[Samba] samba 3 and ldapsam_compat
Joan Ramos Ramos
joanr at uni-post.com
Wed Mar 9 11:58:49 GMT 2005
Hi, i'm trying to configure a samba-3.0.9-2.3 with suse 9.2 and openldap2-2.1.12-74 in another server but i have a strange problem. My samba schema is old and i have use the ldapsam_compat parameter on samba 3.
My problem:
I mount a share of samba 3 server on my linux:
# mount -t smbfs -o username=joanr //192.9.200.147/dpd /mnt
Password:
30004: tree connect failed: ERRDOS - ERRnoaccess (Access denied.)
SMB connection failed
The log:
[...]
[2005/03/09 13:00:19, 3] lib/smbldap.c:smbldap_connect_system(858)
ldap_connect_system: succesful connection to the LDAP server
[2005/03/09 13:00:19, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
init_sam_from_ldap: Entry found for user: joanr
[2005/03/09 13:00:19, 5] passdb/login_cache.c:login_cache_init(41)
Opening cache file at /var/lib/samba/login_cache.tdb
[2005/03/09 13:00:19, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/03/09 13:00:19, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2005/03/09 13:00:19, 4] auth/auth_sam.c:sam_account_ok(119)
sam_account_ok: Checking SMB password for user joanr
[2005/03/09 13:00:19, 5] auth/auth_sam.c:logon_hours_ok(101)
logon_hours_ok: user joanr allowed to logon at this time (Wed Mar 9 13:00:19 2005
)
[2005/03/09 13:00:19, 1] auth/auth_util.c:make_server_info_sam(822)
User joanr in passdb, but getpwnam() fails!
[2005/03/09 13:00:19, 5] auth/auth_util.c:free_server_info(1387)
attempting to free (and zero) a server_info structure
[2005/03/09 13:00:19, 0] auth/auth_sam.c:check_sam_security(312)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
[2005/03/09 13:00:19, 5] auth/auth.c:check_ntlm_password(271)
check_ntlm_password: sam authentication for user [JOANR] FAILED with error NT_STATUS_NO_SUCH_USER
[2005/03/09 13:00:19, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [JOANR] -> [JOANR] FAILED with error NT_STATUS_NO_SUCH_USER
[2005/03/09 13:00:19, 5] auth/auth_util.c:free_user_info(1361)
attempting to free (and zero) a user_info structure
[2005/03/09 13:00:19, 10] auth/auth_util.c:free_user_info(1364)
structure was created for JOANR
[2005/03/09 13:00:19, 3] smbd/sesssetup.c:do_map_to_guest(41)
No such user JOANR [LDAP] - using guest account
[...]
The most strange is that if i go to the entry of joanr on my openldap server, some fields are deleted, for example the ntPassword lmPassword... and the user is disabled.
My smb.cof:
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE
# Date: 2004-10-05
[global]
workgroup = dpd
username map = /etc/samba/smbusers
map to guest = Bad User
passdb backend = ldapsam_compat:ldap://192.168.1.146
ldap admin dn = cn=Manager,o=unipost
ldap suffix = o=unipost
security = user
encrypt passwords = yes
netbios name = serverdpd
hosts allow = 192.9. 127.0.0.1 localhost 192.168.
wins server = 192.168.1.146
name resolve order = host wins lmhosts bcast
interfaces = lo, eth0, eth1, eth2
os level = 65
log level = 3 passdb:5 auth:10 winbind:2
[dpd]
comment = dpd
path = /home/dpd
read only = no
valid users = @informatica9
P.S: i have another samba 2 server and works correctly with this openldap server.
Any help?
Thanks
Joan Ramos Ramos <mailto:joanr at uni-post.com>
Dpto. Informática
Tel.: +34 932 232 552 (Ext. 260)
Fax.: +34 932 230 151
------------------------------------------------------------------------------------------------------------------------------------------------
Este mensaje es confidencial y atañe exclusivamente a las personas a las que va dirigido.
Cualquier opinión en el contenida, es exclusivo de su autor y no representa necesariamente
la opinion de UNIPOST, S.A.
Si Ud. no es el destinatario del mensaje, considerese advertido que lo ha recibido por error
y que cualquier difusión o copia estan terminantemente prohibidos. Si ha recibido por error,
por favor comuniquelo a UNIPOST, S.A. al número +34 93 223 25 52 o correo electrónico
a <support at unipost.es>.
This e-mail is confidential and intended solely for the use of the individual to whom it is addressed.
Any opinions presented are solely those of the author and do not necessarily represent those of
UNIPOST, S.A.
If you are not the intended recipient, be advised that you have received this e-mail in error and that
dissemination, forwarding or copying of this e-mail is strictly prohibited. If you have received this
e-mail in error please notify it to UNIPOST, S.A. by telephone on number +34 93 223 25 52 or by
e-mail to <support at unipost.es>.
------------------------------------------------------------------------------------------------------------------------------------------------
More information about the samba
mailing list