[Samba] samba 3.0 alpha 24 with LDAP question
Jeffrey D. Means
meaje at meanspc.com
Wed Jun 4 07:13:53 GMT 2003
has anyone expereience with setting this up or better yet documented
this procedure?? I have gotten samba to talk to my ldap 2.0x server but
it will not allow me to use the net command to modify group mappings. I
am including a dump of my samba log at debug level 10 when I issue these
commands and the general section of my smb.conf file.
--- commands issued
[root at bast samba]# bin/net groupmap add
sid=S-1-5-21-720503001-857626571-2809650969-513 unixgroup=root -d 1
Can't lookup UNIX group
[root at bast samba]# bin/net groupmap add
sid=S-1-5-21-720503001-857626571-2809650969-513 unixgroup=0 -d 1
Can't lookup UNIX group
[root at bast samba]#
--- log
[root at bast samba]# bin/net groupmap add
sid=S-1-5-21-720503001-857626571-2809650969-513 unixgroup=root -d 10
[2003/06/04 01:11:07, 5] lib/debug.c:debug_dump_status(359)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
[2003/06/04 01:11:07, 3] param/loadparm.c:lp_load(3881)
lp_load: refreshing parameters
[2003/06/04 01:11:07, 3] param/loadparm.c:init_globals(1267)
Initialising global parameters
[2003/06/04 01:11:07, 3] param/params.c:pm_process(566)
params.c:pm_process() - Processing configuration file
"/usr/local/samba/lib/smb.conf"
[2003/06/04 01:11:07, 3] param/loadparm.c:do_section(3397)
Processing section "[global]"
doing parameter workgroup = MEANSPC
doing parameter netbios name = BAST
[2003/06/04 01:11:07, 4] param/loadparm.c:handle_netbios_name(2669)
handle_netbios_name: set global_myname to: BAST
doing parameter server string = Authentication Server
doing parameter encrypt passwords = Yes
doing parameter update encrypted = Yes
doing parameter restrict anonymous = Yes
doing parameter time server = Yes
doing parameter socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
doing parameter add user script = /usr/sbin/useradd -s /bin/false -d
/dev/null -g 509 -c "%U" -M %u;passwd -l %u
doing parameter add machine script = /usr/sbin/useradd -s /bin/false
-d /dev/null -g 509 -c "%m Machine" '%m$';passwd -l '%m$'
doing parameter message command = cat %s>/dev/lp0
doing parameter passdb backend = ldapsam:ldap://bast.picotech.net/
doing parameter ldap suffix = o=smb,dc=meanspc,dc=com
doing parameter ldap admin dn = "cn=root,o=smb,dc=meanspc,dc=com"
doing parameter ldap ssl = no
doing parameter debug pid = Yes
doing parameter debug uid = Yes
doing parameter debug timestamp = Yes
doing parameter log level = 10
doing parameter log file = /var/log/samba/samba.log
doing parameter max log size = 50
doing parameter panic action = echo
"*******************************************************\nSamba Panic
!!!!!\n*******************************************************">/dev/lp0
doing parameter logon script = netlogon.bat
doing parameter logon path = \\bast\profiles\%u
doing parameter logon home = \\bast\%u
doing parameter logon drive = Z:
doing parameter os level = 255
doing parameter lm announce = True
doing parameter preferred master = True
doing parameter domain master = True
doing parameter domain logons = yes
doing parameter dns proxy = No
doing parameter wins proxy = Yes
doing parameter wins support = Yes
doing parameter null passwords = Yes
doing parameter admin users = @smbadmin
doing parameter write list = @smbadmin
doing parameter map system = Yes
doing parameter map hidden = Yes
doing parameter delete readonly = Yes
doing parameter hosts allow = 192.168. localhost 216.17.224.194
216.17.224.197 216.17.224.198
doing parameter interfaces = eth0
doing parameter bind interfaces only = Yes
doing parameter large readwrite = Yes
doing parameter min protocol = LANMAN1
doing parameter fstype = NTFS
doing parameter nt acl support = yes
[2003/06/04 01:11:07, 4, pid=19973, effective(0, 0), real(0, 0)]
param/loadparm.c:lp_load(3913)
pm_process() returned Yes
[2003/06/04 01:11:07, 7, pid=19973, effective(0, 0), real(0, 0)]
param/loadparm.c:lp_servicenumber(4022)
lp_servicenumber: couldn't find homes
[2003/06/04 01:11:07, 10, pid=19973, effective(0, 0), real(0, 0)]
param/loadparm.c:set_server_role(3844)
set_server_role: role = ROLE_DOMAIN_PDC
[2003/06/04 01:11:07, 5, pid=19973, effective(0, 0), real(0, 0)]
lib/util.c:init_names(270)
Netbios name list:-
my_netbios_names[0]="BAST"
[2003/06/04 01:11:07, 2, pid=19973, effective(0, 0), real(0, 0)]
lib/interface.c:add_interface(79)
added interface ip=216.17.224.194 bcast=216.17.224.207
nmask=255.255.255.240
Can't lookup UNIX group
[2003/06/04 01:11:07, 2, pid=19973, effective(0, 0), real(0, 0)]
utils/net.c:main(685)
return code = -1
[root at bast samba]# bin/net groupmap add
sid=S-1-5-21-720503001-857626571-2809650969-513 unixgroup=0 -d 10
[2003/06/04 01:11:15, 5] lib/debug.c:debug_dump_status(359)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
[2003/06/04 01:11:15, 3] param/loadparm.c:lp_load(3881)
lp_load: refreshing parameters
[2003/06/04 01:11:15, 3] param/loadparm.c:init_globals(1267)
Initialising global parameters
[2003/06/04 01:11:15, 3] param/params.c:pm_process(566)
params.c:pm_process() - Processing configuration file
"/usr/local/samba/lib/smb.conf"
[2003/06/04 01:11:15, 3] param/loadparm.c:do_section(3397)
Processing section "[global]"
doing parameter workgroup = MEANSPC
doing parameter netbios name = BAST
[2003/06/04 01:11:15, 4] param/loadparm.c:handle_netbios_name(2669)
handle_netbios_name: set global_myname to: BAST
doing parameter server string = Authentication Server
doing parameter encrypt passwords = Yes
doing parameter update encrypted = Yes
doing parameter restrict anonymous = Yes
doing parameter time server = Yes
doing parameter socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
doing parameter add user script = /usr/sbin/useradd -s /bin/false -d
/dev/null -g 509 -c "%U" -M %u;passwd -l %u
doing parameter add machine script = /usr/sbin/useradd -s /bin/false
-d /dev/null -g 509 -c "%m Machine" '%m$';passwd -l '%m$'
doing parameter message command = cat %s>/dev/lp0
doing parameter passdb backend = ldapsam:ldap://bast.picotech.net/
doing parameter ldap suffix = o=smb,dc=meanspc,dc=com
doing parameter ldap admin dn = "cn=root,o=smb,dc=meanspc,dc=com"
doing parameter ldap ssl = no
doing parameter debug pid = Yes
doing parameter debug uid = Yes
doing parameter debug timestamp = Yes
doing parameter log level = 10
doing parameter log file = /var/log/samba/samba.log
doing parameter max log size = 50
doing parameter panic action = echo
"*******************************************************\nSamba Panic
!!!!!\n*******************************************************">/dev/lp0
doing parameter logon script = netlogon.bat
doing parameter logon path = \\bast\profiles\%u
doing parameter logon home = \\bast\%u
doing parameter logon drive = Z:
doing parameter os level = 255
doing parameter lm announce = True
doing parameter preferred master = True
doing parameter domain master = True
doing parameter domain logons = yes
doing parameter dns proxy = No
doing parameter wins proxy = Yes
doing parameter wins support = Yes
doing parameter null passwords = Yes
doing parameter admin users = @smbadmin
doing parameter write list = @smbadmin
doing parameter map system = Yes
doing parameter map hidden = Yes
doing parameter delete readonly = Yes
doing parameter hosts allow = 192.168. localhost 216.17.224.194
216.17.224.197 216.17.224.198
doing parameter interfaces = eth0
doing parameter bind interfaces only = Yes
doing parameter large readwrite = Yes
doing parameter min protocol = LANMAN1
doing parameter fstype = NTFS
doing parameter nt acl support = yes
[2003/06/04 01:11:15, 4, pid=20098, effective(0, 0), real(0, 0)]
param/loadparm.c:lp_load(3913)
pm_process() returned Yes
[2003/06/04 01:11:15, 7, pid=20098, effective(0, 0), real(0, 0)]
param/loadparm.c:lp_servicenumber(4022)
lp_servicenumber: couldn't find homes
[2003/06/04 01:11:15, 10, pid=20098, effective(0, 0), real(0, 0)]
param/loadparm.c:set_server_role(3844)
set_server_role: role = ROLE_DOMAIN_PDC
[2003/06/04 01:11:15, 5, pid=20098, effective(0, 0), real(0, 0)]
lib/util.c:init_names(270)
Netbios name list:-
my_netbios_names[0]="BAST"
[2003/06/04 01:11:15, 2, pid=20098, effective(0, 0), real(0, 0)]
lib/interface.c:add_interface(79)
added interface ip=216.17.224.194 bcast=216.17.224.207
nmask=255.255.255.240
Can't lookup UNIX group
[2003/06/04 01:11:15, 2, pid=20098, effective(0, 0), real(0, 0)]
utils/net.c:main(685)
return code = -1
[root at bast samba]#
--- smb.conf
[root at bast samba]# cat lib/smb.conf
# Global parameters
[global]
workgroup = MEANSPC
netbios name = BAST
server string = Authentication Server
encrypt passwords = Yes
update encrypted = Yes
restrict anonymous = Yes
time server = Yes
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/useradd -s /bin/false -d /dev/null
-g 509 -c "%U" -M %u;passwd -l %u
add machine script = /usr/sbin/useradd -s /bin/false -d
/dev/null -g 509 -c "%m Machine" '%m$';passwd -l '%m$'
# delete user script = smbpasswd -x %u;userdel %u
message command = cat %s>/dev/lp0
# use spnego = no
# LDAP
passdb backend = ldapsam:ldap://bast.picotech.net/
ldap suffix = o=smb,dc=meanspc,dc=com
ldap admin dn = "cn=root,o=smb,dc=meanspc,dc=com"
ldap ssl = no
# Debugging
debug pid = Yes
debug uid = Yes
debug timestamp = Yes
log level = 10
log file = /var/log/samba/samba.log
max log size = 50
panic action = echo
"*******************************************************\nSamba Panic
!!!!!\n*******************************************************">/dev/lp0
# Logon Info
logon script = netlogon.bat
logon path = \\bast\profiles\%u
logon home = \\bast\%u
logon drive = Z:
# Become PDC
os level = 255
lm announce = True
preferred master = True
domain master = True
domain logons = yes
dns proxy = No
wins proxy = Yes
wins support = Yes
null passwords = Yes
# Admin Stuff
admin users = @smbadmin
write list = @smbadmin
map system = Yes
map hidden = Yes
delete readonly = Yes
hosts allow = 192.168. localhost
interfaces = eth0
bind interfaces only = Yes
large readwrite = Yes
min protocol = LANMAN1
fstype = NTFS
nt acl support = yes
More information about the samba
mailing list