[Samba] samba3+openldap:Problem during the LDAP search

Edmund Lin edmund.lin at pangeo.com
Thu Sep 13 15:31:52 GMT 2007


Hi,
I'm trying to use samba3+openldap as our PDC. 
I installed the server using CentOS4.4 single service CD and then use yum
install openldap-servers to install openldap server.
I already ran "smbpasswd -w secret".
When I invoked "smbpasswd -a root" the following error showed up:

[root at localhost samba]# smbpasswd -a root
smbldap_search_suffix: Problem during the LDAP search:  (No such object)
New SMB password:
Retype new SMB password:
smbldap_search_suffix: Problem during the LDAP search:  (No such object)
ldapsam_search_one_group: Problem during the LDAP search: LDAP error:  (No
such object)
smbldap_search_suffix: Problem during the LDAP search:  (No such object)
Failed to add entry for user root.
Failed to modify password entry for user root

----------------------------------------------samba and openldap
versions:--------------------------------

[root at localhost samba]# rpm -qa|grep samba
system-config-samba-1.2.21-1
samba-common-3.0.10-1.4E.9
samba-3.0.10-1.4E.12.2
samba-client-3.0.10-1.4E.12.2
[root at localhost samba]# rpm -qa|grep ldap
php-ldap-4.3.9-3.15
openldap-servers-2.2.13-7.4E
nss_ldap-226-13
openldap-2.2.13-7.4E
[root at localhost samba]#

I've simplified the configuration to:
--------------------------------------------------------smb.conf------------
-------------------------------------
[root at localhost samba]# cat smb.conf
# Global parameters
[global]
        workgroup = PANGEO.COM
        netbios name = PDC
        server string = Samba Server
        passdb backend = ldapsam:ldap://localhost
        log level = 256
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap
        domain logons = Yes
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        ldap suffix = dc=pangeo,dc=com
        ldap admin dn = cn=Manager,dc=pangeo,dc=com
        ldap group suffix = ou=Groups
        ldap idmap suffix = ou=Users
        ldap machine suffix = ou=Computers
        ldap passwd sync = Yes
        ldap ssl = no
        ldap user suffix = ou=Users
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        cups options = raw

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[netlogon]
        comment = Network Logon Service
        path = /home/netlogon
        guest ok = Yes
        share modes = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No
----------------------------------------------------------slapd.conf--------
---------------------------------
[root at localhost samba]# cd /etc/openldap
[root at localhost openldap]# cat slapd.conf

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/samba.schema

allow bind_v2

pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args

database        bdb
suffix          "dc=pangeo,dc=com"
rootdn          "cn=Manager,dc=pangeo,dc=com"
rootpw          secret

directory       /var/lib/ldap

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

loglevel 256
-------------------------------------------------/etc/openldap.conf---------
-------------------------------------
[root at localhost openldap]# cd /etc
[root at localhost etc]# cat ldap.conf
host 127.0.0.1
base dc=pangeo,dc=com
binddn cn=Manager,dc=pangeo,dc=com
bindpw secret
timelimit 120
bind_timelimit 120
idle_timelimit 3600
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
[root at localhost etc]#
-----------------------------------------------openldap.log-----------------
--------------------------------------
[root at localhost etc]# cat /var/log/openldap.log
Sep 12 16:47:29 localhost slapd[31733]: conn=0 fd=10 closed
Sep 12 16:47:29 localhost slapd[31733]: conn=1 fd=11 closed
Sep 12 16:47:29 localhost slapd[31733]: slapd shutdown: waiting for 0
threads to terminate
Sep 12 16:47:29 localhost slapd[31733]: slapd stopped.
Sep 12 16:47:29 localhost slapd[31814]: @(#) $OpenLDAP: slapd 2.2.13 (May  3
2007 01:57:31) $
mockbuild at builder7.centos.org:/builddir/build/BUILD/openldap-2.2.13/openldap
-2.2.13/build-servers/servers/slapd
Sep 12 16:47:29 localhost slapd[31814]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (December  3, 2003)
Sep 12 16:47:29 localhost slapd[31814]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (December  3, 2003)
Sep 12 16:47:29 localhost slapd[31814]: bdb_db_init: Initializing BDB
database
Sep 12 16:47:29 localhost slapd[31815]: slapd starting
Sep 12 16:47:33 localhost slapd[31815]: conn=0 fd=10 ACCEPT from
IP=127.0.0.1:32881 (IP=0.0.0.0:389)
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaDomain)(sambaDomainName=pangeo.com))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SRCH
attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid
sambaSID sambaAlgorithmicRidBase objectClass
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-3204288253-4292468634-1794421284-501)(objectCla
ss=sambaSamAccount))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours modifyTimestamp
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 fd=11 ACCEPT from
IP=127.0.0.1:32882 (IP=0.0.0.0:389)
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=posixAccount)(uid=nobody))"
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=posixGroup)(memberUid=nobody))"
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SRCH attr=gidNumber
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SRCH
base="ou=Groups,dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=99))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SRCH attr=gidNumber
sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:38 localhost slapd[31815]: conn=2 fd=12 ACCEPT from
IP=127.0.0.1:32883 (IP=0.0.0.0:389)
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaDomain)(sambaDomainName=pangeo.com))"
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SRCH
attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid
sambaSID sambaAlgorithmicRidBase objectClass
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours modifyTimestamp
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SRCH
base="ou=Groups,dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SRCH attr=gidNumber
sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 fd=12 closed
[root at localhost etc]#

Can anyone help me with it?
Thank you.


Edmund Lin



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the samba mailing list