[Samba] samba 2.2.3a / openLDAP connection problem
Martin Wood
martin at ideaworks3d.com
Fri Mar 12 14:27:48 GMT 2004
This is my first attempt at using samba with ldap but i've hit a problem
which im trying to debug.
im following the OpenLDAP on Debian Woody guide from
http://aqua.subnet.at/~max/ldap/
and im at the stage where im trying to add users to the LDAP database
using smbpasswd
i've created a normal account for the user, but when i get to do :
# smbpasswd -D10 -a marvsmb
i get :
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=ideaworks3d,dc=com"
Bind failed: Can't contact LDAP server
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=ideaworks3d,dc=com"
Bind failed: Can't contact LDAP server
Failed to add entry for user marvsmb.
Failed to modify password entry for user marvsmb
---------------
now, i know that the ldap server is running (I can telnet to it, i can
log-in via ssh w/ ldap authentication)
what common problems should i be looking for?
what is a good way to debug this situation? (im running slapd in another
term window so i can see its debug output)
if it helps my smb.conf contains these ldap settings :
# ldap settings
ldap admin dn = cn=manager,dc=ideaworks3d,dc=com
ldap server = localhost
ldap suffix = ou=People,dc=ideaworks3d,dc=com
and my slapd.conf contains :
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/samba.schema
# other stuff here
access to attribute=userPassword,lmPassword,ntPassword
by dn="cn=manager,dc=ideaworks3d,dc=com" write
by anonymous auth
by * none
access to *
by dn="cn=manager,dc=ideaworks3d,dc=com" write
by dn="cn=nss,dc=ideaworks3d,dc=com" read
by * auth
sorry for the long mail but i thought it wise to include as much
relevant detail as possible (although my concept of relevant will no
doubt change :)
thanks,
Martin
More information about the samba
mailing list