[Samba] errors - cannot access LDAP when not root
Justin Zipperle
justin at shaggydawg.com
Mon May 21 20:50:54 GMT 2007
I'm hardly an OpenLDAP expert, but check your ACLs in your slapd.conf.
Make sure you've got something like this:
access to *
by * read
You should probably tighten up your LDAP security a bit more than that,
but you get my point. You should be able to do an anonymous bind and
search LDAP from the command line:
ldapsearch -x -b "dc=yourbase,dc=net" "(ObjectClass=*)"
In my experience, that should be working before you can do anything
useful with Samba.
Hope this helps!
-Justin
On 5/21/2007 10:07 AM, Bradley Tate wrote:
> Hi
>
> I was happy enough running SuSE 9.3 and samba 3.0.20 with openldap but
> hardware problems forced me to move. I tried openSuSe 10.2 with samba
> 3.0.23 and 3.0.24 but kept getting strange interactions with openldap
> and Internal Errors from samba, I realise now possibly due to copying
> .dat files from the old setup.
>
> I've now moved to something I know a bit better, which is a more redhat
> like Centos 5 and have virtually installed from scratch except for the
> LDAP directory and the smb.conf. I'm now getting heaps of the same
> errors in the user logs.
>
> Typically a fragment is:
>
> [2007/05/21 23:45:18, 5] lib/smbldap.c:smbldap_search_ext(1179)
> smbldap_search_ext: base => [ou=Groups,dc=objectmastery,dc=com],
> filter => [(&(objectClass=sambaGroupMapping)(gidNumber=10
> 0))], scope => [2]
> [2007/05/21 23:45:18, 0] lib/smbldap.c:smbldap_open(1009)
> smbldap_open: cannot access LDAP when not root..
>
> Any clues on how to get rid of the problem would be helpful, even if
> it's to tell me more information is needed or where I should start
> looking. Rollback is not an option.
>
> Thanks,
>
> Bradley
>
>
More information about the samba
mailing list