[Samba] using LDAP and PDC together

Louis-David Mitterrand vindex at apartia.org
Fri Sep 6 08:15:02 GMT 2002

On Fri, Sep 06, 2002 at 04:56:57AM +0000, abartlet at dp.samba.org wrote:
> On Fri, Sep 06, 2002 at 12:32:48AM -0400, Terry Katz wrote:
> > So i dug deeper and looked at the logs, this is what I found:
> > 
> > [2002/09/06 00:19:23, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(422)
> >    ldapsam_search_one_user: searching 
> > for:[(&(uid=)(objectclass=sambaAccount))]
> > [2002/09/06 00:19:23, 2] auth/auth.c:check_ntlm_password(273)
> >    check_password:  Authentication for user [] -> [] FAILED with error 

Exactly my problem as well.

> You must put the guest user (RID 501 I think) into ldap, or run 'unixsam' to 
> get it via smb.conf's 'guest account' and the system getpw* calls.
> Without a guest account, the system cannot operate correctly.  Furthermore, 
> the guest account is used by the Workstation in the user authenticaion 
> process.

Thanks you! The nobody (== guest) account existed in ldap but hadn't had
a samaAccount added to it. Using pdbedit (just discovered that handy
tool) to import all smbpasswd info into ldap it now works fine.

Although the latest PDC-LDAP howto
http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html implies that an
Administrator account is necessary my setup works without one. Why is
that account needed?


ldm at apartia.org - http://www.apartia.com

More information about the samba mailing list