[Samba] Solaris 9 and secondary group info from LDAP
reinhard.sojka at parlinkom.gv.at
Thu Feb 5 19:00:27 GMT 2004
we are running several test installations of Samba 3 on Solaris 8 and
Solaris 9. On Solaris 9, there is a strange behaviour in terms of
getting secondary group information from LDAP.
With later revisions of patch 112960, only /etc/group is interpreted,
but there is no query on the LDAP server for (Unix-) group information.
Here is a short overview about our results:
* native Sun LDAP-Client
* Samba 3.0.x (last: 3.0.2rc1) with LDAP support
* OpenLDAP Libraries
* Solaris 8 with patch 108993-23 -> OK
* Solaris 9 no patches (=very first version) -> OK
* Solaris 9 with patch 112960-03 -> OK
* Solaris 9 with patch 112960-08 or higher -> no info about
secondary groups from LDAP server (no query in server
"truss" shows errors)
This behaviour can be watched very nicely in the LDAP server logs, and
if you do a truss on smbd with
truss -u '*' smbd -i
the result looks very similar to this one
though he was using Samba 2.2.8a an the iPlanet Directory Server.
( I will provide logs and debug output if anybody is interested. )
Regarding the above test results, I have several questions
* Is this a know problem or bug?
* Or, at least, is it related to a know problem or bug (bug# 395) ?
* Is it possible to link Samba 3.0.x with Sun/Netscape LDAP libraries?
Had no luck with it, didn't find a workaround for the
missing ldap_initialize() and ldap_domain2hostlist.
* My impression is that there is something wrong with the interaction
OpenLDAP libs <-> Solaris libs. Is this assumption correct?
* Am I at the right place to ask for help? Is it better to ask the
people at OpenLDAP.org or, maybe, even at Sun?
Reinhard Sojka <reinhard.sojka at parlinkom.gv.at>
System- & Networkadmin
+43 1 40110 2824
More information about the samba