[Samba] Samba LDAP rootpw error

Gary Dale garydale at torfree.net
Sun Mar 26 22:55:31 GMT 2006

Sorry Matt, I've got it going now - at least to the point of getting the
smbldap-populate to work. The next issue is smbpasswd -a root. It's not
working. Also, I've installed phpldapadmin and can't get it to connect
either. The issue now seems to be a TLS connection between Samba and
LDAP. I didn't think I was using one, but LDAP seems to think otherwise.
For example, both phpldapadmin and lsmbldap-usermod -J Administrator
complain about TLS connections to the LDAP server.

I've been looking at the idealx.org instructions for TLS with LDAP but
still not getting it working.


Further to the above:
Trying to get TLS working is a pain. I've also had only slightly better
luck with trying to not use it. When I don't use it, I can get
ldapsearch to return a result. However, Samba doesn't seem to want to
talk to it. When I try to get TLS running, I get TLS errors everywhere. :(

Right now I've got it configured, I believe, to not use TLS. When I run
smbpasswd, I get:

semper:/etc/smbldap-tools# smbpasswd -a root
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!

I've attached my various .conf files again. Sorry to be such a pain, but
I am not having any luck by myself.


BTW - Here's the results of an ldapsearch:

semper:/var/lib/ldap# smbldap-populate -a Administrator -b nobody 
-semper:/var/lib/ldap# ldapsearch -D cn=admin,dc=rahim-dale,dc=org -b 
dc=rahim-dale,dc=org -h -x -W ""
Enter LDAP Password:
# extended LDIF
# LDAPv3
# base <dc=rahim-dale,dc=org> with scope sub
# filter: (objectclass=*)
# requesting:

# rahim-dale.org
dn: dc=rahim-dale,dc=org

# admin, rahim-dale.org
dn: cn=admin,dc=rahim-dale,dc=org

# Users, rahim-dale.org
dn: ou=Users,dc=rahim-dale,dc=org

# Groups, rahim-dale.org
dn: ou=Groups,dc=rahim-dale,dc=org

# Computers, rahim-dale.org
dn: ou=Computers,dc=rahim-dale,dc=org

# Idmap, rahim-dale.org
dn: ou=Idmap,dc=rahim-dale,dc=org

# rahim-dale, rahim-dale.org
dn: sambaDomainName=rahim-dale,dc=rahim-dale,dc=org

# Administrator, Users, rahim-dale.org
dn: uid=Administrator,ou=Users,dc=rahim-dale,dc=org

# nobody, Users, rahim-dale.org
dn: uid=nobody,ou=Users,dc=rahim-dale,dc=org

# Domain Admins, Groups, rahim-dale.org
dn: cn=Domain Admins,ou=Groups,dc=rahim-dale,dc=org

# Domain Users, Groups, rahim-dale.org
dn: cn=Domain Users,ou=Groups,dc=rahim-dale,dc=org

# Domain Guests, Groups, rahim-dale.org
dn: cn=Domain Guests,ou=Groups,dc=rahim-dale,dc=org

# Domain Computers, Groups, rahim-dale.org
dn: cn=Domain Computers,ou=Groups,dc=rahim-dale,dc=org

# Administrators, Groups, rahim-dale.org
dn: cn=Administrators,ou=Groups,dc=rahim-dale,dc=org

# Print Operators, Groups, rahim-dale.org
dn: cn=Print Operators,ou=Groups,dc=rahim-dale,dc=org

# Backup Operators, Groups, rahim-dale.org
dn: cn=Backup Operators,ou=Groups,dc=rahim-dale,dc=org

# Replicators, Groups, rahim-dale.org
dn: cn=Replicators,ou=Groups,dc=rahim-dale,dc=org

# search result
search: 2
result: 0 Success

# numResponses: 18
# numEntries: 17

More information about the samba mailing list