[Samba] Documentation error?

John H Terpstra jht at samba.org
Fri Feb 17 02:29:13 GMT 2006 

On Thursday 16 February 2006 09:07, Stefansson Håkan wrote:
> Hi,
>
> I am setting up a fileserver in an AD domain, using Samba 3.0.21b under
> Solaris 9. An Openldap server (version 2.3.17) is used fot the idmap
> backend.
>
> Following the Samba HOWTO Collection, chapter 6, I used the statement
>
> ldap idmap suffix = ou=idmap,dc=uppsala,dc=se
>
> in my smb.conf. This doesn't work. When starting winbindd I get the
> following in the log:

Correct. I have fixed this in the documentation. Thank-you for pointing us to 
this.

- John T.

>
> [2006/02/15 10:31:14, 3] lib/smbldap.c:smbldap_connect_system(905)
>   ldap_connect_system: succesful connection to the LDAP server
> [2006/02/15 10:31:14, 0] sam/idmap.c:idmap_init(146)
>   idmap_init: failed to initialize remote backend!
> [2006/02/15 10:31:14, 1] nsswitch/winbindd.c:main(1011)
>   Could not init idmap -- netlogon proxy only
>
> In the slapd log I get this:
> Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 940369 local4.debug] do_search
> Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 198467 local4.debug] >>>
> dnPrettyNormal: <ou=idmap,dc=uppsala,dc=se,> Feb 15 10:31:14 sbkfs02
> slapd[2911]: [ID 458966 local4.debug] do_search: invalid dn
> (ou=idmap,dc=uppsala,dc=se,) Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID
> 131099 local4.debug] send_ldap_result: conn=0 op=2 p=3 Feb 15 10:31:14
> sbkfs02 slapd[2911]: [ID 291653 local4.debug] send_ldap_result: err=34
> matched="" text="invalid DN" Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID
> 324658 local4.debug] send_ldap_response: msgid=3 tag=101 err=34 Feb 15
> 10:31:14 sbkfs02 slapd[2911]: [ID 167594 local4.debug] conn=0 op=2 SEARCH
> RESULT tag=101 err=34 nentries=0 text=invalid DN
>
> As it seems, trailing comma has been appended to the string. This, I think,
> could be the cause of the error.
>
> However, when I changed the above statement in smb.conf to
>
> ldap suffix       = dc=uppsala,dc=se
> ldap idmap suffix = ou=idmap
>
> the error disappeared and the idmap backend seems to work now.
>
> So the statement in the HOWTO,
>
> ldap idmap suffix = ou=Idmap,dc=quenya,dc=org
>
> seems to be incorrect. Or maybe this was working as documented in the HOWTO
> until the code was changed by mistake? I have not tried it with any
> previous versions of Samba.
>
>
> Håkan Stefansson

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
Samba-3 by Example, 2 Ed., ISBN: 0131882221X
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list