[Samba] [Follow-UP] samba BDC + LDAP slave Referral errors

Michael Gasch gasch at eva.mpg.de
Tue Oct 10 09:22:15 GMT 2006 

hi,

sorry to confuse you. i did set up updateref but no additional referrals.

as i read here http://tech.stlsawall.com/index.php/?page_id=4 it´s 
impossible to have simple bind working with referrals. so i think i have 
to switch to SASL.

i think i should google a little bit on openldap, sasl, referrals and samba.

possibly someone has an idea/link/...???

thx!

Bruno Guerreiro wrote:
> Hi,
> I may be overlooking something, but how did you set up a LDAP slave without
> a referral?
> 
> 
> From man 5 slapd.conf
> 
> updateref <url>
> 	Specify  the  referral  to  pass back when slapd(8) is asked to
> modify a replicated local database.  If specified multiple times, each url
> is provided.
> 
> Best Regards,
> Bruno Guerreiro
> 
>> -----Original Message-----
>> From: samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org 
>> [mailto:samba-bounces+bruno.guerreiro=ine.pt at lists.samba.org] 
>> On Behalf Of Michael Gasch
>> Sent: terça-feira, 10 de Outubro de 2006 7:37
>> To: samba
>> Subject: [Samba] [Follow-UP] samba BDC + LDAP slave Referral errors
>>
>> hi,
>>
>> i see the same error message with samba 3.0.14a and OpenLDAP 
>> 2.2.23 (Debian Packages) with Master/Slave setup.
>>
>> i did not set up a referral to the master, so why does samba 
>> get a referral when attempting to write to a slave? is this 
>> an in-build samba feature? do i have to enable referrals to 
>> get this to work properly?
>>
>> any advise is appreciated!
>> thx!
>> micha
>>
>> Zwonarz Ivo wrote:
>>  > We use sambaPDC + LDAP
>>  > On our BDC we have a replicated ldap slave.
>>  > Everything seems to work fine.
>>  >
>>  > Hower, in the smbd log file we have the following messages 
>> (only on the  > BDC's)  >  > [2006/05/31 15:25:08, 1] 
>> passdb/pdb_ldap.c:ldapsam_modify_entry(1495)
>>  >  ldapsam_modify_entry: Failed to modify user dn=  > 
>> uid=pc01233$,ou=Machines,dc=brrc,dc=be with: Referral  > 
>> [2006/05/31 15:25:08, 0]
>> passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
>>  >  ldapsam_update_sam_account: failed to modify user with 
>> uid = pc01233$,  > error:  (Success)  > [2006/05/31 15:25:08, 
>> 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1495)
>>  >  ldapsam_modify_entry: Failed to modify user dn=  > 
>> uid=pc01233$,ou=Machines,dc=brrc,dc=be with: Referral  > 
>> [2006/05/31 15:25:08, 0]
>> passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
>>  >  ldapsam_update_sam_account: failed to modify user with 
>> uid = pc01233$,  > error:  (Success)  >  >  > Can someone 
>> prevent this errors?
>>  > Does samba/openldap need to be changed?
>>  > What is actually happening?
>>  >
>>  >
>>  > With more Debug info:
>>  > log level = 2 passdb:3 auth:3
>>  > in smb.conf
>>  >
>>  > [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(219)
>>  >  check_ntlm_password:  Checking password for unmapped user 
>>  > []\[]@[PC00829] with the new password interface  > 
>> [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(222)
>>  >  check_ntlm_password:  mapped user is: [BRRC]\[]@[PC00829] 
>>  > [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(268)
>>  >  check_ntlm_password: guest authentication for user [] 
>> succeeded  > [2006/05/31 15:32:48, 2] 
>> lib/smbldap.c:smbldap_open_connection(692)
>>  >  smbldap_open_connection: connection opened  > [2006/05/31 
>> 15:32:48, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(219)
>>  >  check_ntlm_password:  Checking password for unmapped user 
>>  > []\[]@[PC00829] with the new password interface  > 
>> [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(222)
>>  >  check_ntlm_password:  mapped user is: [BRRC]\[]@[PC00829] 
>>  > [2006/05/31 15:32:48, 3] auth/auth.c:check_ntlm_password(268)
>>  >  check_ntlm_password: guest authentication for user [] 
>> succeeded  > [2006/05/31 15:32:48, 2] 
>> passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 2] passdb/pdb_ldap.c:init_ldap_from_sam(912)
>>  >  init_ldap_from_sam: Setting entry for user: pc00829$  > 
>> [2006/05/31 15:32:48, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1495)
>>  >  ldapsam_modify_entry: Failed to modify user dn=  > 
>> uid=pc00829$,ou=Machines,dc=brrc,dc=be with: Referral  > 
>> [2006/05/31 15:32:48, 0]
>> passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
>>  >  ldapsam_update_sam_account: failed to modify user with 
>> uid = pc00829$,  > error:  (Success)  >  > [2006/05/31 
>> 15:32:48, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
>>  >  init_sam_from_ldap: Entry found for user: pc00829$  > 
>> [2006/05/31 15:32:48, 2] passdb/pdb_ldap.c:init_ldap_from_sam(912)
>>  >  init_ldap_from_sam: Setting entry for user: pc00829$  > 
>> [2006/05/31 15:32:48, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1495)
>>  >  ldapsam_modify_entry: Failed to modify user dn=  > 
>> uid=pc00829$,ou=Machines,dc=brrc,dc=be with: Referral  > 
>> [2006/05/31 15:32:48, 0]
>> passdb/pdb_ldap.c:ldapsam_update_sam_account(1720)
>>  >  ldapsam_update_sam_account: failed to modify user with 
>> uid = pc00829$,  > error:  (Success)  >  >  > Kind regards,  
>>> Ivo Zwonarz.
>> -- 
>> Michael Gasch
>> Max Planck Institute for Evolutionary Anthropology
>> Department of Human Evolution (IT Staff)
>> Deutscher Platz 6
>> D-04103 Leipzig
>> Germany
>>
>> Phone: 49 (0)341 - 3550 137
>>         49 (0)341 - 3550 374
>>
>> Fax:   49 (0)341 - 3550 399
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>
> 
> 
> 

-- 
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution (IT Staff)
Deutscher Platz 6
D-04103 Leipzig
Germany

Phone: 49 (0)341 - 3550 137
        49 (0)341 - 3550 374

Fax:   49 (0)341 - 3550 399

More information about the samba mailing list