[Samba] LDAP problem

Tanguy Léost tanguy.leost at free.fr
Mon Jan 7 00:14:48 GMT 2008

le 07.01.2008 00:43  Quinn Fissler ecrivait :
> Why did you need to restore from the ldif?
> Are you sure it was a recent backup? How was it made?

Thanks very much for replying.

I had to restore form a ldif file because the ldap seemed
to be broken. Since we restored it, slpad is running again.
I presume the restore was ok. I didn't do it myself.

(By the way, I haven't had a look at the ldap administration,
so I'm not quite used to the commands)

> A quick way to browse the ldap data is:
>  slapcat | less

I stopped slapd and tried it, it seems ok to me.
I can see the data from my ldap.

> on the ldap server. You can search quickly using the search functions in 
> "less" - just like in vi.
> The log looks odd - I don't have a samba installation to hand to check 
> but we see a user called "Invite" and also some entries which seem to be 
> due a null user name:
>  >>[2008/01/06 15:17:45, 3] auth/auth_sam.c:check_sam_security(244)
>  >>check_sam_security: Couldn't find user '' in passdb file.

Yes, i'm puzzled too. "Invite" in french means "guest".
I have no idea why it looks for the guest account.

I looked furher, and something looks strange.
If I try:
#ldapsearch -D "cn=Manger,dc=company,dc=fr"
I get this:
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
         additional info: SASL(-13): user not found: no secret in database

It looks like it can't find the Manager account, doesn't it?

> If I were you, I'd run tcpdump/snoop/wireshark and look at the dialogue 
> between the client and the pdc.
> Q

I'll have a look at this.

Thanks for your help

More information about the samba mailing list