[Samba] Samba LDAP rootpw error
Gary Dale
garydale at torfree.net
Sun Mar 26 22:55:31 GMT 2006
Sorry Matt, I've got it going now - at least to the point of getting the
smbldap-populate to work. The next issue is smbpasswd -a root. It's not
working. Also, I've installed phpldapadmin and can't get it to connect
either. The issue now seems to be a TLS connection between Samba and
LDAP. I didn't think I was using one, but LDAP seems to think otherwise.
For example, both phpldapadmin and lsmbldap-usermod -J Administrator
complain about TLS connections to the LDAP server.
I've been looking at the idealx.org instructions for TLS with LDAP but
still not getting it working.
-----------------------------------------------------------------------
Further to the above:
Trying to get TLS working is a pain. I've also had only slightly better
luck with trying to not use it. When I don't use it, I can get
ldapsearch to return a result. However, Samba doesn't seem to want to
talk to it. When I try to get TLS running, I get TLS errors everywhere. :(
Right now I've got it configured, I believe, to not use TLS. When I run
smbpasswd, I get:
semper:/etc/smbldap-tools# smbpasswd -a root
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!
I've attached my various .conf files again. Sorry to be such a pain, but
I am not having any luck by myself.
-------------------------------------------------------------------------
BTW - Here's the results of an ldapsearch:
semper:/var/lib/ldap# smbldap-populate -a Administrator -b nobody
-semper:/var/lib/ldap# ldapsearch -D cn=admin,dc=rahim-dale,dc=org -b
dc=rahim-dale,dc=org -h 127.0.0.1 -x -W ""
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=rahim-dale,dc=org> with scope sub
# filter: (objectclass=*)
# requesting:
#
# rahim-dale.org
dn: dc=rahim-dale,dc=org
# admin, rahim-dale.org
dn: cn=admin,dc=rahim-dale,dc=org
# Users, rahim-dale.org
dn: ou=Users,dc=rahim-dale,dc=org
# Groups, rahim-dale.org
dn: ou=Groups,dc=rahim-dale,dc=org
# Computers, rahim-dale.org
dn: ou=Computers,dc=rahim-dale,dc=org
# Idmap, rahim-dale.org
dn: ou=Idmap,dc=rahim-dale,dc=org
# rahim-dale, rahim-dale.org
dn: sambaDomainName=rahim-dale,dc=rahim-dale,dc=org
# Administrator, Users, rahim-dale.org
dn: uid=Administrator,ou=Users,dc=rahim-dale,dc=org
# nobody, Users, rahim-dale.org
dn: uid=nobody,ou=Users,dc=rahim-dale,dc=org
# Domain Admins, Groups, rahim-dale.org
dn: cn=Domain Admins,ou=Groups,dc=rahim-dale,dc=org
# Domain Users, Groups, rahim-dale.org
dn: cn=Domain Users,ou=Groups,dc=rahim-dale,dc=org
# Domain Guests, Groups, rahim-dale.org
dn: cn=Domain Guests,ou=Groups,dc=rahim-dale,dc=org
# Domain Computers, Groups, rahim-dale.org
dn: cn=Domain Computers,ou=Groups,dc=rahim-dale,dc=org
# Administrators, Groups, rahim-dale.org
dn: cn=Administrators,ou=Groups,dc=rahim-dale,dc=org
# Print Operators, Groups, rahim-dale.org
dn: cn=Print Operators,ou=Groups,dc=rahim-dale,dc=org
# Backup Operators, Groups, rahim-dale.org
dn: cn=Backup Operators,ou=Groups,dc=rahim-dale,dc=org
# Replicators, Groups, rahim-dale.org
dn: cn=Replicators,ou=Groups,dc=rahim-dale,dc=org
# search result
search: 2
result: 0 Success
# numResponses: 18
# numEntries: 17
More information about the samba
mailing list