[Samba] using LDAP and PDC together
Louis-David Mitterrand
vindex at apartia.org
Fri Sep 6 08:15:02 GMT 2002
On Fri, Sep 06, 2002 at 04:56:57AM +0000, abartlet at dp.samba.org wrote:
> On Fri, Sep 06, 2002 at 12:32:48AM -0400, Terry Katz wrote:
> > So i dug deeper and looked at the logs, this is what I found:
> >
> > [2002/09/06 00:19:23, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(422)
> > ldapsam_search_one_user: searching
> > for:[(&(uid=)(objectclass=sambaAccount))]
> > [2002/09/06 00:19:23, 2] auth/auth.c:check_ntlm_password(273)
> > check_password: Authentication for user [] -> [] FAILED with error
> > NT_STATUS_NO_SUCH_USER
Exactly my problem as well.
> You must put the guest user (RID 501 I think) into ldap, or run 'unixsam' to
> get it via smb.conf's 'guest account' and the system getpw* calls.
>
> Without a guest account, the system cannot operate correctly. Furthermore,
> the guest account is used by the Workstation in the user authenticaion
> process.
Thanks you! The nobody (== guest) account existed in ldap but hadn't had
a samaAccount added to it. Using pdbedit (just discovered that handy
tool) to import all smbpasswd info into ldap it now works fine.
Although the latest PDC-LDAP howto
http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html implies that an
Administrator account is necessary my setup works without one. Why is
that account needed?
Cheers,
--
ldm at apartia.org - http://www.apartia.com
More information about the samba
mailing list