[Samba] Suggestions??: Got too many (2) domain info entries for domain

Patrick Taylor patrick at naturecare.com.au
Fri Aug 6 07:05:30 GMT 2004


HI there,

I'm franging around trying to put (open)LDAP at the centre of my universe, which works with imap/pop and sendmail, but samba is a different kettle of fish...

after much testing I finally get bogged down at:

"Got too many (2) domain info entries for domain" in the logs, and nothign progresses after that.

And "yes" the ldap root bind password is set, iptables are OFF, etc, etc.


My smb.cong has:

# - testing - ldap server = 10.79.52.1
ldap admin dn = cn=root,dc=naturecare,dc=com,dc=au
ldap port = 389
ldap filter = "(&(uid=%U)(objectclass=sambaSAMAccount))"

passdb backend = ldapsam:ldap://ldap.ncc:389/
ldap delete dn = No
ldap passwd sync = Yes

ldap suffix = dc=naturecare,dc=com,dc=au
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=Computers


My openldap access-control has:

" "
include         /etc/openldap/schema/samba.schema
" "
access to attrs=userPassword
        by self write
        by * auth
access to attrs=lmPassword,ntPassword
        by dn="cn=root,dc=naturecare,dc=com,dc=au" write
        by * none

access to *
        by dn="cn=root,dc=naturecare,dc=com,dc=au" write
        by dn="cn=ldapadministrator,dc=naturecare,dc=com,dc=au" write
        by self write
        by * read
        by * auth

- and yes the root bind password is the same (and I'm only doign as root while testing, etc etc.)

Been 3 days now of total frustration and very litle help googling : (

Any suggestions appreciated

Cheers

Pat

P.S. Instead of having to add sambaSAMAccount objects for all my current users, is it possible to filter on posixAccount?




Patrick Taylor
ICT Manager

Nature Care College
79 Lithgow St  St Leonards  NSW  2065  Sydney,  Australia.
ph: +61 2 8437 7836
fax: +61 2 9439 9308
--
This email and any attachments may contain privileged and confidential information and are intended for the named addressee only.  If you have received this e-mail in error, please notify the sender and delete this e-mail immediately. Any confidentiality, privilege or copyright is not waived or lost because this e-mail has been sent to you in error.  It is your responsibility to check this e-mail and any attachments for viruses. 
--



More information about the samba mailing list