[Samba] Samba cannot contact LDAP server
Marcin Giedz
marcin.giedz at eulerhermes.pl
Tue Jul 26 07:47:18 GMT 2005
Dnia wtorek, 26 lipca 2005 04:53, Alex Ward napisał:
Hello Alex,
Please tell something more about your LDAP configuration - is it working at
all??? Any logs, configuration, linux distro etc..... Your samba
configuration for LDAP seems to be OK ;) so please add some additional LDAP
information.
Marcin
> I'm setting up a PDC using samba 3.0.14a-2 on fedora 4 with Openldap
> 2.2.23 to authenticate. Authentication via ldap through the various
> linux service is working (login, ssh, etc.) via nss. Thus I know that
> slapd is running and working properly. I used smbldap-tools to populate
> and add test users/groups to the directory, and they worked just fine.
> But samba, despite being configured correctly, as far as I can tell,
> cannot even contact LDAP. slapd is running on the loopback interface
> and logging everything including packets sent. I know from the openldap
> logs that the samba server NEVER contacts the ldap server despite having
> the correct URI (I can see it in the smbd.log file)
>
> Here is the error I'm getting in the logfile...
>
> [2005/07/25 21:44:51, 5] passdb/pdb_interface.c:make_pdb_methods_name(726)
> Found pdb backend ldapsam
> [2005/07/25 21:44:51, 2] lib/smbldap.c:smbldap_search_domain_info(1394)
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=neverland))]
> [2005/07/25 21:44:51, 5] lib/smbldap.c:smbldap_search(1038)
> smbldap_search: base => [dc=neverland,dc=com], filter =>
> [(&(objectClass=sambaDo
> main)(sambaDomainName=neverland))], scope => [2]
> [2005/07/25 21:44:51, 5] lib/smbldap.c:smbldap_close(949)
> The connection to the LDAP server was closed
> [2005/07/25 21:44:51, 10] lib/smbldap.c:smbldap_open_connection(596)
> smbldap_open_connection: ldap://127.0.0.1:389/
> [2005/07/25 21:44:51, 2] lib/smbldap.c:smbldap_open_connection(692)
> smbldap_open_connection: connection opened
> [2005/07/25 21:44:51, 10] lib/smbldap.c:smbldap_connect_system(824)
> ldap_connect_system: Binding to ldap server ldap://127.0.0.1:389/ as
> "cn=Manager
> ,dc=neverland,dc=com"
> [2005/07/25 21:44:51, 0] lib/smbldap.c:smbldap_connect_system(852)
> failed to bind to server ldap://127.0.0.1:389/ with
> dn="cn=Manager,dc=neverland,dc
> =com" Error: Can't contact LDAP server
> (unknown)
>
> The above error repeats over and over about 15 times.
>
> Here is my smb.conf with comments and share definitions removed
>
> [global]
>
> workgroup = NEVERLAND
> netbios name = PALERMO
>
> server string = PALMERO - The wise and mighty domain controller
>
> passdb backend = ldapsam:ldap://127.0.0.1:389/
> ldap suffix = dc=neverland,dc=com
> ldap admin dn = cn=Manager,dc=neverland,dc=com
> ldap ssl = no
> ldap group suffix = ou=Groups
> ldap machine suffix = ou=Computers
> admin users = root, "@Domain Admins"
> add user script = /usr/local/sbin/smbldap-useradd -m "%u"
> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
> delete user from group script = /usr/local/sbin/smbldap-groupmod -x
> "%u" "%g"
> set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
> add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
>
> log level = 10
> printcap name = /etc/printcap
> load printers = yes
> cups options = raw
> log file = /var/log/samba/%m.log
> max log size = 50
> security = user
> encrypt passwords = yes
> smb passwd file = /etc/samba/smbpasswd
> username map = /etc/samba/smbusers
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = yes
> os level = 65
> domain master = yes
> preferred master = yes
> domain logons = yes
> logon path =
> logon home =
> wins support = yes
> dns proxy = no
>
>
> I have been working on this for three days now, and I am about to give
> up home and move away from ldap. But I don't want to. Any help is
> greatly appreciated!
>
> Thanks in advance.
>
> -Al
More information about the samba
mailing list