[Samba] SAMBA LDAP PDC - LAM LDAP ACCOUNT MANAGER
Doug Campbell
doug at bpta.net
Mon Jul 11 05:06:52 GMT 2005
Adrian,
> I really have ran out of options here, and I don't know how to resolve
> this issue. I have a Samba LDAP primary domain controller. I have been
> using LAM - LDAP Account Manager to manage the accounts. The command
> line appears to be working correctly ie - getent passwd, getent group,
> id username, id computer, adding and removing accounts.
>
> Problem: When I logon to the LAM page (ldap account manager) and try to
> login I get an error "LDAP error, server says:
> (-1) Can't contact LDAP server"
>
> LAM is configured correctly, and it used to work. I am almost positive
> this is not a "LAM" issue.
>
>
> Here is a log i get from typeing:
>
> [root at node1 openldap]# tail -100 /var/log/messages
>
> Jul 11 14:30:36 node1 ldap: slapd startup succeeded
> Jul 11 14:30:39 node1 smb: smbd shutdown succeeded
> Jul 11 14:30:40 node1 smb: nmbd shutdown succeeded
> Jul 11 14:30:40 node1 smb: smbd startup succeeded
> Jul 11 14:30:40 node1 smb: nmbd startup succeeded
> Jul 11 14:30:50 node1 kernel: audit(1121056250.376:0): avc: denied {
> connect } for pid=4637 exe=/usr/sbin/httpd
> scontext=root:system_r:httpd_t tcontext=root:system_r:httpd_t
> tclass=tcp_socket
It looks like from your log that SELinux is maybe in enforce mode and that
it maybe not allowing the httpd process to run as it needs to. Maybe if you
temporarily set your mode to permissive and see. This might explain why LAM
which relys on httpd doesn't work but all your other functionality directly
related to LDAP seemed to work.
Doug
> Any help or suggestions would be greatly appreciated.
>
> Please email me suggestions or solutions: asender at ampwest.com.au
>
> Many Thanks
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list