[Samba] Re: Problems with LDAP authentication backend.

paul kölle paul at subsignal.org
Wed Oct 26 20:21:57 GMT 2005


Robert.Becker at motoristsgroup.com wrote:
Either I do not understand how Samba impliments LDAP or there is something
> wrong with my setup.  My LDAP implimentation is as follows.  The main LDAP
> suffix is dc=motogroup,dc=com and there are OU's of people and group under
> there.
> 
> Now, Samba is able to connect to the LDAP server, but it is not looking in
> the right place for the user accounts.  If I attempt to run pdbedit -L I
> get the following:
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SYSLOGSERVER))]
> smbldap_open_connection: connection opened
> ldap_connect_system: succesful connection to the LDAP server
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SYSLOGSERVER))]
> smbldap_open_connection: connection opened
> ldap_connect_system: succesful connection to the LDAP server
> ldapsam_setsampwent: 0 entries in the base!
> 
> What I see there is Samba is in SamaDomainName=SYSLOGSERVER for the user
> accounts.  Since the accounts are not stored under that OU it isn't finding
> anything.  I attempted to copy the OU=people and the OU=group to
> SamaDomainName=SYSLOGSERVER but it still fails.
It's not looking for users here but for the entry with domain specific
information (domsid, ...). AFAIK you need to give samba write access to
"ldap suffix" (temporarily?) to create this entry.

> 
> Anyone have any ideas why Samba is not finding the accounts?
Maybe you missed to setup nss_ldap on your server to fetch the unix part
from ldap?

hth
 Paul



More information about the samba mailing list