RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd

spu at corman.be spu at corman.be
Tue Jan 11 15:36:26 GMT 2005 




Hi,

have compiled with --with-ldap or --with-ldapsam ?

If --with-ldap, you must delete these lines :
ldap server = 486dx66.hrnet.de
ldap port = 1389




-----------------------------------
Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467

samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
11/01/2005 16:33:31 :

> Hi everybody,
>
> i'm having serious problems with the configuration
> of samba 3.0.10.
>
> First my setup :
>
> samba-3.0.10 built from source
> openldap-2.2.20 built from source
> OS  : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
>
> My problem :
> ------------
>
> I'm trying to use smbpasswd like the following :
>
> ---snipp---
> [PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
> Netbios name list:-
> my_netbios_names[0]="486DX66"
> Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match
>
> ---snipp---
>
> Everything seems to be okay,
> but the following lines are the important ones ...
>
> ---snipp---
> ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
> Found pdb backend ldapsam
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
> smbldap_search: base => [dc=hrnet,dc=de], filter =>
> [(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
> smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
> smbldap_open_connection: connection opened
> fetch_ldap_pw: neither ldap secret retrieved!
> ldap_connect_system: Failed to retrieve password from secrets.tdb
> Connection to LDAP server failed for the 1 try!
> ---snipp---
>
> And so on. So, it is said, there's a connection opened to
> ldap://486dx66.hrnet.de:1389/
> but it isn't as the logs auf openldap show (there's no entry which shows
> any connection from smbpasswd to LDAP-Server, believe me, i can't show
> you anything,although loglevel is set to -1, which means that
> everything would/will be logged)
>
> So one could think, there's simple a problem with OpenLDAP,
> so let's try a similar search :
>
> ---snipp---
> [PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
> ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
> '(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
> # extended LDIF
> #
> # LDAPv3
> # base <dc=hrnet,dc=de> with scope sub
> # filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
> # requesting: ALL
> #
>
> # HRDOMAIN, hrnet.de
> dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
> sambaNextUserRid: 41000
> sambaSID: S-1-5-21-2344209003-2394295749-876522236
> objectClass: sambaDomain
> sambaAlgorithmicRidBase: 1000
> sambaDomainName: HRDOMAIN
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> [PTS2] root at 486dx66:/usr/local/samba3 #
>
> ---snipp---
>
> So OpenLDAP works , i can see it in the logs too ....
> (too much to show, so you must believe me ;o)
>
> Now my question :
>
> Does anybody see, where the problem comes from,
> is there a mistake in my smb.conf or does anyone
> have hints/solutions ?
>
> I tried with ssl=on,ssl=off,ssl = start tls,
> but this didn't change anything.
> It must be a samba problem as all tools i tried are working
> well with Openldap (did mostly try a search to test ..)
>
>
> Here is my smb.conf (only the globals) :
>
> ---snipp---
> [global]
>          netbios name = 486DX66
>          workgroup = HRDOMAIN
>          domain logons = Yes
>          domain master = Yes
>          security = User
>
>          server string = Samba-PDC %v on %h
>
>          passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
>
>          ldap server = 486dx66.hrnet.de
>          ldap suffix = "dc=hrnet,dc=de"
>          ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
>          ldap port = 1389
>          ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de"
>          ldap ssl = off
>          ldap user suffix = ou=users
>          ldap group suffix = ou=groups
>          ldap machine suffix = ou=machines
>
>          encrypt passwords = yes
>          time server = Yes
>
>          kernel oplocks = no
>          short preserve case = yes
>          wins support = no
>          case sensitive = no
>          max log size = 1000
>
>          lock dir = /var/lock/samba
>          log file = /var/log/samba-%m.log
>          load printers = yes
>          logon drive = v:
>          os level = 255
>          create mask = 0661
>          logon home = \\%N\%u\.profiles
>          printing = cups
>          printcap = cups
>
>
> ---snipp---
>
> So, i would be very thankfull if someone
> could give me a hint ...
>
> If mor informations/logs/traces are needed tell
> me, i will send them ..
>
> grets Harry
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list