[Samba] net rpc vampire is sucking my brain!

Byars, Jason M jbyars at iupui.edu
Wed Dec 3 18:27:14 GMT 2003


Trying to migrate NT4 to samba 3.0.0 or 3.0.1pre3 with an ldap backend.
I add a backup server account to the domain and joined.  Getting the SID
and the ldap init seem to work, and I start windbind. When I run net rpc
vampire all I get is a ton of "Could not create posix account info for "
errors.  Then ofcourse pdbedit -L returns smbldap_search_suffix: Problem
during the LDAP search:  (No such object). I tried using smbpasswd and
tdbsam backends, because I figure I have a mistake in my ldap init, but
I still get the same errors.  I'm including my smb.conf, sldap.conf and
initldap.dif.  Could someone please help?  I'm sure I have overlooked
something simple.  Thanks

Jason

Smb.conf
[global]
        workgroup = NEPHROLOGY
        server string = samba test dc
        #passdb backend = tdbsam
        passdb backend = ldapsam:ldap://localhost
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        domain logons = Yes
        local master = No
        domain master = No
        dns proxy = No
        wins server = 134.68.220.14
        ldap suffix = dc=nephrology,dc=iupui,dc=edu
        ldap machine suffix =
ou=Computers,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu
,dc=nephrology,dc=iupui,dc=edu
        ldap user suffix =
ou=People,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc
=nephrology,dc=iupui,dc=edu
        ldap group suffix =
ou=Groups,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc
=nephrology,dc=iupui,dc=edu
        ldap idmap suffix =
dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc=nephrolog
y,dc=iupui,dc=edu
        ldap admin dn = "cn=root,dc=nephrology,dc=iupui,dc=edu"
        remote announce = 149.166.202.255
        idmap uid = 15000-20000
        idmap gid = 15000-20000
[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

Initldap.dif
#O rganization for Samba Base
dn: dc=nephrology,dc=iupui,dc=edu
objectclass: dcObject
objectclass: organization
dc: nephrology
o: Nephrology Net
description: The Samba-3 Network LDAP Example

# Organizational Role for Directory Management
dn: cn=root,dc=nephrology,dc=iupui,dc=edu
objectclass: organizationalRole
cn: root
description: Directory Manager

# Setting up container for users
dn: ou=People,dc=nephrology,dc=iupui,dc=edu
objectclass: top
objectclass: organizationalUnit
ou: People

# Setting up admin handle for People OU
dn: cn=root,ou=People,dc=nephrology,dc=iupui,dc=edu
cn: root
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: same as slapd

# Setting up container for groups
dn: ou=Groups,dc=nephrology,dc=iupui,dc=edu
objectclass: top
objectclass: organizationalUnit
ou: Groups

# Setting up admin handle for Groups OU
dn: cn=root,ou=Groups,dc=nephrology,dc=iupui,dc=edu
cn: root
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: same as slapd

# Setting up container for computers
dn: ou=Computers,dc=nephrology,dc=iupui,dc=edu
objectclass: top
objectclass: organizationalUnit
ou: Computers

# Setting up admin handle for Computers OU
dn: cn=root,ou=Computers,dc=nephrology,dc=iupui,dc=edu
cn: root
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: same as slapd

Sladp.conf
database        ldbm
suffix          "dc=nephrology,dc=iupui,dc=edu"
rootdn          "cn=root,dc=nephrology,dc=iupui,dc=edu"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw                secret
# rootpw                {crypt}ijFYNcSNctBYg
#rootpw                 {SSHA}GDtVlBhvQsENtjM3OD1GBFAWMkhv+3m/
rootpw                  something sensible
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap

# Indices to maintain for this database
index objectClass                       eq,pres
index ou,mail,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
index cn                                pres,sub,eq
index sn                                pres,sub,eq
index displayName                       pres,sub,eq
index sambaSID                          eq
index sambaPrimaryGroupSID              eq
index sambaDomainName                   eq
index default                           sub
# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 tls=yes
#     bindmethod=sasl saslmech=GSSAPI
#     authcId=host/ldap-master.example.com at EXAMPLE.COM


More information about the samba mailing list