[Samba] samba 3.0.0-1 + OpenLDAP

Sergio Pereira sergio at ee.ryerson.ca
Tue Sep 30 15:53:34 GMT 2003 

Hi All,

after so much suffering I finally have my rh9 box working with
openldap-2.0.0.27-8 and samba-3.0.0-1. I still have some problems as
follow:

1 - Once I've joined a machine to the Domain I only can logon using root
user; if I try to logon as Administrator the system tells me that
username and/or password are not correct.
2 - If I try to use the parameter 'passdb backend =
ldapsam:ldap://127.0.0.1/' the authentication doesn't work.

I've been following the
http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html howto.

thx,

Sergio Pereira



here are my config files from rh9 box.

---xxxx---
/etc/samba/smb.conf
[global]
  workgroup = ryerson.ca
  netbios name = PDC-SRV
  server string = SAMBA-LDAP PDC Server
  encrypt passwords = Yes
  passwd program = /usr/local/bin/smbldap-passwd.pl -o %u
  passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
  unix password sync = Yes
  log file = /var/log/samba/%m.log
  log level = 5 
  max log size = 0
  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  domain logons = Yes
  os level = 80
  preferred master = True
  domain master = True

  dns proxy = No
  wins support = Yes
# SAMBA-LDAP declarations
;  passdb backend = ldapsam:ldap://127.0.0.1/
  ldap suffix = dc=ryerson,dc=ca
  ldap admin dn = cn=manager,dc=example,dc=com
  ldap ssl = No
  printing = lprng
  add user script = /usr/sbin/smbldap-useradd.pl -w %u

[homes]
  comment = Home Directories
  valid users = %S
  read only = No
  create mask = 0664
  directory mask = 0775
  browseable = No
[netlogon]
  comment = Network Logon Service
  path = /home/samba/netlogon
  guest ok = Yes
[profiles]
  path = /home/samba/profiles
  writeable = yes
  browseable = no
  create mode = 0644
  directory mode = 0755
  guest ok = yes
[printers]
  comment = All Printers
  path = /var/spool/samba
  printable = Yes
  browseable = No
[tmp]
  comment = Temporary file space
  path = /tmp
  read only = No
  guest ok = Yes

----xxx----

here is my /etc/slapd.conf

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/samba.schema

database ldbm
suffix "dc=ryerson,dc=ca"
directory /var/lib/ldap
rootdn "cn=manager,dc=example,dc=com"
rootpw {SSHA}g72uKCjmK9kSh2sg3nlb9gZwynD5rz
# index objectClass,rid,uid,uidNumber,gidNumber,memberUid eq
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial

---xxx---

here are the entries for Administrator and Root user:

# Administrator, Users, EXAMPLE, COM
dn: uid=Administrator,ou=Users,dc=EXAMPLE,dc=COM
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSAMAccount
cn: Administrator
sn: Administrator
uid: Administrator
uidNumber: 1002
gidNumber: 200
homeDirectory: /home//Administrator
loginShell: /bin/bash
gecos: System User
description: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: System User
sambaAcctFlags: [UX]
sambaSID: S-1-5-21-4263734852-1518306851-1126385063-3004
sambaPrimaryGroupSID: S-1-5-21-4263734852-1518306851-1126385063-1401
sambaHomeDrive: U:
sambaHomePath: \\smb.example.com\homes
sambaProfilePath: \\smb.example.com\profiles\Administrator
sambaLogonScript: Administrator.cmd
sambaLMPassword: 570992575A0E7CAAC2265B23734E0DAC
sambaNTPassword: 9B0166BEA503BA881D5BAC85EB8C93FA
sambaPwdLastSet: 1064935056
userPassword:: e1NTSEF9QmFBbyt2Q2VEdGZ1Ylh4YlByL3FrYlF6TnBRaS9ud3k=

----xxxx---

# root, Users, EXAMPLE, COM 
dn: uid=root,ou=Users,dc=EXAMPLE,dc=COM
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSAMAccount
cn: root
sn: root
uid: root
homeDirectory: /home//root
loginShell: /bin/bash
gecos: System User
description: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: System User
sambaAcctFlags: [UX]
sambaHomeDrive: U:
sambaHomePath: \\smb.example.com\homes
sambaProfilePath: \\smb.example.com\profiles\root
sambaLogonScript: root.cmd
gidNumber: 0
sambaSID: S-1-5-21-4263734852-1518306851-1126385063-1000
sambaPrimaryGroupSID: S-1-5-21-4263734852-1518306851-1126385063-1001
uidNumber: 0
sambaLMPassword: 570992575A0E7CAAC2265B23734E0DAC
sambaNTPassword: 9B0166BEA503BA881D5BAC85EB8C93FA
sambaPwdLastSet: 1064932432
userPassword:: e1NTSEF9VnY2aEFLZFhOQ2NxSFJSMkc0K1dwcFk2a2p5MkZ4Sk0=

More information about the samba mailing list