RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd

Harry Rüter harry_rueter at gmx.de
Tue Jan 11 15:52:21 GMT 2005 

Hi,

i compiled with the following little script :
---snipp--
#!/bin/sh
#
# configure & make template-script
#
# generated 2005.01.07 13:09,33 by make-mk
#
# (c) H. Rueter 01/2005
#
CPPFLAGS="-I /usr/local/bdb-4.3/include
LDFLAGS="-L /usr/local/bdb-4.3/lib
PATH=/usr/local/heimdal/bin:$PATH

LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"

export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH

make clean

./configure \
--prefix=/usr/local/samba-3.0.10 \
--mandir=/usr/man \
--enable-static=yes \
--enable-shared=yes \
--enable-cups \
--with-smbwrapper \
--with-ldap \
--with-ads \
--with-krb5=/usr/local/heimdal \
--with-automount \
--with-smbmount \
--with-pam \
--with-pam_smbpass \
--with-ldapsam \
--with-syslog \
--with-profiling-data \
--with-quotas \
--with-sys-quotas \
--with-utmp \
--with-manpages-langs={en} \
--with-libsmbclient \
--with-acl-support \
--with-sendfile-support \
--with-winbind \
--with-included-popt \
&& make && make install
---snipp--

So compiled in both options , is this a mistake ?

greets Harry

spu at corman.be schrieb:
> 
> 
> 
> Hi,
> 
> have compiled with --with-ldap or --with-ldapsam ?
> 
> If --with-ldap, you must delete these lines :
> ldap server = 486dx66.hrnet.de
> ldap port = 1389
> 
> 
> 
> 
> -----------------------------------
> Stéphane PURNELLE                         stephane.purnelle at corman.be
> Service Informatique       Corman S.A.           Tel : 00 32 087/342467
> 
> samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
> 11/01/2005 16:33:31 :
> 
> 
>>Hi everybody,
>>
>>i'm having serious problems with the configuration
>>of samba 3.0.10.
>>
>>First my setup :
>>
>>samba-3.0.10 built from source
>>openldap-2.2.20 built from source
>>OS  : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
>>
>>My problem :
>>------------
>>
>>I'm trying to use smbpasswd like the following :
>>
>>---snipp---
>>[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
>>Netbios name list:-
>>my_netbios_names[0]="486DX66"
>>Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
>>Attempting to register passdb backend ldapsam
>>Successfully added passdb backend 'ldapsam'
>>Attempting to register passdb backend ldapsam_compat
>>Successfully added passdb backend 'ldapsam_compat'
>>Attempting to register passdb backend smbpasswd
>>Successfully added passdb backend 'smbpasswd'
>>Attempting to register passdb backend tdbsam
>>Successfully added passdb backend 'tdbsam'
>>Attempting to register passdb backend guest
>>Successfully added passdb backend 'guest'
>>Attempting to find an passdb backend to match
>>
>>---snipp---
>>
>>Everything seems to be okay,
>>but the following lines are the important ones ...
>>
>>---snipp---
>>ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
>>Found pdb backend ldapsam
>>Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
>>smbldap_search: base => [dc=hrnet,dc=de], filter =>
>>[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
>>smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
>>smbldap_open_connection: connection opened
>>fetch_ldap_pw: neither ldap secret retrieved!
>>ldap_connect_system: Failed to retrieve password from secrets.tdb
>>Connection to LDAP server failed for the 1 try!
>>---snipp---
>>
>>And so on. So, it is said, there's a connection opened to
>>ldap://486dx66.hrnet.de:1389/
>>but it isn't as the logs auf openldap show (there's no entry which shows
>>any connection from smbpasswd to LDAP-Server, believe me, i can't show
>>you anything,although loglevel is set to -1, which means that
>>everything would/will be logged)
>>
>>So one could think, there's simple a problem with OpenLDAP,
>>so let's try a similar search :
>>
>>---snipp---
>>[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
>>ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
>>'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
>># extended LDIF
>>#
>># LDAPv3
>># base <dc=hrnet,dc=de> with scope sub
>># filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
>># requesting: ALL
>>#
>>
>># HRDOMAIN, hrnet.de
>>dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
>>sambaNextUserRid: 41000
>>sambaSID: S-1-5-21-2344209003-2394295749-876522236
>>objectClass: sambaDomain
>>sambaAlgorithmicRidBase: 1000
>>sambaDomainName: HRDOMAIN
>>
>># search result
>>search: 2
>>result: 0 Success
>>
>># numResponses: 2
>># numEntries: 1
>>[PTS2] root at 486dx66:/usr/local/samba3 #
>>
>>---snipp---
>>
>>So OpenLDAP works , i can see it in the logs too ....
>>(too much to show, so you must believe me ;o)
>>
>>Now my question :
>>
>>Does anybody see, where the problem comes from,
>>is there a mistake in my smb.conf or does anyone
>>have hints/solutions ?
>>
>>I tried with ssl=on,ssl=off,ssl = start tls,
>>but this didn't change anything.
>>It must be a samba problem as all tools i tried are working
>>well with Openldap (did mostly try a search to test ..)
>>
>>
>>Here is my smb.conf (only the globals) :
>>
>>---snipp---
>>[global]
>>         netbios name = 486DX66
>>         workgroup = HRDOMAIN
>>         domain logons = Yes
>>         domain master = Yes
>>         security = User
>>
>>         server string = Samba-PDC %v on %h
>>
>>         passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
>>
>>         ldap server = 486dx66.hrnet.de
>>         ldap suffix = "dc=hrnet,dc=de"
>>         ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
>>         ldap port = 1389
>>         ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de"
>>         ldap ssl = off
>>         ldap user suffix = ou=users
>>         ldap group suffix = ou=groups
>>         ldap machine suffix = ou=machines
>>
>>         encrypt passwords = yes
>>         time server = Yes
>>
>>         kernel oplocks = no
>>         short preserve case = yes
>>         wins support = no
>>         case sensitive = no
>>         max log size = 1000
>>
>>         lock dir = /var/lock/samba
>>         log file = /var/log/samba-%m.log
>>         load printers = yes
>>         logon drive = v:
>>         os level = 255
>>         create mask = 0661
>>         logon home = \\%N\%u\.profiles
>>         printing = cups
>>         printcap = cups
>>
>>
>>---snipp---
>>
>>So, i would be very thankfull if someone
>>could give me a hint ...
>>
>>If mor informations/logs/traces are needed tell
>>me, i will send them ..
>>
>>grets Harry
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions:  https://lists.samba.org/mailman/listinfo/samba
> 
>

More information about the samba mailing list