[Samba] Problem with "ldapsam:trusted = yes"

"M. Müller" malte.mueller at ewetel.net
Tue Mar 22 07:54:39 GMT 2005

I updated from 3.0.11 to 3.0.12 and tried the new ldapsam:trusted 
parameter. Alas smbd dies silently a second after startup.
With debug level 2 I can't see any reason in the logfile. My smb.conf is 
(relevant part I hope):
        workgroup = BBS_XXX
        netbios aliases = fileserver revreselif
        passdb backend = ldapsam:ldap://localhost
        idmap backend = ldapsam:ldap://localhost
        ldap suffix = dc=bbs-xxx,dc=schule
        ldap user suffix = ou=accounts
        ldap group suffix = ou=groups
        ldap machine suffix = ou=hardware
        ldap idmap suffix = ou=idmap
        idmap uid = 40000-60000
        idmap gid = 40000-60000
        ldap admin dn = cn=root,dc=bbs-xxx,dc=schule
        ldap ssl = off
        #ldapsam:trusted = yes  #smbd doesn't work with ldapsam:trusted 
= yes
        utmp = yes
        invalid users = @wheel, mail, daemon, adt
        interfaces = eth0
        bind interfaces only = yes
        log level = 2
        syslog = 0
        log file = /var/log/samba-%G.log
        getwd cache = yes
        keep alive = 60
        dead time = 50
        locking = yes
        map hidden = yes
        map archive = yes
        map system = yes
        security = user
        encrypt passwords = yes
        domain master = yes
        domain logons = yes
        preferred master = yes
        os level = 30
        time server = yes
        logon script = %U.cmd
        logon path =
        logon home =
        logon drive = p:
        load printers = yes
        printing = cups
        printcap name = cups
        dos charset = 850
        unix charset = ISO-8859-15
        display charset = ISO-8859-15

All acounts samba should know have a posixAccount and sambaSamAccount e.g.:
dn: uid=administrator,ou=accounts,dc=bbs-xxx,dc=schule
displayName: administrator
mailLocalAddress: administrator at fileserver.bbs-xxx.schule
objectClass: posixAccount
objectClass: account
objectClass: mailRecipient
objectClass: spezifikumUser
objectClass: sambaSamAccount
sambaLogonTime: 0
sambaHomeDrive: P:
uid: administrator
mail: administrator@<official-mail-address>
uidNumber: 5471
cn: administrator
cn: M. Mueller
cn:: TS4gTcO8bGxlcg==
sambaLogoffTime: 2147483647
mailDeliveryOption: accept
loginShell: /bin/bash
gidNumber: 501
description: Administrator
homeDirectory: /home/lehrer/administrator
sambaKickoffTime: 2147483647
sambaHomePath: \\fileserver\administrator
script: if not exist t: net use t: \\revreselif\treiber
sambaPrimaryGroupSID: S-1-5-21-1091375802-1471697927-1951840895-2003
sambaSID: S-1-5-21-1091375802-1471697927-1951840895-512
sambaAcctFlags: [U          ]
mailAlternateAddress: mamue at fileserver
sambaPwdMustChange: 2147483647
sambaPwdCanChange: 1108028782
sambaPwdLastSet: 1108028782
Neither root, nor the ldap-manager do have their account in the 
directory (doesn't make sense i believe). Besides that, samba is running 
flawlessly, but I always had some perfomance problems due to large 
groups so i wondered if ldapsam:trusted could help me.
Nscd is not running, winbindd is not running. I tried both a self 
compiled samba and the binaries.
System is SuSE9.2.

Can anybody give me a hint what I could test to find the source of this 

Thanks a lot,
Malte Mueller

More information about the samba mailing list