[Samba] Samba <-> LDAP auth
Mihail S. Dorofeev
mdorofeev at sibnefteprovod.ru
Wed Oct 30 15:04:01 GMT 2002
Hello everybody!
Sorry for (maybe) a stupid question... Again:
problem with authentication against LDAP (iPlanet Directory Server 4.16), Solaris 8 SPARC server
I have compiled samba 2.2.6 --with-ldapsam option
When connecting from w2k prof workstation i see the following log files:
----------------------------------------------------------------------------------------------------------------------
2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_open_connection(216)
ldap_open_connection: connection opened
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_connect_system(250)
ldap_connect_system: succesful connection to the LDAP server
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:ldap_search_one_user(262)
ldap_search_one_user: searching for:[(&(uid=mdorofeev)(objectclass=sambaAccount))]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [uid] = [mdorofeev]
---------------skiped some code - retrieveing attributes.-------------------------------
[[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(354)
get_single_attribute: [lmPassword] = [<does not exist>]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [ntPassword] = [81030A39A1C251FCAAD3B435B51404EE]
[2002/10/22 14:42:21, 2] passdb/pdb_ldap.c:get_single_attribute(354)
get_single_attribute: [acctFlags] = [<does not exist>]
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(475)
smb_password_ok: Checking SMB password for user mdorofeev
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(499)
smb_password_ok: Checking NT MD4 password
[2002/10/22 14:42:21, 4] smbd/password.c:smb_password_ok(504)
smb_password_ok: NT MD4 password check failed
[2002/10/22 14:42:21, 2] smbd/password.c:pass_check_smb(575)
pass_check_smb failed - invalid password for user [mdorofeev]
[2002/10/22 14:42:21, 2] smbd/reply.c:reply_sesssetup_and_X(972)
NT Password did not match for user 'mdorofeev'!
[2002/10/22 14:42:21, 1] smbd/reply.c:reply_sesssetup_and_X(998)
Rejecting user 'mdorofeev': authentication failed
----------------------------------------------------------------------------------------------------------------------
The QUESTION IS : IS THERE _A_ WAY TO USE userPassword attr for Samba authentication ??
OR SYNC userPassword and ntPassword?
What i did is i ran smbpasswd, looked at the password file, copied the string containing the encrypted password and
inserted this value into the directory->ntPassword filed. However it didnt match :(
Maybe, there is a way to sync ntPassword and userPassword (taking care of different encryption scheme)?
This would be ONLY useful if done by LDAP server means......
I use plain text passwords in the userPassword filed for my eMail auth etc.... This also works for Solaris PAM Ldap auth.
Sincerely, mdorofeev
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the samba
mailing list