RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
spu at corman.be
spu at corman.be
Tue Jan 11 15:36:26 GMT 2005
Hi,
have compiled with --with-ldap or --with-ldapsam ?
If --with-ldap, you must delete these lines :
ldap server = 486dx66.hrnet.de
ldap port = 1389
-----------------------------------
Stéphane PURNELLE stephane.purnelle at corman.be
Service Informatique Corman S.A. Tel : 00 32 087/342467
samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
11/01/2005 16:33:31 :
> Hi everybody,
>
> i'm having serious problems with the configuration
> of samba 3.0.10.
>
> First my setup :
>
> samba-3.0.10 built from source
> openldap-2.2.20 built from source
> OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
>
> My problem :
> ------------
>
> I'm trying to use smbpasswd like the following :
>
> ---snipp---
> [PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
> Netbios name list:-
> my_netbios_names[0]="486DX66"
> Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match
>
> ---snipp---
>
> Everything seems to be okay,
> but the following lines are the important ones ...
>
> ---snipp---
> ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
> Found pdb backend ldapsam
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
> smbldap_search: base => [dc=hrnet,dc=de], filter =>
> [(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
> smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
> smbldap_open_connection: connection opened
> fetch_ldap_pw: neither ldap secret retrieved!
> ldap_connect_system: Failed to retrieve password from secrets.tdb
> Connection to LDAP server failed for the 1 try!
> ---snipp---
>
> And so on. So, it is said, there's a connection opened to
> ldap://486dx66.hrnet.de:1389/
> but it isn't as the logs auf openldap show (there's no entry which shows
> any connection from smbpasswd to LDAP-Server, believe me, i can't show
> you anything,although loglevel is set to -1, which means that
> everything would/will be logged)
>
> So one could think, there's simple a problem with OpenLDAP,
> so let's try a similar search :
>
> ---snipp---
> [PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
> ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
> '(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
> # extended LDIF
> #
> # LDAPv3
> # base <dc=hrnet,dc=de> with scope sub
> # filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
> # requesting: ALL
> #
>
> # HRDOMAIN, hrnet.de
> dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
> sambaNextUserRid: 41000
> sambaSID: S-1-5-21-2344209003-2394295749-876522236
> objectClass: sambaDomain
> sambaAlgorithmicRidBase: 1000
> sambaDomainName: HRDOMAIN
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> [PTS2] root at 486dx66:/usr/local/samba3 #
>
> ---snipp---
>
> So OpenLDAP works , i can see it in the logs too ....
> (too much to show, so you must believe me ;o)
>
> Now my question :
>
> Does anybody see, where the problem comes from,
> is there a mistake in my smb.conf or does anyone
> have hints/solutions ?
>
> I tried with ssl=on,ssl=off,ssl = start tls,
> but this didn't change anything.
> It must be a samba problem as all tools i tried are working
> well with Openldap (did mostly try a search to test ..)
>
>
> Here is my smb.conf (only the globals) :
>
> ---snipp---
> [global]
> netbios name = 486DX66
> workgroup = HRDOMAIN
> domain logons = Yes
> domain master = Yes
> security = User
>
> server string = Samba-PDC %v on %h
>
> passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
>
> ldap server = 486dx66.hrnet.de
> ldap suffix = "dc=hrnet,dc=de"
> ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
> ldap port = 1389
> ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de"
> ldap ssl = off
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap machine suffix = ou=machines
>
> encrypt passwords = yes
> time server = Yes
>
> kernel oplocks = no
> short preserve case = yes
> wins support = no
> case sensitive = no
> max log size = 1000
>
> lock dir = /var/lock/samba
> log file = /var/log/samba-%m.log
> load printers = yes
> logon drive = v:
> os level = 255
> create mask = 0661
> logon home = \\%N\%u\.profiles
> printing = cups
> printcap = cups
>
>
> ---snipp---
>
> So, i would be very thankfull if someone
> could give me a hint ...
>
> If mor informations/logs/traces are needed tell
> me, i will send them ..
>
> grets Harry
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list