[Samba] Re: pam_ldap for unix accounts, smbpassword for samba?
John H Terpstra
jht at PrimaStasys.Com
Thu Oct 28 21:31:55 GMT 2004
On Thursday 28 October 2004 12:47, Misty Stanley-Jones wrote:
> On Thursday 28 October 2004 13:13, Igor Belyi wrote:
> > Can you list shares as a guest - without -U option and with empty
> > password? Does your Samba listen on 'lo' interface?
>
> I can list shares as anyone who is a normal UNIX user. As soon as I
> comment them out of /etc/passwd so they are visible only from LDAP,
> smbpasswd complains. I found the log message. It's in <pdcname>.log, not
> smbd.log like I would expect:
>
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
> build_sam_account: smbpasswd database is corrupt! username misty with
> uid 533 is not
> in unix passwd database!
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
> build_sam_account: smbpasswd database is corrupt! username w2kbrandon$
> with uid 535
> is not in unix passwd database!
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
> build_sam_account: smbpasswd database is corrupt! username xpcarl$ with
> uid 537 is n
> ot in unix passwd database!
>
> But it's not corrupt. I don't know how to rebuild it without losing all
> kinds of stuff, I don't know what is wrong. :(
Misty,
Looks like your nss_ldap is not configured correctly. Can you list users using
the following?: getent passwd
- John T.
>
> > Igor
> >
> > Misty Stanley-Jones wrote:
> > > On Thursday 28 October 2004 11:33, Igor Belyi wrote:
> > >>What error do you see in smbd log? Did you try to add "-W <domain
> > >> name>" to smbclient command?
> > >
> > > This is the error message:
> > > [2004/10/28 10:39:13, 0] lib/util_sock.c:get_peer_addr(1000)
> > > getpeername failed. Error was Transport endpoint is not connected
> > >
> > > Same behavior with or without the -W parameter. This is a completely
> > > different Samba server than the other one I have been setting up. This
> > > one is Samba 3.0.6, not sure if it matters.
> > >
> > > Misty
> > >
> > >>Igor
> > >>
> > >>Misty Stanley-Jones wrote:
> > >>>Is this setup possible? I am converting an old server to look on LDAP
> > >>>for its UNIX account info. I am able to auth in every way with a
> > >>>LDAP-only user (login, telnet, ssh, su). However, after adding the
> > >>> user with smbpasswd -a, the password doesn't work:
> > >>>
> > >>>[root at furnsrv log]# smbpasswd -a testuser
> > >>>New SMB password:
> > >>>Retype new SMB password:
> > >>>Added user testuser.
> > >>>[root at furnsrv log]# smbclient -L furnsrv -U testuser
> > >>>Password:
> > >>>session setup failed: NT_STATUS_LOGON_FAILURE
> > >>>[root at furnsrv log]# su testuser
> > >>>Password:
> > >>>sh-2.05b$
> > >>>
> > >>>Any help with this would be appreciated. I'm not ready to move the
> > >>> SAMBA side of things over to LDAP just yet.
> > >>>
> > >>>Thanks,
> > >>>Misty
--
John H Terpstra, CTO
PrimaStasys Inc.
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba
mailing list