[Samba] samba, nss and openldap

Mario Ohnewald mario.ohnewald at gmx.de
Mon Nov 29 23:52:07 GMT 2004 

Hello list!

I would like to setup up a PDC based on openldap.
I am running Debian Testing with Samba 3.0.7-Debian and OpenLDAP 2.1.30-3.
But i got stuck with one problem: I cant join a Domain if i haven`t 
added a unix machine$.

If i use:
  add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s 
/bin/false -M %u && /usr/sbin/smbldap-useradd -w "%u"
then i can join a domain without problems!



slapd.conf:
suffix     "dc=IDEALX,dc=ORG"
rootdn     "cn=Manager,dc=IDEALX,dc=ORG"


samba.conf:
; SAMBA-LDAP declarations
passdb backend = ldapsam:ldap://127.0.0.1
#ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=Manager,dc=IDEALX,dc=ORG
ldap suffix = dc=IDEALX,dc=ORG
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers

Error in log:
Nov 30 00:04:45 localhost smbd[955]: [2004/11/30 00:04:45, 0] 
auth/auth_sam.c:check_sam_security(306)
Nov 30 00:04:45 localhost smbd[955]:   check_sam_security: 
make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
Nov 30 00:04:45 localhost slapd[709]: bind: invalid dn 
("cn=Manager,dc=IDEALX,dc=ORG")
Nov 30 00:04:46 localhost slapd[709]: bind: invalid dn 
("cn=Manager,dc=IDEALX,dc=ORG")
Nov 30 00:04:46 localhost smbd[956]: [2004/11/30 00:04:46, 0] 
auth/auth_sam.c:check_sam_security(306)
Nov 30 00:04:46 localhost smbd[956]:   check_sam_security: 
make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
Nov 30 00:04:46 localhost slapd[715]: bind: invalid dn 
("cn=Manager,dc=IDEALX,dc=ORG")


# /etc/nsswitch.conf
passwd:         compat ldap
group:          compat ldap
shadow:         compat ldap
hosts:          files dns ldap
networks:       files ldap
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis



#/etc/libnss-ldap.conf
host 127.0.0.1
base dc=IDEALX,dc=ORG
ldap_version 3
bindpw mysecretpwd
rootbinddn "cn=Manager,dc=IDEALX,dc=ORG"
pam_password crypt



Does anybody know why my samba box does not find or add the machine$ to 
the openldap data base?



Please let me know if you need more infos/configs or logs.

Thanks a lot, Mario

More information about the samba mailing list