[samba] ldapsam:trusted = yes kills smbd

Jeremy Allison jra at samba.org
Thu Sep 29 21:44:17 GMT 2005 

On Thu, Sep 29, 2005 at 10:43:26PM +0100, Daniel Wilson wrote:
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match 
> ldapsam:ldap://vila.sunderland.ac.uk (ldapsam)
> Found pdb backend ldapsam
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=UNI-STAFF))]
> 
> Breakpoint 1, 0x00000000005daa33 in smbldap_search ()
> (gdb)
> (gdb)
> (gdb) n
> Single stepping until exit from function smbldap_search,
> which has no line number information.
> smbldap_search: base => [dc=sunderland,dc=ac,dc=uk], filter => [(&
> (objectClass=sambaDomain)(sambaDomainName=UNI-STAFF))], scope => [2]
> The connection to the LDAP server was closed
> smbldap_open_connection: ldap://vila.sunderland.ac.uk
> smbldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server 
> ldap://vila.sunderland.ac.uk as "cn=Directory Manager"
> ldap_connect_system: succesful connection to the LDAP server
> ldap_connect_system: LDAP server does not support paged results
> (gdb) n
> Single stepping until exit from function pdb_getsampwsid,
> which has no line number information.
> 0x00000000005b5306 in make_new_server_info_guest ()
> (gdb) n
> Single stepping until exit from function make_new_server_info_guest,
> which has no line number information.
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [Thread debugging using libthread_db enabled]
> [New Thread 182909114432 (LWP 8489)]
> push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> NT user token: (NULL)
> UNIX token of user 0
> Primary group is 0 and contains 0 supplementary groups
> [Switching to Thread 182909114432 (LWP 8489)]
> 
> Breakpoint 1, 0x00000000005daa33 in smbldap_search ()
> (gdb) n
> Single stepping until exit from function smbldap_search,
> which has no line number information.
> smbldap_search: base => 
> [ou=groups,ou=filestore,dc=sunderland,dc=ac,dc=uk], filter => [(&
> (objectClass=posixGroup)(|(memberUid=nobody)(gidNumber=65533)))], 
> scope => [2]
> 0x0000000000559503 in ldapsam_enum_group_memberships ()
> (gdb) n
> Single stepping until exit from function 
> Single stepping until exit from function make_new_server_info_guest,
> which has no line number information.
> 0x00000000005b547d in init_guest_info ()
> (gdb) n
> Single stepping until exit from function init_guest_info,
> which has no line number information.
> 0x00000000005dd880 in main ()
> (gdb) n
> Single stepping until exit from function main,
> which has no line number information.

Ok, you're exiting from main() here :

        if (!init_guest_info())
                return -1;

which is an immediate termination. You seem to be connecting
to the LDAP server but it's failing to look up a guest user
when looking there.

This :

        if (!pdb_getsampwsid(sampass, &guest_sid)) {
                unbecome_root();
                return NT_STATUS_NO_SUCH_USER;
        }

is failing - it's looking for a user with sid :

<global-sam-sid>-0x000001F5

where global-sam-sid is the domain sid of your domain.
Looks like you don't have this user set up on your ldap
server.

Jeremy.

More information about the samba mailing list