[Samba] LDAP problem

Sun Jan 6 23:43:39 GMT 2008

Why did you need to restore from the ldif?

Are you sure it was a recent backup? How was it made?

A quick way to browse the ldap data is:
 slapcat | less

on the ldap server. You can search quickly using the search functions in
"less" - just like in vi.

The log looks odd - I don't have a samba installation to hand to check but
we see a user called "Invite" and also some entries which seem to be due a
null user name:

>>[2008/01/06 15:17:45, 3] auth/auth_sam.c:check_sam_security(244)
>>check_sam_security: Couldn't find user '' in passdb file.

If I were you, I'd run tcpdump/snoop/wireshark and look at the dialogue
between the client and the pdc.

Q

On 06/01/2008, Tanguy Léost <tanguy.leost at free.fr> wrote:
>
> Hello,
>
> I have a problem with my PDC server.
> It runs samba + openLDAP. It used to work fine.
> The machine was stopped today because of a power supply failure,
> and since it was restarted i have problems connecting to the domain.
>
> - The ldap data was restored from a ldif file, the ldap seems to work
> fine. when i type
> ldapsearch -x
> I see the contents of the ldap data.
>
> - When I try :
> smbclient -L \\pdc -U tleost
> it asks for my password, and i see the samba shares.
>
> - I tried, as root, on the pdc:
> smbpasswd -w
> which was successful.
>
>
> ... anyway, i cannot connect from my windows clients. I get an error
> message telling me the pdc is not available.
>
>
> Here is a log i get (/var/log/samba/devel2.log)
> <-----------------------------------------
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>    setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>    pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 3] auth/auth.c:check_ntlm_password(219)
>    check_ntlm_password:  Checking password for unmapped user
> []\[]@[DEVEL2] with the new password interface
> [2008/01/06 15:17:45, 3] auth/auth.c:check_ntlm_password(222)
>    check_ntlm_password:  mapped user is: [COMPANY]\[]@[DEVEL2]
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>    push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2008/01/06 15:17:45, 3] smbd/uid.c:push_conn_ctx(365)
>    push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>    setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2008/01/06 15:17:45, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
>    init_sam_from_ldap: Entry found for user: Invite
> [2008/01/06 15:17:45, 4] lib/substitute.c:automount_server(323)
>    Home server: servpdc
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>    pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 1] auth/auth_util.c:make_server_info_sam(822)
>    User Invite in passdb, but getpwnam() fails!
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>    push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2008/01/06 15:17:45, 3] smbd/uid.c:push_conn_ctx(365)
>    push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>    setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2008/01/06 15:17:45, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1300)
>    ldapsam_getsampwnam: Unable to locate user [] count=0
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>    pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 3] auth/auth_sam.c:check_sam_security(244)
>    check_sam_security: Couldn't find user '' in passdb file.
> [2008/01/06 15:17:45, 3] auth/auth_winbind.c:check_winbind_security(80)
>    check_winbind_security: Not using winbind, requested domain [COMPANY]
> was for this SAM.
> [2008/01/06 15:17:45, 2] auth/auth.c:check_ntlm_password(312)
>    check_ntlm_password:  Authentication for user [] -> [] FAILED with
> error NT_STATUS_NO_SUCH_USER
> [2008/01/06 15:17:45, 3] smbd/process.c:timeout_processing(1336)
>    timeout_processing: End of file from client (client has disconnected).
> [2008/01/06 15:17:45, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>    setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2008/01/06 15:17:45, 2] smbd/server.c:exit_server(571)
>    Closing connections
> [2008/01/06 15:17:45, 3] smbd/connection.c:yield_connection(69)
>    Yielding connection to
> [2008/01/06 15:17:45, 3] smbd/connection.c:yield_connection(76)
>    yield_connection: tdb_delete for name  failed with error Record does
> not exist.
> [2008/01/06 15:17:45, 3] smbd/server.c:exit_server(614)
> -------------------------------------------------------->
>
>
> Any help would be much appreciated.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>