[Samba] Samba and ldap groups

Kristyan Osborne kris at longhill.brighton-hove.sch.uk
Tue Apr 8 15:36:19 GMT 2003


Ive just tried to allow everyone access to everything by putting the following in slapd.conf:
Allow read by all
Allow write by all
defaultaccess write

Still no joy :-(

Any ideas??



-----Original Message-----
From:	Maarten Buiter [mailto:maarten.buiter at fredhopper.com]
Sent:	Tue 08/04/2003 16:06
To:	samba at lists.samba.org
Subject:	Re: [Samba] Samba and ldap groups

Hi Kristyan,

This might have something to do with your Access Control Lists for your
LDAP directory. Most likely you have installed your LDAP directory so
that only root can query it.

If you are using OpenLDAP, you can edit (or create) your ACLs in the
slapd.conf file. The OpenLDAP Administrator Guide Provides a few
simple examples.

If this is not the case, please provide some more information!


Maarten Buiter

Kristyan Osborne wrote:

>I have just put Samba3alpha23 on my Suse 8.1 box and and implement the new goup structure in LDAP.
>All works fine expect when you log in a a user other than root on the windows box. The error is :
>[2003/04/08 13:30:19, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2198)
>  ldapsam_search_one_group: Problem during the LDAP search: LDAP error:  (Insufficient access)ldapsam_open: cannot access LDAP when not root..
>[2003/04/08 13:30:19, 0] passdb/pdb_ldap.c:ldapsam_retry_open(509)
>  Connection to LDAP Server failed for the 1 try!
>[2003/04/08 13:30:19, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2567)
>  LDAP search failed: Insufficient access
>[2003/04/08 13:30:19, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2629)
>  Unable to open passdb
>How should I set samba up so that normal users can access the LDAP directory and not have to be root???
>Kristyan Osborne - IT Technician
>Longhill High School
>01273 391672

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list