[Samba] HPUX and Samba 3.023 question

Eric Roseme eroseme at emonster.rose.hp.com
Tue Aug 12 20:08:13 GMT 2008 


Ryan Novosielski wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Eric Roseme wrote:
>> Casey Dearcorn wrote:
>>> I am sorry if this sounds dumb, but I am sort of a newbie with samba.
>>>
>>>  
>>>
>>> We have upgraded our active directory domain servers to 2008 and samba
>>> 3.07 will not bind to the directory anymore.  I have been told that I
>>> need to upgrade past 3.022 in order to make it work?  First of all is
>>> this true?  Second, when I went to install it and run it there is an
>>> error that it can not find libldap-2.2.so.  I am assuming this is for
>>> the HPUX IXOPENLDAP, but I am not sure.  In either case I can not find
>>> this version to install.  I don't want to mess my box up, but I would
>>> like to get my samba running correctly again.  Can anyone give me any
>>> advice or information?
>>>
>> Hi Casey,
>>
>> Are you using HP CIFS Server or Opensource Samba?  I am guessing from
>> the library error that you were using CIFS Server and then tried to
>> install and run Opensource.  What HP-UX version are you on?
>>
>> If you are compiling/using Opensource, then you need to update past
>> 3.0.28, so you might as well get 3.0.31.  You will also need to install
>> OpenLDAP to get the libraries.  Go here and read the README:
>> http://us1.samba.org/samba/ftp/Binary_Packages/hp/samba-3.0.23a/README
>>
>> If you are using HP CIFS Server, then the latest version is based upon
>> Samba 3.0.22a with fixes ported in from later versions up to 3.0.25a. So
>> it does not have the fix for joining a W2008 domain with "security =
>> ads".  You can join W2008 with "security = domain", though.
>>
>> Eric Roseme
>> Hewlett-Packard
> 
> Eric,
> 
> Is that also true of A.02.03.04? Looks like it is somewhat newer, but
> I'm not 100% sure how that affects the domain stuff.
> 
> http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8725AA
> 
> You probably know better than I, being from HP, but I've spent an
> inordinate amount of time on this recently, so I have the release notes
> memorized. :-P
> 
> PS: utmp = yes causes PANIC's on A.02.03.03 and A.02.03.04.
> 
>
Hi Ryan,

Yes - unfortunately, it also holds true of A.02.03.04.  Sorry that you 
spent so much time on it.

I can send you a tool that will allow you to write the CIFS/Samba 
computer object to the W2008 AD and generate a keytab file on the 
CIFS/Samba server.  When you start CIFS/Samba with "use kerberos keytab 
= yes", your users can authenticate to and mount CIFS/Samba shares, but 
any of the net commands that require auth-n will fail (including join). 
  winbind will not start either.  Still working on this as a W/A.  I do 
not have a timeframe for 3.0.28 (or .31) for CIFS yet.

PS - the tool is "unsupported".

Eric

More information about the samba mailing list