[Samba] Samba 3.0 + OpenLDAP 2.1 Saga (LDAP Attacks!)

Sorisio, Chris ChrisSorisio at PeakTechnical.com
Wed Oct 15 18:59:52 GMT 2003


Oh Wise Ones,

For the past two days, I have contested with the Samba documentation and
other sources of lore in a vain attempt to achieve Samba/LDAP integration.

My test system is running RedHat 9 with updates applied, along with OpenLDAP
& OpenSSL from redhat-rawhide, and the Samba 3.0.1pre1 RPM from the Samba
website.

A couple of questions:

The HOWTOs instruct one to slapadd a file which, among other entries,
contains:

# Setting up container for groups
dn: ou=Groups,dc=quenya,dc=org
objectclass: top
objectclass: organizationalUnit
ou: People

Is it intentional that the container group setup references 'ou: People' or
is that a typo?

I've gotten as far as having Samba try to add a machine or user account.
Before I started again from scratch, I was as far as getting errors like:

Failed initialise SAM_ACCOUNT for user
Failed to modify password entry for user

But everything else seemed to work - it was binding to the LDAP server, etc.

Any ideas?  Are the LDIF's in the HOWTO all that are necessary to setup an
LDAP server for use with Samba 3?

Sincerely,

Chris



More information about the samba mailing list