[Samba] nsswitch not working for ldap

[Tony Austin]

>> Now ldap stuff logs to /var/log/slapd.log
>> Now you can try to connect and review slapd logs to see what it's
doing.
>
> root#ldapsearch -x -h localhost \
>  -D 'cn=Manager,dc=phoenixinteriorsltd,dc=com' \
>  -W '(objectclass=*)'
>
> logs as:-
>
> Nov 18 09:41:09 localhost slapd[12149]: conn=1 fd=8 ACCEPT from
> IP=127.0.0.1:33899 (IP=0.0.0.0:389)
> Nov 18 09:41:09 localhost slapd[12149]: conn=1 op=0 BIND
> dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" method=128
> Nov 18 09:41:09 localhost slapd[12149]: conn=1 op=0 BIND
> dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" mech=SIMPLE ssf=0
> Nov 18 09:41:09 localhost slapd[12149]: conn=1 op=0 RESULT tag=97 err=0
text= Nov 18 09:41:09 localhost slapd[12149]: conn=1 op=1 SRCH
> base="dc=phoenixinteriorsltd,dc=com" scope=2 deref=0
> filter="(objectClass=*)" Nov 18 09:41:09 localhost slapd[12149]: conn=1
op=1 SEARCH RESULT tag=101 err=4 nentries=12 text=
> Nov 18 09:41:09 localhost slapd[12149]: conn=1 op=2 UNBIND Nov 18
09:41:09
> localhost slapd[12149]: conn=1 fd=8 closed
>
> root#getent passwd
>
> logs as:-
>
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 fd=8 ACCEPT from
> IP=127.0.0.1:33902 (IP=0.0.0.0:389)
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=0 BIND
> dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" method=128
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=0 BIND
> dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" mech=SIMPLE ssf=0
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=0 RESULT tag=97 err=0
text= Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=1 SRCH
> base="ou=People,dc=phoenixinteriorsltd,dc=com" scope=1 deref=0
> filter="(objectClass=posixAccount)"
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=1 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 op=1 SEARCH RESULT
tag=101
> err=0 nentries=0 text=
> Nov 18 09:41:52 localhost slapd[12149]: conn=2 fd=8 closed
>

I am a bit further forward with this.  I think 'Samba by Example' is a bit
misleading, it says to do:-

root#getent passwd|grep Administrator

but AFAICS there has been no Administrator account set up by
smbldap-populate.pl, hence no result comes back

root#smbldap-useradd -a fren

adds an account and this can is returned by

root#getent passwd|grep fren

However,

root#getent group|grep Domain

still produces no result and even adding an account

root#smbldap-groupadd -a Accounts

produces no result from

root#getent group|grep Accounts

although,

root#slapcat|less

shows Accounts to be present as objectclass: posixGroup

root#getent group

returns only the /etc/group entries and logs as:-

Nov 18 12:33:18 localhost slapd[2740]: conn=39 fd=17 ACCEPT from
IP=127.0.0.1:33021 (IP=0.0.0.0:389)
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=0 BIND
dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" method=128
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=0 BIND
dn="cn=Manager,dc=phoenixinteriorsltd,dc=com" mech=SIMPLE ssf=0
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=0 RESULT tag=97 err=0 text=
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=1 SRCH
base="ou=Groups,dc=phoenixinteriorsltd,dc=com" scope=1 deref=0
filter="(&(objectClass=posixGroup))"
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=1 SRCH attr=cn
userPassword memberUid uniqueMember gidNumber
Nov 18 12:33:18 localhost slapd[2740]: conn=39 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Nov 18 12:33:18 localhost slapd[2740]: conn=39 fd=17 closed

So the problem now seems to be that I am not able to get
objectclass=posixGroup items returned.

I'm not sure what to do now.


Tony