[Samba] samba3+openldap:Problem during the LDAP search
Edmund Lin
edmund.lin at pangeo.com
Thu Sep 13 15:31:52 GMT 2007
Hi,
I'm trying to use samba3+openldap as our PDC.
I installed the server using CentOS4.4 single service CD and then use yum
install openldap-servers to install openldap server.
I already ran "smbpasswd -w secret".
When I invoked "smbpasswd -a root" the following error showed up:
[root at localhost samba]# smbpasswd -a root
smbldap_search_suffix: Problem during the LDAP search: (No such object)
New SMB password:
Retype new SMB password:
smbldap_search_suffix: Problem during the LDAP search: (No such object)
ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (No
such object)
smbldap_search_suffix: Problem during the LDAP search: (No such object)
Failed to add entry for user root.
Failed to modify password entry for user root
----------------------------------------------samba and openldap
versions:--------------------------------
[root at localhost samba]# rpm -qa|grep samba
system-config-samba-1.2.21-1
samba-common-3.0.10-1.4E.9
samba-3.0.10-1.4E.12.2
samba-client-3.0.10-1.4E.12.2
[root at localhost samba]# rpm -qa|grep ldap
php-ldap-4.3.9-3.15
openldap-servers-2.2.13-7.4E
nss_ldap-226-13
openldap-2.2.13-7.4E
[root at localhost samba]#
I've simplified the configuration to:
--------------------------------------------------------smb.conf------------
-------------------------------------
[root at localhost samba]# cat smb.conf
# Global parameters
[global]
workgroup = PANGEO.COM
netbios name = PDC
server string = Samba Server
passdb backend = ldapsam:ldap://localhost
log level = 256
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
domain logons = Yes
preferred master = Yes
domain master = Yes
dns proxy = No
ldap suffix = dc=pangeo,dc=com
ldap admin dn = cn=Manager,dc=pangeo,dc=com
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap ssl = no
ldap user suffix = ou=Users
idmap uid = 15000-20000
idmap gid = 15000-20000
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
----------------------------------------------------------slapd.conf--------
---------------------------------
[root at localhost samba]# cd /etc/openldap
[root at localhost openldap]# cat slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database bdb
suffix "dc=pangeo,dc=com"
rootdn "cn=Manager,dc=pangeo,dc=com"
rootpw secret
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
loglevel 256
-------------------------------------------------/etc/openldap.conf---------
-------------------------------------
[root at localhost openldap]# cd /etc
[root at localhost etc]# cat ldap.conf
host 127.0.0.1
base dc=pangeo,dc=com
binddn cn=Manager,dc=pangeo,dc=com
bindpw secret
timelimit 120
bind_timelimit 120
idle_timelimit 3600
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
[root at localhost etc]#
-----------------------------------------------openldap.log-----------------
--------------------------------------
[root at localhost etc]# cat /var/log/openldap.log
Sep 12 16:47:29 localhost slapd[31733]: conn=0 fd=10 closed
Sep 12 16:47:29 localhost slapd[31733]: conn=1 fd=11 closed
Sep 12 16:47:29 localhost slapd[31733]: slapd shutdown: waiting for 0
threads to terminate
Sep 12 16:47:29 localhost slapd[31733]: slapd stopped.
Sep 12 16:47:29 localhost slapd[31814]: @(#) $OpenLDAP: slapd 2.2.13 (May 3
2007 01:57:31) $
mockbuild at builder7.centos.org:/builddir/build/BUILD/openldap-2.2.13/openldap
-2.2.13/build-servers/servers/slapd
Sep 12 16:47:29 localhost slapd[31814]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (December 3, 2003)
Sep 12 16:47:29 localhost slapd[31814]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (December 3, 2003)
Sep 12 16:47:29 localhost slapd[31814]: bdb_db_init: Initializing BDB
database
Sep 12 16:47:29 localhost slapd[31815]: slapd starting
Sep 12 16:47:33 localhost slapd[31815]: conn=0 fd=10 ACCEPT from
IP=127.0.0.1:32881 (IP=0.0.0.0:389)
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaDomain)(sambaDomainName=pangeo.com))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SRCH
attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid
sambaSID sambaAlgorithmicRidBase objectClass
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-3204288253-4292468634-1794421284-501)(objectCla
ss=sambaSamAccount))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours modifyTimestamp
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 fd=11 ACCEPT from
IP=127.0.0.1:32882 (IP=0.0.0.0:389)
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=posixAccount)(uid=nobody))"
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=posixGroup)(memberUid=nobody))"
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SRCH attr=gidNumber
Sep 12 16:47:33 localhost slapd[31815]: conn=1 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SRCH
base="ou=Groups,dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=99))"
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SRCH attr=gidNumber
sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 12 16:47:33 localhost slapd[31815]: conn=0 op=3 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:38 localhost slapd[31815]: conn=2 fd=12 ACCEPT from
IP=127.0.0.1:32883 (IP=0.0.0.0:389)
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" method=128
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 BIND
dn="cn=Manager,dc=pangeo,dc=com" mech=SIMPLE ssf=0
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=0 RESULT tag=97 err=0
text=
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaDomain)(sambaDomainName=pangeo.com))"
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SRCH
attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid
sambaSID sambaAlgorithmicRidBase objectClass
Sep 12 16:47:38 localhost slapd[31815]: conn=2 op=1 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours modifyTimestamp
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=2 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SRCH
base="ou=Groups,dc=pangeo,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SRCH attr=gidNumber
sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=3 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SRCH
base="dc=pangeo,dc=com" scope=2 deref=0
filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SRCH attr=uid uidNumber
gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange
sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName
sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial
sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory
modifyTimestamp sambaLogonHours
Sep 12 16:47:44 localhost slapd[31815]: conn=2 op=4 SEARCH RESULT tag=101
err=32 nentries=0 text=
Sep 12 16:47:44 localhost slapd[31815]: conn=2 fd=12 closed
[root at localhost etc]#
Can anyone help me with it?
Thank you.
Edmund Lin
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba
mailing list