Antwort: [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd

Mathias.Wohlfarth at mw-eb.de Mathias.Wohlfarth at mw-eb.de
Tue Jan 11 16:44:40 GMT 2005 

Did you set the password for your ldapadmin. (smbpasswd -w <password>).

The error message is
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!

Seems you forgot this.
regards MW

Mathias Wohlfarth EDV-Beratung
Thomas-Mann-Str.1
53111 Bonn
Tel.    0172 / 53 45 591
        01801 / 777 555 33 01
Fax     0228 / 9469181
Email   mathias.wohlfarth at mw-eb.de




Harry Rüter <harry_rueter at gmx.de>
Gesendet von: samba-bounces+mathias.wohlfarth=mw-eb.de at lists.samba.org
11.01.2005 16:33
Bitte antworten an harry_rueter
 
        An:     samba at lists.samba.org
        Kopie: 
        Thema:  [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and 
smbpasswd


Hi everybody,

i'm having serious problems with the configuration
of samba 3.0.10.

First my setup :

samba-3.0.10 built from source
openldap-2.2.20 built from source
OS  : Suse Linux 7.1 (but updated -> Kernel 2.4.27)

My problem :
------------

I'm trying to use smbpasswd like the following :

---snipp---
[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
Netbios name list:-
my_netbios_names[0]="486DX66"
Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match

---snipp---

Everything seems to be okay,
but the following lines are the important ones ...

---snipp---
ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
smbldap_search: base => [dc=hrnet,dc=de], filter => 
[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
smbldap_open_connection: connection opened
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!
---snipp---

And so on. So, it is said, there's a connection opened to
ldap://486dx66.hrnet.de:1389/
but it isn't as the logs auf openldap show (there's no entry which shows
any connection from smbpasswd to LDAP-Server, believe me, i can't show 
you anything,although loglevel is set to -1, which means that
everything would/will be logged)

So one could think, there's simple a problem with OpenLDAP,
so let's try a similar search :

---snipp---
[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H 
ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub 
'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
# extended LDIF
#
# LDAPv3
# base <dc=hrnet,dc=de> with scope sub
# filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
# requesting: ALL
#

# HRDOMAIN, hrnet.de
dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
sambaNextUserRid: 41000
sambaSID: S-1-5-21-2344209003-2394295749-876522236
objectClass: sambaDomain
sambaAlgorithmicRidBase: 1000
sambaDomainName: HRDOMAIN

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[PTS2] root at 486dx66:/usr/local/samba3 #

---snipp---

So OpenLDAP works , i can see it in the logs too ....
(too much to show, so you must believe me ;o)

Now my question :

Does anybody see, where the problem comes from,
is there a mistake in my smb.conf or does anyone
have hints/solutions ?

I tried with ssl=on,ssl=off,ssl = start tls,
but this didn't change anything.
It must be a samba problem as all tools i tried are working
well with Openldap (did mostly try a search to test ..)


Here is my smb.conf (only the globals) :

---snipp---
[global]
         netbios name = 486DX66
         workgroup = HRDOMAIN
         domain logons = Yes
         domain master = Yes
         security = User

         server string = Samba-PDC %v on %h

         passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/

         ldap server = 486dx66.hrnet.de
         ldap suffix = "dc=hrnet,dc=de"
         ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
         ldap port = 1389
         ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de"
         ldap ssl = off
         ldap user suffix = ou=users
         ldap group suffix = ou=groups
         ldap machine suffix = ou=machines

         encrypt passwords = yes
         time server = Yes

         kernel oplocks = no
         short preserve case = yes
         wins support = no
         case sensitive = no
         max log size = 1000

         lock dir = /var/lock/samba
         log file = /var/log/samba-%m.log
         load printers = yes
         logon drive = v:
         os level = 255
         create mask = 0661
         logon home = \\%N\%u\.profiles
         printing = cups
         printcap = cups


---snipp---

So, i would be very thankfull if someone
could give me a hint ...

If mor informations/logs/traces are needed tell
me, i will send them ..

grets Harry
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list