[Samba] Coule really use some help (Samba PDC)

John Zakhar jzakhar at ventusnetworks.com
Tue Mar 22 17:41:14 GMT 2005 

Tony Earnshaw wrote:

>John Zakhar:
>
>  
>
>>First email was rejected due to size so the log files are inline in the
>>msg now..
>>
>>I have NEVER had so much trouble with a
>>samba PDC before. I need to turn in my unix admin license, this is
>>pathetic...
>>    
>>
>
>Hey wait a minute, we all get fits like that now and again. Have to admit
>that mine mostly come with Windows, I can always get Unix/Linux to work ;)
>
>This could take some time, I live in Europe, it's near my bedtime, I'm
>licked for today and I need sleep. What's more, I'm a modem person at home
>and am only connected a couple of times a day.
>
>Anyway: I have a 75+ PDC running "at work", with Samba 3.0.11 and OpenLDAP
>2.2.23. on RHAS3, so ...
>
>  
>
>>Anyway, I am here. When trying to join a domain with the administrator
>>account I get "no mapping between account name and security ID's was done"
>> And the joining fails...
>>
>>
>>All the needed files are attached, from the ldap log. to the samba.conf
>>to the ldifs of the machine, root and admin account. Trying with the root
>>account nets me the same error
>>    
>>
>
>There's too much shit there. You're getting hung up in the details. And I
>didn't see any LDAP log, even if I had, it probably would have been
>useless. You need to do a 'tail -f' on it (-d 256) while things are
>happening to get any sense from it.
>
>Your local SIDs are all messed up for a start. You have:
>
>S-1-5-21-1391849139-953726148-1374988380
>and
>S-1-5-21-3107161993-1039155829-3332455197
>
>all mixed up together.
>
>And the following SIDs can surely not be right:
>
>Administrators (S-1-5-32-544) -> Administrators
>Print Operators (S-1-5-32-550) -> Print Operators
>Backup Operators (S-1-5-32-551) -> Backup Operators
>Replicators (S-1-5-32-552) -> Replicators
>
>Get all that sorted out before you go on.
>
>Your smb.conf looks more or less o.k. (didn't dwell on it)
>
>You're using the Idealx crap without understanding LDAP or what you're
>doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. Look
>at the alternative Appendix A method of using LDAP in Samba in the Samba
>HOWTO. Here are my mappings up to now at my production site (sorry about
>the wrapping, I decided to use SquirrelMail for this mail and it always
>breaks at 76 chars):
>
>Domain Admins (S-1-5-21-2520587299-2798274336-2978297563-512) -> domadmin
>Domain Guests (S-1-5-21-2520587299-2798274336-2978297563-514) -> domguest
>Domain Users (S-1-5-21-2520587299-2798274336-2978297563-513) -> domuser
>Leden van Personeel (S-1-5-21-2520587299-2798274336-2978297563-8001) ->
>personeel
>Leden van Docenten (S-1-5-21-2520587299-2798274336-2978297563-1001) ->
>docenten
>Leden van Leerlingen (S-1-5-21-2520587299-2798274336-2978297563-2001) ->
>leerlingen
>Leden van Directie (S-1-5-21-2520587299-2798274336-2978297563-10001) ->
>directie
>Administratie (S-1-5-21-2520587299-2798274336-2978297563-15007) ->
>administratie
>
>Never mind that you don't know what the Dutch words mean. See that I map
>from NT IDs to Unix IDs where the Unix IDs are Posix IDs? See that the
>domain SIDs are all the same?
>
>The secrets are in Appendix A of the Samba HOWTO and in getting things
>working with GQ.
>
>Get those right, and I'll see if I can come back tomorrow ;)
>
>Best,
>
>--Tonni
>
>--
>mail: tonye at billy.demon.nl
>http://www.billy.demon.nl
>
>  
>
Tony Earnshaw wrote:

> John Zakhar:
>
>  
>
>> First email was rejected due to size so the log files are inline in the
>> msg now..
>>
>> I have NEVER had so much trouble with a
>> samba PDC before. I need to turn in my unix admin license, this is
>> pathetic...
>>   
>
>
> Hey wait a minute, we all get fits like that now and again. Have to admit
> that mine mostly come with Windows, I can always get Unix/Linux to 
> work ;)
>
> This could take some time, I live in Europe, it's near my bedtime, I'm
> licked for today and I need sleep. What's more, I'm a modem person at 
> home
> and am only connected a couple of times a day.
>
> Anyway: I have a 75+ PDC running "at work", with Samba 3.0.11 and 
> OpenLDAP
> 2.2.23. on RHAS3, so ...
>
>  
>
>> Anyway, I am here. When trying to join a domain with the administrator
>> account I get "no mapping between account name and security ID's was 
>> done"
>> And the joining fails...
>>
>>
>> All the needed files are attached, from the ldap log. to the samba.conf
>> to the ldifs of the machine, root and admin account. Trying with the 
>> root
>> account nets me the same error
>>   
>
>
> There's too much shit there. You're getting hung up in the details. And I
> didn't see any LDAP log, even if I had, it probably would have been
> useless. You need to do a 'tail -f' on it (-d 256) while things are
> happening to get any sense from it.
>
> Your local SIDs are all messed up for a start. You have:
>
> S-1-5-21-1391849139-953726148-1374988380
> and
> S-1-5-21-3107161993-1039155829-3332455197
>
> all mixed up together.
>
> And the following SIDs can surely not be right:
>
> Administrators (S-1-5-32-544) -> Administrators
> Print Operators (S-1-5-32-550) -> Print Operators
> Backup Operators (S-1-5-32-551) -> Backup Operators
> Replicators (S-1-5-32-552) -> Replicators
>
> Get all that sorted out before you go on.
>
> Your smb.conf looks more or less o.k. (didn't dwell on it)
>
> You're using the Idealx crap without understanding LDAP or what you're
> doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. 
> Look
> at the alternative Appendix A method of using LDAP in Samba in the Samba
> HOWTO. Here are my mappings up to now at my production site (sorry about
> the wrapping, I decided to use SquirrelMail for this mail and it always
> breaks at 76 chars):
>
> Domain Admins (S-1-5-21-2520587299-2798274336-2978297563-512) -> domadmin
> Domain Guests (S-1-5-21-2520587299-2798274336-2978297563-514) -> domguest
> Domain Users (S-1-5-21-2520587299-2798274336-2978297563-513) -> domuser
> Leden van Personeel (S-1-5-21-2520587299-2798274336-2978297563-8001) ->
> personeel
> Leden van Docenten (S-1-5-21-2520587299-2798274336-2978297563-1001) ->
> docenten
> Leden van Leerlingen (S-1-5-21-2520587299-2798274336-2978297563-2001) ->
> leerlingen
> Leden van Directie (S-1-5-21-2520587299-2798274336-2978297563-10001) ->
> directie
> Administratie (S-1-5-21-2520587299-2798274336-2978297563-15007) ->
> administratie
>
> Never mind that you don't know what the Dutch words mean. See that I map
> from NT IDs to Unix IDs where the Unix IDs are Posix IDs? See that the
> domain SIDs are all the same?
>
> The secrets are in Appendix A of the Samba HOWTO and in getting things
> working with GQ.
>
> Get those right, and I'll see if I can come back tomorrow ;)
>
> Best,
>
> --Tonni
>
> -- 
> mail: tonye at billy.demon.nl
> http://www.billy.demon.nl
>
>  
>

>Your local SIDs are all messed up for a start. You have:

>S-1-5-21-1391849139-953726148-1374988380
>and
>S-1-5-21-3107161993-1039155829-3332455197

>all mixed up together.

>And the following SIDs can surely not be right:

>Administrators (S-1-5-32-544) -> Administrators
>Print Operators (S-1-5-32-550) -> Print Operators
>Backup Operators (S-1-5-32-551) -> Backup Operators
>Replicators (S-1-5-32-552) -> Replicators

>Get all that sorted out before you go on.

>Your smb.conf looks more or less o.k. (didn't dwell on it)

>You're using the Idealx crap without understanding LDAP or what you're
>doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. Look
>at the alternative Appendix A method of using LDAP in Samba in the Samba
>HOWTO. Here are my mappings up to now at my production site (sorry about
>the wrapping, I decided to use SquirrelMail for this mail and it always

I have been working with LDAP for many many years, while I may not have 
a complete understanding on the IDEALX tools, I fully understand LDAP 
and all it's innerworkings to the "t" =)
I also use ldapbrowser from time to time if i need a GUI utility.
I will work on fixing the SID's right now. Seems like a good place to 
start, I am going to respond in this one email to all the questions 
posed so far..

> Also, I am a newbie to LDAP too but shouldn't your suffixes be the 
> full DN.
> For example, instead of


Yes, you are correct. however it is just a "best practices" thing. I 
have 38 unix servers using that directory for system/ftp/ssh logins and 
so on. The former admin had no concept of LDAP and just winged it, And a 
year later after he was fired and I was hired on here we are. I cannot 
at this time make any major modifications to our directory structure as 
we have clients who use this for various things and the paths are hard 
coded (this happened before I got here and I threw a fit when I found out.)

> No - I think that ldap machine suffix = ou=Computers
> is sufficient and proper for the above
> the ldap filter should probably be commented out though - but it should
> work.
> Craig


Yeah the machine accounts are found during an ldap query

ldap log of the join

Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 fd=13 ACCEPT from 
IP=172.28.0.46:34015 (IP=0.0.0.0:389)
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SRCH 
attr=supportedControl
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(&(uid=administrator)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" 

Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SRCH attr=uid 
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
displayName sambaHomeDrive sambaHomePath sambaLogonScript 
sambaProfilePath description sambaUserWorkstations sambaSID 
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
sambaLogonHours modifyTimestamp
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3336 fd=23 ACCEPT from 
IP=172.28.0.46:34016 (IP=0.0.0.0:389)
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=0 BIND dn="" method=128
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=posixAccount)(uid=administrator))"
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=posixAccount)(uid=administrator))"
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=3 SRCH 
base="ou=Groups,o=ventusnetworks.com,dc=na" scope=1 deref=0 
filter="(&(objectClass=posixGroup)(|(memberUid=administrator)(uniqueMember=uid=administrator,ou=staff,o=ventusnetworks.com,dc=na)))" 

Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=3 SRCH attr=gidNumber
Mar 22 10:27:51 vnldap02 slapd[20690]: <= bdb_equality_candidates: 
(uniqueMember) index_param failed (18)
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3336 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3335 op=3 UNBIND
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3335 fd=13 closed
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 fd=13 ACCEPT from 
IP=172.28.0.46:34017 (IP=0.0.0.0:389)
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SRCH 
attr=supportedControl
Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:53 vnldap02 slapd[20690]: conn=3337 op=2 SRCH 
base="ou=Groups,o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
Mar 22 10:27:53 vnldap02 slapd[20690]: conn=3337 op=2 SRCH 
attr=gidNumber sambaSID sambaGroupType sambaSIDList description 
displayName cn objectClass
Mar 22 10:27:53 vnldap02 slapd[20690]: <= bdb_equality_candidates: 
(gidNumber) index_param failed (18)
Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3337 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3337 fd=13 closed
Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3336 fd=23 closed
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 fd=13 ACCEPT from 
IP=172.28.0.46:34018 (IP=0.0.0.0:389)
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SRCH 
attr=supportedControl
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(&(uid=administrator)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" 

Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SRCH attr=uid 
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
displayName sambaHomeDrive sambaHomePath sambaLogonScript 
sambaProfilePath description sambaUserWorkstations sambaSID 
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
sambaLogonHours modifyTimestamp
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 fd=23 ACCEPT from 
IP=172.28.0.46:34019 (IP=0.0.0.0:389)
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=0 BIND dn="" method=128
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=posixAccount)(uid=administrator))"
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SRCH attr=uid 
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos 
description objectClass
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=posixAccount)(uid=administrator))"
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=3 SRCH 
base="ou=Groups,o=ventusnetworks.com,dc=na" scope=1 deref=0 
filter="(&(objectClass=posixGroup)(|(memberUid=administrator)(uniqueMember=uid=administrator,ou=staff,o=ventusnetworks.com,dc=na)))" 

Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=3 SRCH attr=gidNumber
Mar 22 10:27:55 vnldap02 slapd[20690]: <= bdb_equality_candidates: 
(uniqueMember) index_param failed (18)
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3339 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3338 op=3 UNBIND
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3338 fd=13 closed
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 fd=13 ACCEPT from 
IP=172.28.0.46:34020 (IP=0.0.0.0:389)
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SRCH 
attr=supportedControl
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=2 SRCH 
base="ou=Groups,o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=2 SRCH 
attr=gidNumber sambaSID sambaGroupType sambaSIDList description 
displayName cn objectClass
Mar 22 10:27:57 vnldap02 slapd[20690]: <= bdb_equality_candidates: 
(gidNumber) index_param failed (18)
Mar 22 10:27:58 vnldap02 slapd[20690]: conn=3340 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3340 op=3 UNBIND
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3340 fd=13 closed
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 fd=13 ACCEPT from 
IP=172.28.0.46:34021 (IP=0.0.0.0:389)
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SRCH 
attr=supportedControl
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(&(uid=ibm-zus90725eca$)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" 

Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SRCH attr=uid 
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
displayName sambaHomeDrive sambaHomePath sambaLogonScript 
sambaProfilePath description sambaUserWorkstations sambaSID 
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
sambaLogonHours modifyTimestamp
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=3 UNBIND
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 fd=13 closed
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 fd=13 ACCEPT from 
IP=172.28.0.46:34022 (IP=0.0.0.0:389)
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SRCH 
attr=supportedControl
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SRCH 
base="o=ventusnetworks.com,dc=na" scope=2 deref=0 
filter="(&(&(uid=ibm-zus90725eca$)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" 

Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SRCH attr=uid 
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
displayName sambaHomeDrive sambaHomePath sambaLogonScript 
sambaProfilePath description sambaUserWorkstations sambaSID 
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
sambaLogonHours modifyTimestamp
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 fd=24 ACCEPT from 
IP=127.0.0.1:35926 (IP=0.0.0.0:389)
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 fd=13 closed
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3339 fd=23 closed
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=1 BIND dn="" method=128
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SRCH attr=gidNumber
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 fd=24 closed
Mar 22 10:28:59 vnldap02 slapd[20690]: conn=3344 fd=13 ACCEPT from 
IP=127.0.0.1:35927 (IP=0.0.0.0:389)
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=1 BIND dn="" method=128
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SRCH attr=gidNumber
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 fd=13 closed
Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3345 fd=13 ACCEPT from 
IP=192.168.1.120:55825 (IP=0.0.0.0:389)
Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 fd=23 ACCEPT from 
IP=192.168.1.120:59984 (IP=0.0.0.0:389)
Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3345 fd=13 closed
Mar 22 10:29:30 vnldap02 slapd[20690]: do_search: invalid dn (base)
Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 op=0 SEARCH RESULT 
tag=101 err=34 nentries=0 text=invalid DN
Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 fd=23 closed
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 fd=13 ACCEPT from 
IP=127.0.0.1:35928 (IP=0.0.0.0:389)
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3348 fd=23 ACCEPT from 
IP=127.0.0.1:35929 (IP=0.0.0.0:389)
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3349 fd=24 ACCEPT from 
IP=127.0.0.1:35930 (IP=0.0.0.0:389)
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3350 fd=25 ACCEPT from 
IP=127.0.0.1:35931 (IP=0.0.0.0:389)
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 op=1 BIND dn="" method=128
Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=1 BIND dn="" method=128
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SRCH attr=gidNumber
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=1 BIND dn="" method=128
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 fd=13 closed
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SRCH attr=gidNumber
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3350 op=1 BIND dn="" method=128
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3350 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 fd=23 closed
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=3 SRCH attr=gidNumber
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=mailman))"
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3349 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3349 fd=24 closed
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=mailman))"
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SRCH attr=gidNumber
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 fd=25 closed
Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 fd=13 ACCEPT from 
IP=127.0.0.1:35932 (IP=0.0.0.0:389)
Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=1 BIND dn="" method=128
Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=1 RESULT tag=97 
err=0 text=
Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=2 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))"
Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=2 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SRCH base="dc=na" 
scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))"
Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SRCH attr=gidNumber
Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SEARCH RESULT 
tag=101 err=0 nentries=0 text=
Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 fd=13 closed
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 fd=13 ACCEPT from 
IP=172.28.0.46:34023 (IP=0.0.0.0:389)
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 BIND 
dn="cn=Manager,dc=na" method=128
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 BIND 
dn="cn=Manager,dc=na" mech=SIMPLE ssf=0
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 RESULT tag=97 
err=0 text=
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SRCH base="" 
scope=0 deref=0 filter="(objectClass=*)"
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SRCH 
attr=supportedControl
Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=


-- 
John Zakhar <jzakhar at ventusnetworks.com>

Systems Administrator.

Ventus Networks
800 Connecticut Ave
Norwalk, CT. 06854

Work 1-(203)-642-2800
Home 1-(860)-318-0276
Cell 1-(203)-257-4165

More information about the samba mailing list