[Samba] My Net is busted
danield at igb.uiuc.edu
Tue Feb 20 22:32:00 GMT 2007
Fired up wireshark, and when I do net usersidlist it does not create
traffic to the ldap server. I can verify that wireshark is working by
doing a ping, and I can see the traffic that takes place when a standard
login to the server takes place. However when I do a net usersidlist or
something that I would expect to generate ldap traffic, it does not do
anything. How can a standard login work properly (so my smb.conf works
right) but this act like the server is pointed int the wrong direction.
On Tue, 2007-02-13 at 12:21 -0600, Daniel Davidson wrote:
> CNRG is a posixgroup:
> # cnrg, group, igb.uiuc.edu
> dn: cn=cnrg,ou=group,dc=igb,dc=uiuc,dc=edu
> cn: cnrg
> objectClass: posixGroup
> gidNumber: 102
> description: Computer and Network Resource Group
> memberUid: danield
> I have smbldap-tools configured, I believe properly, and I can run them
> and make them work. However, I have not been using them and have
> created my own scripts for use with my specific needs. One guess I have
> is that I am missing something from the group entry that samba needs,
> but I am not sure.
> Ldap group suffix is set, from smb.conf:
> ldap group suffix = ou=group
> ldap suffix = dc=igb,dc=uiuc,dc=edu
> ldap ssl = on
> ldap user suffix = ou=People
> ldap machine suffix = ou=computer
> I have not fired up wireshark yet, I was hoping to avoid that. If this
> does not give anyone hints on what I am doing wrong, I will bite the
> bullet and get it installed.
> On Fri, 2007-02-09 at 17:21 -0600, Gerald (Jerry) Carter wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > Daniel Davidson wrote:
> > > I was guessing that, but it will not let me create them:
> > >
> > > [root at file-server os]# net groupmap add rid=512 unixgroup=cnrg
> > > ntgroup="Domain Admins"
> > > [2007/02/09 16:45:06, 0]
> > > passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(2330)
> > > ldapsam_add_group_mapping_entry: failed to add group 102 error: �_
> > > (Internal (implementation specific) error)
> > > adding entry for group Domain Admins failed!
> > >
> > > Otherwise, your book would be keeping me from
> > > posting here.
> > LOL! ok. Fair enough.
> > Basic questions:
> > * Is cnrg a posixGroup in the directory?
> > * Are you using the smbldap tools ?
> > * Have you set the 'ldap group suffix'?
> > * Have you looked at the LDAP modify request on
> > the wire (in Wireshark)?
> > cheers, jerry
> > =====================================================================
> > Samba ------- http://www.samba.org
> > Centeris ----------- http://www.centeris.com
> > "What man is a man who does not make the world better?" --Balian
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.3 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> > iD8DBQFFzQIIIR7qMdg1EfYRAiMgAJ9f/OZw5DAY3xUzlYuQ1UcNsSTEtgCeJt0v
> > g5JPZtEL8t7zzKPgTO4nb7E=
> > =Ikqb
> > -----END PGP SIGNATURE-----
More information about the samba