[Samba] Getting samba ldap to work?
Roberto Morelli
r.morelli at usl11.toscana.it
Wed Jan 19 16:10:07 GMT 2005
----- Messaggio Originale -----
OGGETTO: [Samba] Getting samba ldap to work?
DA: Tim Tyler
A:
DATA: 19-01-2005 16:46
Hi Tim,
Samba experts,
I am having problems getting samba 3.0.8 working with ldap
authentication on an aix 5.1 system. I have successfully gotten
ldap to
work with telnet, ftp, ssh, finger, etc. But, I seem to be really
stuck
on getting samba to work for some reason. I am running my ldap
server on
another host (Debian). I did enter in a samba schema into the
slapd.conf
file. I have both opendlap and nss_ldap installed on the aix
server,
though I am not sure if samba even tries to use them or not.
Questions:
1. Does samba use openldap or nss_ldap?
I think that Samba needs an ldap client to connect to server ldap, if
your ldap server (on Debian host) is OpenLDAP you need to install and
use
succesfully OpenLDAP client on Samba Server (nss_ldap is not
necessary in this phase).
2. Should I consider using pam support? If so, do I need to
recompile
samba for pam support?
I think that pam support is not necessary in this contest and for
your specific problem.
3. I notice that some people configure their smb.conf file to use
ldap
server or passdb backend =. Which should I be using?
# passdb backend = ldapsam:"ldap://lincon.beloit.edu"
ldap suffix = "ou=People,dc=lincon,dc=beloit,dc=edu"
I suggest this value for ldap suffix
ldap suffix = "dc=lincon,dc=beloit,dc=edu" if your accounts are in
"ou=People,dc=lincon,dc=beloit,cd=edu" subtree
ldap admin dn = "cn=admin,dc=lincon,dc=beloit,dc=edu"
# ldap port = 389
ldap server = 144.89.254.9
ldap ssl = no
ldap machine suffix = ou=Machine
ldap user suffix = ou=People
ldap group suffix = ou=Group
NOTE: When I use passdb backend, I never get a prompt to login with
my
username and password. It simply fails stating their is no backend.
[2005/01/18 14:54:05, 0]
passdb/pdb_interface.c:make_pdb_methods_name(664)
No builtin nor plugin backend for ldapsam found
[2005/01/18 14:54:05, 1]
passdb/pdb_interface.c:make_pdb_context_list(765)
Loading ldapsam:ldap://lincon.beloit.edu failed!
[2005/01/18 14:54:05, 0]
passdb/pdb_interface.c:make_pdb_methods_name(664)
No builtin nor plugin backend for ldapsam found
[2005/01/18 14:54:05, 1]
passdb/pdb_interface.c:make_pdb_context_list(765)
Loading ldapsam:ldap://lincon.beloit.edu failed!
If you have ldap client installed, be sure that your configure line
of Samba (if you have build from source) have -with-ldapsam switch
When I comment out that and use the ldap server line (with ldap
port
commented out), I get a prompt, but get these errors in the logs:
2005/01/18 15:20:11, 1] lib/util_sock.c:get_peer_name(959)
Gethostbyaddr failed for 144.89.40.114
[2005/01/18 15:20:12, 1] lib/util_sock.c:get_peer_name(959)
Gethostbyaddr failed for 144.89.40.114
In this test you can try to change this line
ldap server = 144.89.254.9
with
ldap server = lincon.beloit.edu
if you have (as you hope) a DNS or host resolution for this name.
I feel like its not really getting to the point of inquiring for a
username, etc. Any suggestions are much appreciated! -thanks
Tim
I hope these suggestions may help you.
Bye
Roberto Morelli
Azienda U.S.L. 11
Empoli (FI)
Tim Tyler
Network Engineer - Beloit College
tyler at beloit.edu
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list