[Samba] can any one help me with samba ldap and winbind

mallapadi niranjan niranjan.ashok at gmail.com
Wed Jan 18 12:42:29 GMT 2006


Dear all

I have a system with samba PDC with LDAP, samba version being 3.0.21 and
openLDAP version 2.2.13
i have another linux system with samba version being 3.0.10 which is a
member server to samba pdc.
i have configured nss_ldap, and ldap.conf on the member server  pointing to
my ldap server on samba pdc
The samba PDC LDAP is configured for simple bind . Please Guide me on the
following errors

1 )i have been getting the following errors:
   on the member server when i issue the command net rpc info i get the
following error
   rpc_parse/parse_prs.c prs_mem_get(537)
   prs_mem_get: reading data size 14418130 would overrun buffer

2) on the domain member server i get the
    error: nss_wins ldap_simple_bind  can't contact LDAP server

3) And often on the samba PDC /var/log/message i get the following error
    init_sam_from_ldap , Failed to get password history for user

4) on samba PDC , With LDAP , i get the following error,
slapd[] bdb_equality_candidates : (uid) index_param failed
           bdb_equality_candidates : (sambaGroupType) index_parm failed
i believe the above error means that there some indexing problem with my
slapd.conf file in my samba PDC,
but what exaclty that is causing the problem , unable to figure it out.

In the below samba configuration the "winbind use default domain = no" ,
when i type the command 'net rpc info" i get the output
but when i type the command "wbinfo -U" error getting client list
should i have to enable winbind and set it to yes

now since the idmap in the below configuration is idmap uid "10000-20000"
and idmap gid "10000-20000" , but
when the user is created it is created with uid starting from 1000., 2000
etc.
please guide me


my samba pdc with LDAP, smb.conf file is
############################## ####################################
[global]
  workgroup = msdpl.com
  netbios name = medhapdc
  passdb backend = ldapsam:ldap://msdpl.com
  server string = Domain Controller
  hosts allow = 192.168.128. 192.168.129. 192.168.130. 127.
  security = user
  encrypt passwords = yes
  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  interfaces = eth0, lo
  printing = cups
  disable spoolss = Yes
  printcap name = cups
  max print jobs = 100
  enable privileges = yes
   password level = 8
   username level = 8
  bind interfaces only = yes
  local master = Yes
  os level = 65
  domain master = yes
  preferred master = yes
  null passwords = no
  hide unreadable = yes
  hide dot files = yes
  domain logons = yes
  logon script = %u.bat
  logon path =
  logon drive = X:
  logon home = \\medhapdc\%U
  wins support = yes
  name resolve order = wins lmhosts host bcast
  dns proxy = no
  time server = yes
  log file = /var/log/samba/%m.log
  max log size = 50
  nt acl support = yes
  ldap passwd sync = yes
  add user script = /usr/local/sbin/smbldap-useradd -m "%u"
  delete user script = /usr/local/sbin/smbldap-userdel "%u"
  add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
  add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
  add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
  delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
  set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
  ldap delete dn = Yes
  ldap ssl = no
  ldap suffix = dc=msdpl,dc=com
  ldap admin dn = cn=manager,dc=msdpl,dc=com
  ldap group suffix = ou=Groups
  ldap user suffix = ou=People
  ldap machine suffix = ou=Computers
  ldap idmap suffix = ou=Idmap
  idmap backend = ldap:ldap://msdpl.com
  idmap uid = 10000-20000
  idmap gid = 10000-20000
  map acl inherit = yes
  winbind use default domain = no
  template shell = /bin/false
######################################################[Share
Definations]###########################################
[homes]
   comment = Home Directories
   valid users = %S
   browseable = no
   read only = no
   nt acl support = Yes

# Un-comment the following and create the netlogon directory for Domain
Logons
 [netlogon]
   comment = Network Logon Service
   path = /usr/local/samba/lib/netlogon/scripts
   guest ok = yes
   browseable = no
   write list = root

[printers]
   comment = All Printers
   path = /var/spool/samba
   create mask = 0600
   guest ok = Yes
   printable = yes
   use client driver = Yes
   browseable = no

##################################################################

Regards
Niranjan


More information about the samba mailing list