[Samba] Re: pam_ldap for unix accounts, smbpassword for samba?

John H Terpstra jht at PrimaStasys.Com
Thu Oct 28 21:31:55 GMT 2004


On Thursday 28 October 2004 12:47, Misty Stanley-Jones wrote:
> On Thursday 28 October 2004 13:13, Igor Belyi wrote:
> > Can you list shares as a guest - without -U option and with empty
> > password? Does your Samba listen on 'lo' interface?
>
> I can list shares as anyone who is a normal UNIX user.  As soon as I
> comment them out of /etc/passwd so they are visible only from LDAP,
> smbpasswd complains.  I found the log message.  It's in <pdcname>.log, not
> smbd.log like I would expect:
>
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
>   build_sam_account: smbpasswd database is corrupt!  username misty with
> uid 533 is not
>  in unix passwd database!
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
>   build_sam_account: smbpasswd database is corrupt!  username w2kbrandon$
> with uid 535
> is not in unix passwd database!
> [2004/10/28 11:35:55, 0] passdb/pdb_smbpasswd.c:build_sam_account(1183)
>   build_sam_account: smbpasswd database is corrupt!  username xpcarl$ with
> uid 537 is n
> ot in unix passwd database!
>
> But it's not corrupt.  I don't know how to rebuild it without losing all
> kinds of stuff, I don't know what is wrong.  :(

Misty,

Looks like your nss_ldap is not configured correctly. Can you list users using 
the following?: getent passwd  

- John T.

>
> > Igor
> >
> > Misty Stanley-Jones wrote:
> > > On Thursday 28 October 2004 11:33, Igor Belyi wrote:
> > >>What error do you see in smbd log? Did you try to add "-W <domain
> > >> name>" to  smbclient command?
> > >
> > > This is the error message:
> > > [2004/10/28 10:39:13, 0] lib/util_sock.c:get_peer_addr(1000)
> > >   getpeername failed. Error was Transport endpoint is not connected
> > >
> > > Same behavior with or without the -W parameter.  This is a completely
> > > different Samba server than the other one I have been setting up.  This
> > > one is Samba 3.0.6, not sure if it matters.
> > >
> > > Misty
> > >
> > >>Igor
> > >>
> > >>Misty Stanley-Jones wrote:
> > >>>Is this setup possible?  I am converting an old server to look on LDAP
> > >>>for its UNIX account info.  I am able to auth in every way with a
> > >>>LDAP-only user (login, telnet, ssh, su).  However, after adding the
> > >>> user with smbpasswd -a, the password doesn't work:
> > >>>
> > >>>[root at furnsrv log]# smbpasswd -a testuser
> > >>>New SMB password:
> > >>>Retype new SMB password:
> > >>>Added user testuser.
> > >>>[root at furnsrv log]# smbclient -L furnsrv -U testuser
> > >>>Password:
> > >>>session setup failed: NT_STATUS_LOGON_FAILURE
> > >>>[root at furnsrv log]# su testuser
> > >>>Password:
> > >>>sh-2.05b$
> > >>>
> > >>>Any help with this would be appreciated.  I'm not ready to move the
> > >>> SAMBA side of things over to LDAP just yet.
> > >>>
> > >>>Thanks,
> > >>>Misty

-- 
John H Terpstra, CTO
PrimaStasys Inc.
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.


More information about the samba mailing list