambaAccount))]
get_single_attribute: [uid] = [ldapuser]
Entry found for user: ldapuser
get_single_attribute: [pwdLastSet] = [0]
get_single_attribute: [logonTime] = [0]
get_single_attribute: [logoffTime] = [2147483647]
get_single_attribute: [kickoffTime] = [2147483647]
get_single_attribute: [pwdCanChange] = [0]
get_single_attribute: [pwdMustChange] = [2147483647]
get_single_attribute: [cn] = [ldapuser]
get_single_attribute: [homeDrive] = [H:]
get_single_attribute: [smbHome] = [\\KS\home]
get_single_attribute: [scriptPath] = [ldapuser.cmd]
get_single_attribute: [profilePath] = [\\KS\profiles\ldapuser]
get_single_attribute: [description] = [System User]
get_single_attribute: [userWorkstations] = [<does not exist>]
get_single_attribute: [rid] = [3014]
get_single_attribute: [primaryGroupID] = [1201]
init_sam_from_ldap: User [ldapuser] does not ave a uid! <----- !!!
pass_check_smb failed - invalid password for user [ldapuser]
NT Password did not match for user 'ldapuser'!
Defaulting to Lanman password for ldapuser
while
$id ldapuser
uid=1007(ldapuser) gid=100(Users) groups=100(Users)
Any ideas whats wrong?
Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sun, 10 Nov 2002, Saullius Gurklys wrote:
>
>> Or does it work in 2.2.6?
>
> Yes. It works fine.
>
More information about the samba
mailing list