RE [Samba] Problems with OpenLDAP 2.2.20/Samba
3.0.10 and smbpasswd
Harry Rüter
harry_rueter at gmx.de
Tue Jan 11 16:06:16 GMT 2005
Hi again,
you say, i cannot compile with --with-ldap and --with-ldapsam.
Can you tell me why ?
Which one should i use, my intention is to
store all the secrets and attributs samba needs
in an openldap-Server ... ?
Greets Harry
spu at corman.be schrieb:
>
>
>
>
> You cannot compile with --with-ldap and --with-ldapsam both.
>
>
> -----------------------------------
> Stéphane PURNELLE stephane.purnelle at corman.be
> Service Informatique Corman S.A. Tel : 00 32 087/342467
>
> samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
> 11/01/2005 16:52:21 :
>
>
>>Hi,
>>
>>i compiled with the following little script :
>>---snipp--
>>#!/bin/sh
>>#
>># configure & make template-script
>>#
>># generated 2005.01.07 13:09,33 by make-mk
>>#
>># (c) H. Rueter 01/2005
>>#
>>CPPFLAGS="-I /usr/local/bdb-4.3/include
>>LDFLAGS="-L /usr/local/bdb-4.3/lib
>>PATH=/usr/local/heimdal/bin:$PATH
>>
>>LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"
>>
>>export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH
>>
>>make clean
>>
>>./configure \
>>--prefix=/usr/local/samba-3.0.10 \
>>--mandir=/usr/man \
>>--enable-static=yes \
>>--enable-shared=yes \
>>--enable-cups \
>>--with-smbwrapper \
>>--with-ldap \
>>--with-ads \
>>--with-krb5=/usr/local/heimdal \
>>--with-automount \
>>--with-smbmount \
>>--with-pam \
>>--with-pam_smbpass \
>>--with-ldapsam \
>>--with-syslog \
>>--with-profiling-data \
>>--with-quotas \
>>--with-sys-quotas \
>>--with-utmp \
>>--with-manpages-langs={en} \
>>--with-libsmbclient \
>>--with-acl-support \
>>--with-sendfile-support \
>>--with-winbind \
>>--with-included-popt \
>>&& make && make install
>>---snipp--
>>
>>So compiled in both options , is this a mistake ?
>>
>>greets Harry
>>
>>spu at corman.be schrieb:
>>
>>>
>>>
>>>Hi,
>>>
>>>have compiled with --with-ldap or --with-ldapsam ?
>>>
>>>If --with-ldap, you must delete these lines :
>>>ldap server = 486dx66.hrnet.de
>>>ldap port = 1389
>>>
>>>
>>>
>>>
>>>-----------------------------------
>>>Stéphane PURNELLE stephane.purnelle at corman.be
>>>Service Informatique Corman S.A. Tel : 00 32 087/342467
>>>
>>>samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
>>>11/01/2005 16:33:31 :
>>>
>>>
>>>
>>>>Hi everybody,
>>>>
>>>>i'm having serious problems with the configuration
>>>>of samba 3.0.10.
>>>>
>>>>First my setup :
>>>>
>>>>samba-3.0.10 built from source
>>>>openldap-2.2.20 built from source
>>>>OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
>>>>
>>>>My problem :
>>>>------------
>>>>
>>>>I'm trying to use smbpasswd like the following :
>>>>
>>>>---snipp---
>>>>[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
>>>>Netbios name list:-
>>>>my_netbios_names[0]="486DX66"
>>>>Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
>>>>Attempting to register passdb backend ldapsam
>>>>Successfully added passdb backend 'ldapsam'
>>>>Attempting to register passdb backend ldapsam_compat
>>>>Successfully added passdb backend 'ldapsam_compat'
>>>>Attempting to register passdb backend smbpasswd
>>>>Successfully added passdb backend 'smbpasswd'
>>>>Attempting to register passdb backend tdbsam
>>>>Successfully added passdb backend 'tdbsam'
>>>>Attempting to register passdb backend guest
>>>>Successfully added passdb backend 'guest'
>>>>Attempting to find an passdb backend to match
>>>>
>>>>---snipp---
>>>>
>>>>Everything seems to be okay,
>>>>but the following lines are the important ones ...
>>>>
>>>>---snipp---
>>>>ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
>>>>Found pdb backend ldapsam
>>>>Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
>>>>smbldap_search: base => [dc=hrnet,dc=de], filter =>
>>>>[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
>>>>smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
>>>>smbldap_open_connection: connection opened
>>>>fetch_ldap_pw: neither ldap secret retrieved!
>>>>ldap_connect_system: Failed to retrieve password from secrets.tdb
>>>>Connection to LDAP server failed for the 1 try!
>>>>---snipp---
>>>>
>>>>And so on. So, it is said, there's a connection opened to
>>>>ldap://486dx66.hrnet.de:1389/
>>>>but it isn't as the logs auf openldap show (there's no entry which
>
> shows
>
>>>>any connection from smbpasswd to LDAP-Server, believe me, i can't show
>>>>you anything,although loglevel is set to -1, which means that
>>>>everything would/will be logged)
>>>>
>>>>So one could think, there's simple a problem with OpenLDAP,
>>>>so let's try a similar search :
>>>>
>>>>---snipp---
>>>>[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
>>>>ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
>>>>'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
>>>># extended LDIF
>>>>#
>>>># LDAPv3
>>>># base <dc=hrnet,dc=de> with scope sub
>>>># filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
>>>># requesting: ALL
>>>>#
>>>>
>>>># HRDOMAIN, hrnet.de
>>>>dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
>>>>sambaNextUserRid: 41000
>>>>sambaSID: S-1-5-21-2344209003-2394295749-876522236
>>>>objectClass: sambaDomain
>>>>sambaAlgorithmicRidBase: 1000
>>>>sambaDomainName: HRDOMAIN
>>>>
>>>># search result
>>>>search: 2
>>>>result: 0 Success
>>>>
>>>># numResponses: 2
>>>># numEntries: 1
>>>>[PTS2] root at 486dx66:/usr/local/samba3 #
>>>>
>>>>---snipp---
>>>>
>>>>So OpenLDAP works , i can see it in the logs too ....
>>>>(too much to show, so you must believe me ;o)
>>>>
>>>>Now my question :
>>>>
>>>>Does anybody see, where the problem comes from,
>>>>is there a mistake in my smb.conf or does anyone
>>>>have hints/solutions ?
>>>>
>>>>I tried with ssl=on,ssl=off,ssl = start tls,
>>>>but this didn't change anything.
>>>>It must be a samba problem as all tools i tried are working
>>>>well with Openldap (did mostly try a search to test ..)
>>>>
>>>>
>>>>Here is my smb.conf (only the globals) :
>>>>
>>>>---snipp---
>>>>[global]
>>>> netbios name = 486DX66
>>>> workgroup = HRDOMAIN
>>>> domain logons = Yes
>>>> domain master = Yes
>>>> security = User
>>>>
>>>> server string = Samba-PDC %v on %h
>>>>
>>>> passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
>>>>
>>>> ldap server = 486dx66.hrnet.de
>>>> ldap suffix = "dc=hrnet,dc=de"
>>>> ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
>>>> ldap port = 1389
>>>> ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de"
>>>> ldap ssl = off
>>>> ldap user suffix = ou=users
>>>> ldap group suffix = ou=groups
>>>> ldap machine suffix = ou=machines
>>>>
>>>> encrypt passwords = yes
>>>> time server = Yes
>>>>
>>>> kernel oplocks = no
>>>> short preserve case = yes
>>>> wins support = no
>>>> case sensitive = no
>>>> max log size = 1000
>>>>
>>>> lock dir = /var/lock/samba
>>>> log file = /var/log/samba-%m.log
>>>> load printers = yes
>>>> logon drive = v:
>>>> os level = 255
>>>> create mask = 0661
>>>> logon home = \\%N\%u\.profiles
>>>> printing = cups
>>>> printcap = cups
>>>>
>>>>
>>>>---snipp---
>>>>
>>>>So, i would be very thankfull if someone
>>>>could give me a hint ...
>>>>
>>>>If mor informations/logs/traces are needed tell
>>>>me, i will send them ..
>>>>
>>>>grets Harry
>>>>--
>>>>To unsubscribe from this list go to the following URL and read the
>>>>instructions: https://lists.samba.org/mailman/listinfo/samba
>>>
>>>
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions: https://lists.samba.org/mailman/listinfo/samba
>
>
More information about the samba
mailing list