[Samba] Re: Authenticateing DC's on an ldap backend... nobody knows
how?
Igor Belyi
sambauser at katehok.ac93.org
Wed Sep 29 23:39:25 GMT 2004
Jim C. wrote:
> Can you reccomend
> appropriate log levels for slapd/smbd? I've always had trouble with
> them which may explain a lot.
The easiest way with the logs is to do it step by step, increasing
volume of information on each step until you can say: "That's enough!"
With practice you'll get the feeling with what level to start next time.
So, first without any 'log level' check if there's any error messages in
the log. Since you are not able to login there's definitely at least
something there. Then, since you have trouble with calls to ldap I would
select 'log level=5' since this is the level smbldap_search prints its
arguments at, but feel free to try anything between 1-4 too - maybe your
intuition will guide you better with lesser volume of extra information.
Commenting out things which you've added is also good approach, but if
you ask me - I prefer gradual approach - first try something simple, see
if it works and them move on adding regular expressions all over the
place. It's much easier to see difference in your logic and in logic of
LDAP/Samba/or any other program on some simple things. If simple
statement like:
access to dn.subtree="dc=j9starr,dc=net"
by group="cnReplicator,ou=Group,dc=j9starr,dc=net"
by * read
doesn't work, adding regexp to it won't help to resolve this problem.
Did you check that it works without group with a simple 'by dn='?
Ok, sorry... I've got in a lecture mood. It's just too confusing to see
what exactly you do and what kind of problems you encounter.
Cheers,
Igor
More information about the samba
mailing list