[Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED

abebe lsslp peaceofcrap2001 at yahoo.com
Tue Jul 20 15:35:58 GMT 2004


I was having trouble sleeping last night, so I start
going over your past e-mails. Do you remember you
asking me that I need to make sure LDAP is
authenticating system users? And I told you that it
was. I was not completely lying, it authenticates
'testuser1' with no problem. However, 'administrator'
is getting kicked out as soon as it logs in. Here is
what it looks like:

[root at eaglex root]# ssh administrator at 192.168.1.10
administrator at 192.168.1.10's password:
Last login: Tue Jul 20 09:49:05 2004 from 192.168.1.17
Connection to 192.168.1.10 closed.
[root at eaglex root]#

Here is part of 'slapd.log':
+++++++++++++++++++++++++++++++++++++++++++++++++++
Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2 SRCH
attr=cn userPassword memberUid uniqueMember gidNumber
Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:22:31 eaglex slapd[20508]: conn=7 fd=15
closed
Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH
base="dc=wbcoll,dc=edu" scope=2
filter="(&(objectClass=posixAccount)(uid=administrator))"
Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH
attr=uid userPassword uidNumber gidNumber cn
homeDirectory loginShell gecos description objectClass
Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 fd=15
ACCEPT from IP=127.0.0.1:33263 (IP=0.0.0.0:389)
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" method=128
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" mech=simple ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0
RESULT tag=97 err=0 text=
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1 SRCH
base="dc=wbcoll,dc=edu" scope=2
filter="(uid=Administrator)"
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND
anonymous mech=implicit ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND
dn="uid=Administrator,ou=Users,dc=wbcoll,dc=edu"
method=128
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND
dn="uid=Administrator,ou=Users,dc=wbcoll,dc=edu"
mech=simple ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2
RESULT tag=97 err=0 text=
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND
anonymous mech=implicit ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" method=128
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" mech=simple ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3
RESULT tag=97 err=0 text=
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 fd=18
ACCEPT from IP=127.0.0.1:33264 (IP=0.0.0.0:389)
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" method=128
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" mech=simple ssf=0
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0
RESULT tag=97 err=0 text=
Jul 20 10:25:19 eaglex slapd[20508]: deferring
operation
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH
base="dc=wbcoll,dc=edu" scope=2
filter="(&(objectClass=shadowAccount)(uid=Administrator))"
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH
attr=uid userPassword shadowLastChange shadowMax
shadowMin shadowWarning shadowInactive shadowExpire
Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:25:20 eaglex slapd[20508]: conn=8 op=4
UNBIND
Jul 20 10:25:20 eaglex slapd[20508]: conn=8 fd=15
closed
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15
ACCEPT from IP=127.0.0.1:33265 (IP=0.0.0.0:389)
Jul 20 10:25:20 eaglex slapd[20508]: conn=9 fd=18
closed
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" method=128
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND
dn="cn=Manager,dc=wbcoll,dc=edu" mech=simple ssf=0
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0
RESULT tag=97 err=0 text=
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1 SRCH
base="dc=wbcoll,dc=edu" scope=2
filter="(uid=Administrator)"
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH
base="ou=Groups,dc=wbcoll,dc=edu" scope=1
filter="(&(objectClass=posixGroup)(|(memberUid=Administrator)(uniqueMember=uid=administrator,ou=users,dc=wbcoll,dc=edu)))"
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH
attr=cn userPassword memberUid uniqueMember gidNumber
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2
SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15
closed

+++++++++++++++++++++++++++++++++++++++++++++++++++

Is it alright if I delete the files in
'/var/lib/ldap/*' before I use 'slapindex'?

When I do the 'ldapsearch' command, machine entry does
not exist anymore.

Here is my 'smb.conf' after taking out what you told
me and using 'testparm -s > /tmp/smb.conf'

+++++++++++++++++++++++++++++++++++++++++++++
[root at eaglex root]# cat /tmp/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[Profiles]"
Processing section "[printers]"
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
# Global parameters
[global]
        workgroup = AGUILAS
        netbios name = EALGEX
        server string = Samba-LDAP PDC Server
        map to guest = Bad User
        passdb backend = ldapsam:ldap://127.0.0.1/
        username map = /etc/samba/smbusers
        log level = 10
        log file = /var/log/samba/%m.log
        max log size = 10000
        time server = Yes
        deadtime = 10
        socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
        printcap name = cups
        add user script = /usr/sbin/smbldap-useradd -m
"%u"
        add group script = /usr/sbin/smbldap-groupadd
-p "%g"
        add user to group script =
/usr/sbin/smbldap-groupmod -m "%u" "%g"
        delete user from group script =
/usr/sbin/smbldap-groupmod -x "%u" "%g"
        set primary group script =
/usr/sbin/smbldap-usermod -g "%g" "%u"
        add machine script = /usr/sbin/smbldap-useradd
-w "%u"
        logon script = logon.bat
        logon path =
        logon drive = H:
        logon home =
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        ldap suffix = dc=wbcoll,dc=edu
        ldap machine suffix =
ou=People,dc=wbcoll,dc=edu
        ldap user suffix = ou=Users,dc=wbcoll,dc=edu
        ldap group suffix = ou=Groups,dc=wbcoll,dc=edu
        ldap idmap suffix = dc=wbcoll,dc=edu
        ldap admin dn = cn=Manager,dc=wbcoll,dc=edu
        ldap passwd sync = Yes
        ldap delete dn = Yes
        printer admin = @print Operators
        create mask = 0640
        directory mask = 0750
        hosts allow = 192.168.1., 192.168.2., 127.
        printing = cups
        dont descend =
/proc,/dev,/etc,/lib,/lost+found,/initrd

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[netlogon]
        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        guest ok = Yes
        share modes = No

++++++++++++++++++++++++++++++++++++++++++++++++

once again,

Ambex







	
		
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/


More information about the samba mailing list