[Samba] samba failed to authenticate to openLDAP

Tony Earnshaw tonye at billy.demon.nl
Tue Mar 1 23:21:10 GMT 2005

Paul Gienger:


>> Is there anybody who might have some idea of what is wrong.
> Yep.  You did nothing to create the samba attributes that will have to
> exist in each user account for the users to log in.   I suggest you read
> the documentation on setting up an LDAP/PDC system that is on the
> samba.org web site.  You've missed quite a few steps here, so you may want
> to read it through to get a complete idea.  Your solution is going to
> include the following:
> 1. Obtain and configure the smbldap-tools package.
> 2. Run the smbldap-populate script
> 3. Make sure you've got a sambaDomain (I think that's the object type)
> in the base of your DIT. 4. Join the machine to the domain (since you
> appear to want a domain setup) 4. Add samba attributes to each user's
> account.
> Yes there are 2 #4 entries.  Doesn't matter which one comes first.  As
> far as I can remember, those will be the critical steps to not miss. If
> you've followed the documentation and not done those steps, you've missed
> something.

Not that i don't appreciate your constant help and encouragement but:

1: I followed the docs to the letter;
2: doing that nearly fscked up my already existent DIT for always;
3: I found a different way "that worked for me";
4: I promised JHT to write up how (and more importantly why) but I didn't
get that far yet. The important thing is, that whoever wrote the (3.0.7
and higher) ldapsam code made it truly versatile: it can do things in more
ways than one. As my Walloon Belgian granny used to say: "there are more
ways of killing a cat than choking it with cheese" ;)


mail: tonye at billy.demon.nl

More information about the samba mailing list