[Samba] Samba 3.2 Ldap problem
silva at ort.edu.uy
Thu Jul 3 23:47:27 GMT 2008
Kevin, unix users works fine, I can login into the server with my username and password with both stored in the directory, the only "problem" here is that I don't have a home directory so I the Linux server warns me and assumes '/'.
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: silva at ort.edu.uy
Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102
Fax: (+5982) 900-2952
Kevin Bedford wrote:
> Ernesto Silva wrote:
>> I've running a samba 3.0.22-13.30 server in standalone mode
>> (security=user) for quite a while. It's authenticated against an
>> openLdap and works great, say Server A.
>> A few days ago I've installed OpenSuSE 11 Beta 2 in another server, it
>> came with samba 3.2.0-18, so as I'm very lazy I copied the smb.conf
>> file from the working server to the new one with little modifications
>> like the netbios name and which shares it serves, say Server B. I'm
>> connecting to the same Ldap server.
>> The problem is that I can't reach any share, from the Server B logs...
>> [2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:init_sam_from_ldap(567)
>> init_sam_from_ldap: No uid attribute found for this user!
>> [2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
>> ldapsam_getsampwnam: init_sam_from_ldap failed for user 'xxxxx'!
>> I've been "googleing" for the last 8 hours and I can't fix the
>> problem, with a more verbose debug level I can see that the Ldap
>> connection works fine. I've also checked the Ldap logs and everything
>> is fine.
>> May be it's a problem with idmap-ing.
>> Here is my smb.conf file from the Server B, I've placed comments on
>> lines which differ from the Server A and commented out lines I believe
>> are not relevant to Server B.
>> passdb expand explicit = no
>> utmp = Yes
>> workgroup = CPD
>> netbios name = OPEN # I've changed the
>> server string = File Server
>> passdb backend = ldapsam:ldap://ldapon.my.company
>> time server = Yes
>> printing = cups
>> printcap name = cups
>> printcap cache time = 750
>> cups options = raw
>> username map = /etc/samba/smbusers
>> map to guest = Bad User
>> wins support = no # it's 'Yes' in the old server
>> local master = no # it's 'Yes' in the old server
>> domain master = no # it's 'Yes' in the old server
>> domain logons = no # it's 'Yes' in the old server
>> security = user
>> preferred master = no
>> os level = 64
>> encrypt passwords = yes
>> # logon script = test.bat
>> # logon path = \\%L\profiles\%U
>> # logon home = \\%L\%U
>> # logon drive = z:
>> # add user script = ldapsmb -a -u "%u"
>> # delete user script = ldapsmb -d -u "%u"
>> # add machine script = ldapsmb -a -s -wks "%u" -v --logfile
>> # add group script = ldapsmb -a -g "%g"
>> # delete group script = ldapsmb -d -g "%g"
>> # add user to group script = ldapsmb -j -u "%u" -g "%g"
>> # delete user from group script = ldapsmb -j -u "%u" -g "%g"
>> # set primary group script = ldapsmb -m -u "%u" -gid "%g"
>> ldap admin dn = cn=Manager,dc=my,dc=company
>> ldap suffix = dc=my,dc=company
>> ldap machine suffix = ou=Computers
>> ldap group suffix = ou=Groups
>> ldap idmap suffix = ou=Idmap
>> ldap user suffix = ou=People
>> ldap passwd sync = Yes
>> log file = /var/log/samba/%m.log
>> log level = 1
>> load printers = no
>> comment = webpages
>> path = /path/to/webpages
>> public = no
>> writeable = yes
>> browseable = yes
>> valid users = +groupA +groupB
>> force user = www2
>> create mask = 0775
>> dont descend = /bin,/boot,/dev,/etc,/lib,.....
>> Please, any ideas?
>> Best regards,
> Is the new server set up to resolve Unix uid's and gid's from your LDAP
> server? Just a thought.
More information about the samba