[Samba] Samba 3.2 Ldap problem

misty at borkholder.com misty at borkholder.com
Wed Jul 2 01:21:11 GMT 2008

> 	[2008/07/01 04:54:01,  1] passdb/pdb_ldap.c:init_sam_from_ldap(567)
> 	  init_sam_from_ldap: No uid attribute found for this user!
> 	[2008/07/01 04:54:01,  1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
> 	  ldapsam_getsampwnam: init_sam_from_ldap failed for user 'xxxxx'!

Have you looked in the LDAP log to see what attribute it's actually
looking for?  I haven't used 3.2 yet but I guess it's possible that
something has changed with that.

> [global]
>     os level = 64

I don't think you need or want this since you are not a WINS server...

>     ldap admin dn   = cn=Manager,dc=my,dc=company
>     ldap suffix     = dc=my,dc=company
>     ldap machine suffix     = ou=Computers
>     ldap group suffix   = ou=Groups
>     ldap idmap suffix   = ou=Idmap
>     ldap user suffix    = ou=People
>     ldap passwd sync    = Yes

Have you run smbpasswd -w to write the LDAP admin password into secrets.tdb?

> [www2]
>     valid users = +groupA +groupB
>     force user = www2

Only last night I was dealing with a terrible problem with 3.0.28a wih
these two parameters.  Try commenting these out and see if you can get to
your share.  Try naming individual users instead of groups.  Also,
apparently the required syntax for expanding groups has changed and I
think it should be +DOMAIN\groupA and the like.  Though I'm not sure that
the '+' syntax is still favored either.  You'll need to look in the docs
for your version to verify this.  Comment them out for testing anyway.

Also I was made aware last night that it is better to set the sticky bit
on the directory than to use 'force user' or 'force group' (thanks JHT). 
It will solve the 'create mask' too, I think.

>     create mask = 0775

> Best regards,
> --
> Ing. Ernesto Silva.
> Coordinador de Desarrollo Web y Sistemas Abiertos
> Centro de Procesamiento de Datos
> Universidad ORT Uruguay.
> E-mail: silva at ort.edu.uy
> Tel: (+5982) 903-1995, (+5982) 902-9687  ext. 102
> Fax: (+5982) 900-2952
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list