[Samba] Srvtools causes smbldap_open: cannot access LDAP when not root

Tony Earnshaw tonye at billy.demon.nl
Mon Feb 28 13:41:06 GMT 2005


Doug Campbell:

[...]

>>> smbldap_open: cannot access LDAP when not root...

[...]

>> As which user (Unix) is slapd (presume this is OpenLDAP)running?
>> Do you have an 'ldap admin dn' entry in smb.conf with rights to all LDAP
>>  ACLs?
>>
>>
>> I.e., I don't have this problem with Samba 3.0.11/OL 2.2.17-23 and
>> didn't with 3.0.7, either.
>
> My smb.conf file does have the ldap admin dn entry.  The relevant section
> of my smb.conf file is as follows:

[...]

Again, as which Unix user is slapd running? Who is the owner of your DB
files, config files, etc.? What are the permissions on them? Have you
certificates (i.e. the CA cert) or anything that smbd has to try to read
that can only be read by root? Is "cn=Manager,dc=swro,dc=local" a proxy
user in your DIT, or the rootdn user in slapd.conf (it's better to make a
proxy user in the DIT and comment out the rootdn). Can a normal user run
ldapsearch, for example, without being root?Etc. ;)


--Tonni

--
mail: tonye at billy.demon.nl
http://www.billy.demon.nl



More information about the samba mailing list