[Samba] Documentation error?

Stefansson Håkan Hakan.Stefansson at uppsala.se
Thu Feb 16 15:07:55 GMT 2006 

Hi,

I am setting up a fileserver in an AD domain, using Samba 3.0.21b under Solaris 9. An Openldap server (version 2.3.17) is used fot the idmap backend.

Following the Samba HOWTO Collection, chapter 6, I used the statement

ldap idmap suffix = ou=idmap,dc=uppsala,dc=se

in my smb.conf. This doesn't work. When starting winbindd I get the following in the log:

[2006/02/15 10:31:14, 3] lib/smbldap.c:smbldap_connect_system(905)
  ldap_connect_system: succesful connection to the LDAP server
[2006/02/15 10:31:14, 0] sam/idmap.c:idmap_init(146)
  idmap_init: failed to initialize remote backend!
[2006/02/15 10:31:14, 1] nsswitch/winbindd.c:main(1011)
  Could not init idmap -- netlogon proxy only

In the slapd log I get this:
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 940369 local4.debug] do_search
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 198467 local4.debug] >>> dnPrettyNormal: <ou=idmap,dc=uppsala,dc=se,>
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 458966 local4.debug] do_search: invalid dn (ou=idmap,dc=uppsala,dc=se,)
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 131099 local4.debug] send_ldap_result: conn=0 op=2 p=3
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 291653 local4.debug] send_ldap_result: err=34 matched="" text="invalid DN"
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 324658 local4.debug] send_ldap_response: msgid=3 tag=101 err=34
Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 167594 local4.debug] conn=0 op=2 SEARCH RESULT tag=101 err=34 nentries=0 text=invalid DN

As it seems, trailing comma has been appended to the string. This, I think, could be the cause of the error.

However, when I changed the above statement in smb.conf to

ldap suffix       = dc=uppsala,dc=se
ldap idmap suffix = ou=idmap

the error disappeared and the idmap backend seems to work now.

So the statement in the HOWTO,

ldap idmap suffix = ou=Idmap,dc=quenya,dc=org

seems to be incorrect. Or maybe this was working as documented in the HOWTO until the code was changed by mistake? I have not tried it with any previous versions of Samba.

 
Håkan Stefansson

More information about the samba mailing list