[Samba] Protocol negotation failed
Misty Stanley-Jones
misty at borkholder.com
Wed Sep 22 22:12:41 GMT 2004
Hi all,
I've compiled 3.0.7 on a test box which also has an LDAP server running on it.
This is the first time for me trying to use Samba with LDAP. I copied the
IdealX scripts into /usr/local/sbin and edited the _config.pm file. It is
attached at the bottom, stripped of comments. I then edited my smb.conf to
the effect of the following:
passdb backend = ldapsam:ldap://localhost
ldap suffix = dc=mydomain,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager
ldap ssl = no
ldap passwd sync = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
I then did smbpasswd -w (insert cn=Manager password for LDAP)
smbd and nmbd started up just fine. Here is when I run into problems:
oink:/usr/local/samba/lib # smbclient -L oink
protocol negotiation failed
Same result if I use 'localhost' or reference it by IP. If you can tell me
what I have missed it would be greatly appreciated. I have been following
the HOWTO step-by-step and I'm not sure what I missed.
Thanks,
Misty
smbldap_conf.pm:
use strict;
package smbldap_conf;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS
$UID_START $GID_START $smbpasswd $slaveLDAP
$masterLDAP
$slavePort $masterPort $ldapSSL $slaveURI $masterURI
$with_smbpasswd $mk_ntpasswd
$ldap_path $ldap_opts $ldapmodify $suffix $usersdn
$computersdn
$groupsdn $scope $binddn $bindpasswd
$slaveDN $slavePw $masterDN $masterPw
$_userLoginShell $_userHomePrefix $_userGecos
$_defaultUserGid $_defaultComputerGid
$_skeletonDir $_userSmbHome
$_userProfile $_userHomeDrive
$_userScript $usersou $computersou $groupsou $SID
$hash_encrypt $_defaultMaxPasswordAge
);
use Exporter;
$VERSION = 1.00;
@ISA = qw(Exporter);
@EXPORT = qw(
$UID_START $GID_START $smbpasswd $slaveLDAP
$masterLDAP
$slavePort $masterPort $ldapSSL $slaveURI $masterURI
$with_smbpasswd $mk_ntpasswd
$ldap_path $ldap_opts $ldapmodify $suffix $usersdn
$computersdn $groupsdn $scope $binddn $bindpasswd
$slaveDN $slavePw $masterDN $masterPw
$_userLoginShell $_userHomePrefix $_userGecos
$_defaultUserGid $_defaultComputerGid $_skeletonDir
$_userSmbHome $_userProfile $_userHomeDrive
$_userScript
$usersou $computersou $groupsou $SID $hash_encrypt
$_defaultMaxPasswordAge
);
$UID_START = 1000;
$GID_START = 1000;
$SID='S-1-5-21-725326080-1709766072-2910717368';
$slaveLDAP = "127.0.0.1";
$slavePort = "389";
$masterLDAP = "127.0.0.1";
$masterPort = "389";
$ldapSSL = "0";
$suffix = "dc=mydomain,dc=com";
$usersou = q(_USERS_);
$usersdn = "ou=People,$suffix";
$computersou = q(_COMPUTERS_);
$computersdn = "ou=$computersou,$suffix";
$groupsou = q(_GROUPS_);
$groupsdn = "ou=$groupsou,$suffix";
$scope = "sub";
$hash_encrypt="SSHA";
$binddn = "cn=Manager,$suffix";
$bindpasswd = 'some_unencrypted_password';
$slaveDN = $binddn;
$slavePw = $bindpasswd;
$masterDN = $binddn;
$masterPw = $bindpasswd;
$_userLoginShell = q(/bin/false);
$_userHomePrefix = q(/data/samba/home/);
$_userGecos = q(System User);
$_defaultUserGid = 513;
$_defaultComputerGid = 553;
$_skeletonDir = q(/etc/skel);
$_defaultMaxPasswordAge = 90;
$_userSmbHome = q(\\\\_PDCNAME_\\homes);
$_userProfile = q(\\\\_PDCNAME_\\profiles\\);
$_userHomeDrive = q(H:);
$with_smbpasswd = 0;
$smbpasswd = "/usr/local/samba/bin/smbpasswd";
$mk_ntpasswd = "/usr/local/sbin/mkntpwd";
$slaveURI = "ldap://$slaveLDAP:$slavePort";
$masterURI = "ldap://$masterLDAP:$masterPort";
$ldap_path = "/usr/bin";
if ( $ldapSSL eq "0" ) {
$ldap_opts = "-x";
} elsif ( $ldapSSL eq "1" ) {
$ldap_opts = "-x -Z";
} else {
die "ldapSSL option must be either 0 or 1.\n";
}
$ldapmodify = "$ldap_path/ldapmodify $ldap_opts -H $masterURI -D '$masterDN'
-w '$masterPw'";
1;
More information about the samba
mailing list