[Samba] "valid users" + ldap on Solaris 10 problems

Miki Monguilod mikim at salleURL.edu
Wed Dec 28 18:45:51 GMT 2005


Hi,

We are currently using Directory Server 5.2 but in a different machine. 
I've look for this error in /var/adm/messages and it doesn't appear.
On the other hand, I show you my config file (using 'testparm' command):
[global]
        unix charset = CP850
        workgroup = MYWORKGROUP
        server string = Servidor de disc Zeus3
        interfaces = 172.16.1.118/24, 172.16.1.86/24, 192.168.1.118/24
        security = SHARE
        passdb backend = ldapsam:ldap://ldap.mydomain.edu
        lanman auth = No
        client lanman auth = No
        client plaintext auth = No
        log level = 1
        log file = /var/log/samba/log.%m
        max log size = 50
        max xmit = 65535
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE 
SO_RCVBUF=8192 SO_SNDBUF=8192
        load printers = No
        os level = 33
        local master = No
        wins server = 172.16.1.158, 172.16.1.159, 130.206.42.238
        ldap admin dn = "uid=samba,ou=Directory 
Administrators,o=mydomain.edu"
        ldap group suffix = ou=Groups
        ldap machine suffix = ou=People
        ldap suffix = dc=EALS,dc=mydomain,dc=edu
        ldap user suffix = ou=People
        lock directory = /var/lock/samba
        default service = homes
        hosts allow = x.x.x., x.x.x., x., x.x., x.x.
        strict allocate = Yes
        include = /var/Share/smb.share.gc
        dont descend = /proc, /dev, /etc, /lib, /lost+found, /bin, 
/sbin, /usr

And this is the log results in with "log level = 1" (I think this is not 
good....) :

zeus3:/var/log/samba# cat log.172.16.1.187
[2005/12/28 19:37:44, 0] lib/fault.c:fault_report(36)
  ===============================================================
[2005/12/28 19:37:44, 0] lib/fault.c:fault_report(37)
  INTERNAL ERROR: Signal 10 in pid 11375 (3.0.21)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2005/12/28 19:37:44, 0] lib/fault.c:fault_report(39)
 
  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2005/12/28 19:37:44, 0] lib/fault.c:fault_report(40)
  ===============================================================
[2005/12/28 19:37:44, 0] lib/util.c:smb_panic2(1554)
  PANIC: internal error


Thanks for you answer.


Tom Crummey wrote:

> Hello,
>
> What LDAP server are you using and how does the Solaris box look up 
> accounts in it? There is a problem with the OpenLDAP and Solaris 
> client LDAP libraries co-existing. Do you get a message in syslog 
> (/var/adm/messages) along the lines of:
>
> Aug 19 14:44:42 spock smbd[1006]: [ID 293258 user.error] libsldap:
> Status: 7  Mesg: LDAP ERROR (-7): Bad search filter.
>
>
> Tom.
>
> ---------------------------------------------------------------------------- 
>
>  Tom Crummey, Systems and Network Manager,      EMAIL: tom at ee.ucl.ac.uk
>  Department of Electronic and Electrical Engineering,
>  University College London,                       TEL: +44 (0)20 7679 
> 3898
>  Torrington Place,                                FAX: +44 (0)20 7388 
> 9325
>  London, UK, WC1E 7JE.
> ---------------------------------------------------------------------------- 
>
>
> On Wed, 28 Dec 2005, Miki Monguilod wrote:
>
>> Hello,
>>
>> We have just migrated a server from sun solaris 8 to sun solaris 10. 
>> In the old machine we had a Samba 3.0.20b and in the new one, we have 
>> samba 3.0.21, both compiled like this with no problems:
>> env LD_FLAGS="-L/usr/local/lib" ./configure --with-ldapsam 
>> --without-pam --with-quotas --with-ldap --with-included-popt 
>> --with-acl-support --with-libsmbclient
>>
>> We share user's homes by default working correctly. All this works 
>> correctly in the old machine with Solaris 8, but in the new one with 
>> Solaris 10 the problem comes when we share something using "vaild 
>> users = @groupname" inside.
>>
>>
>> for example:
>>
>> [aelec]        comment = Area Electronica
>>       path = /mnt/grups/aelec        browseable = yes
>>       read only = no        force directory mode = 2770
>>       force group = aelec        directory mode = 2770
>>       create mode = 2770         valid users = @aelec The "aelec" 
>> group exist in ldap and is not empty. In windows, we can browse all 
>> shares, incluing "aelec" share, but if we want to connect using a 
>> valid user, windows shows us this message: The specified network name 
>> is no longer available. Also we tried this under linux (whith samba 
>> 3.0.14a) showing this problem:
>>
>> smbclient -v -U validuser //server.domain.edu/aelec
>> Password:
>> Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.0.21]
>> tree connect failed: Call returned zero bytes (EOF)
>>
>> We use the same config and shares files in the old and in the new 
>> machine. 'testparm' shows no errors except one because of the lengh 
>> of the name of a share (more than 12 characters).
>> Does anybody knows where could be the error? Is this a Samba error o 
>> probably a solaris error?
>>
>> Thanks in advance!
>>
>> PD: If you want logs, I can send logs in what debug level you want.
>>
>>
>>
>>
>> -- 
>> ============================================================================== 
>>
>> Utilitzeu el Servei Online d'Atencio a l'Usuari 
>> (http://www.salleURL.edu/csi)
>>
>> ------------------------------------------------------------------------------ 
>>
>> Nom: Miki                 Cognoms: Monguilod Serena
>> Centre de Serveis Informatics (CSI)        e-mail:mikim at salleURL.edu
>> Enginyeria i Arquitectura La Salle        PGP KeyID: 0xBBF686E1
>> Universitat Ramon Llull            Telefon: 93 290 24 00
>> Barcelona                Extensio: 209
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>
>
>


-- 
==============================================================================
 Utilitzeu el Servei Online d'Atencio a l'Usuari (http://www.salleURL.edu/csi)
 ------------------------------------------------------------------------------
  Nom: Miki 				Cognoms: Monguilod Serena
  Centre de Serveis Informatics (CSI)		e-mail:mikim at salleURL.edu
  Enginyeria i Arquitectura La Salle		PGP KeyID: 0xBBF686E1
  Universitat Ramon Llull			Telefon: 93 290 24 00
  Barcelona				Extensio: 209



More information about the samba mailing list