[Samba] help with LDAP and Samba

Fri Aug 13 19:30:56 GMT 2004

Hello Everyone,

I am having some trouble and would greatly appreciate some assistance.  
I apologize if this has been on the list before I am however down to two 
hours before due date.  I have use samba before with no problems but 
this is the first time I have had to do it with LDAP.  The problem is no 
users appear to be authenticating and there are no errors in the logs.  
I followed the online tutorials and tried several variations to no 
avail.  I would REALLY appreciate it if someone who has a working 
samba/OpenLDAP enviroment could take a moment to assist me.

As I stated I am not getting any errors in the error logs.  OpenLDAP is 
a production server being used as the authentication system for our 
email and TACACS, so that is working.  I added the samba schema when I 
set it up as I knew it would be only a matter of time before we went to 
samba.  Note in the config below I have tried it with and without the 
filter along with and without group/user/computer suffix.

OS: Fedora Core 2
Samba: 3.0.3-5

below is my config for review:

[global]

  workgroup = ventus.local
  server string = Ventus Samba Server
  hosts allow = 172.28.0. 127.
  printcap name = /etc/printcap
  load printers = yes
  log file = /var/log/samba/%m.log
  max log size = 50

passdb backend = ldapsam:ldap://192.168.1.243/
ldap suffix = o=ventusnetworks.com,dc=na
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap machine suffix = ou=computers,o=ventusnetworks.com,dc=na
ldap user suffix = o=ventusnetworks.com,dc=na
ldap admin dn = "cn=Manager,dc=na"
ldap delete dn = yes

  security = user
  null passwords = Yes
  encrypt passwords = yes
  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n 
*passwd:*all*authentication*tokens*updated*successfully*

  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

  local master = yes
  os level = 255
  domain master = yes
  preferred master = yes
  domain logons = yes
  logon script = %m.bat
  logon script = %U.bat
  logon path = \\%L\Profiles\%U
  logon drive = U:

  name resolve order = wins lmhosts bcast
  wins support = yes
  dns proxy = no

#============================ Share Definitions 
==============================
  idmap uid = 16777216-33554431
  idmap gid = 16777216-33554431
  template shell = /bin/false
  winbind use default domain = no
[homes]
  comment = Home Directories
  browseable = no
  writable = yes

[netlogon]
  comment = Network Logon Service
  path = /home/netlogon
  guest ok = yes
  writable = no
  share modes = no

[Profiles]
   path = /home/profiles
   browseable = no
   guest ok = yes

[printers]
  comment = All Printers
  path = /var/spool/samba
  browseable = no
# Set public = yes to allow user 'guest account' to print
  guest ok = no
  writable = no
  printable = yes

# This one is useful for people to share files
[tmp]
  comment = Temporary file space
  path = /tmp
  read only = no
  public = yes

Ploease help, I am running out of time.

Regards,
Andre