[Samba] Samba 3.2 Ldap problem
Ernesto Silva
silva at ort.edu.uy
Thu Jul 3 23:47:36 GMT 2008
Misty, sorry I forgot to mention that the secrets.tdb file is correctly set with 'smbpasswd -w myldapmanagerpassword'
regards,
--
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: silva at ort.edu.uy
Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102
Fax: (+5982) 900-2952
misty at borkholder.com wrote:
>> [2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:init_sam_from_ldap(567)
>> init_sam_from_ldap: No uid attribute found for this user!
>> [2008/07/01 04:54:01, 1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
>> ldapsam_getsampwnam: init_sam_from_ldap failed for user 'xxxxx'!
>>
>
> Have you looked in the LDAP log to see what attribute it's actually
> looking for? I haven't used 3.2 yet but I guess it's possible that
> something has changed with that.
>
>
>> [global]
>>
>> os level = 64
>
> I don't think you need or want this since you are not a WINS server...
>
>
>> ldap admin dn = cn=Manager,dc=my,dc=company
>> ldap suffix = dc=my,dc=company
>> ldap machine suffix = ou=Computers
>> ldap group suffix = ou=Groups
>> ldap idmap suffix = ou=Idmap
>> ldap user suffix = ou=People
>> ldap passwd sync = Yes
>
>
> Have you run smbpasswd -w to write the LDAP admin password into secrets.tdb?
>
>>
>> [www2]
>> valid users = +groupA +groupB
>> force user = www2
>
> Only last night I was dealing with a terrible problem with 3.0.28a wih
> these two parameters. Try commenting these out and see if you can get to
> your share. Try naming individual users instead of groups. Also,
> apparently the required syntax for expanding groups has changed and I
> think it should be +DOMAIN\groupA and the like. Though I'm not sure that
> the '+' syntax is still favored either. You'll need to look in the docs
> for your version to verify this. Comment them out for testing anyway.
>
> Also I was made aware last night that it is better to set the sticky bit
> on the directory than to use 'force user' or 'force group' (thanks JHT).
> It will solve the 'create mask' too, I think.
>
>
>> create mask = 0775
>
>> Best regards,
>> --
>> Ing. Ernesto Silva.
>> Coordinador de Desarrollo Web y Sistemas Abiertos
>> Centro de Procesamiento de Datos
>> Universidad ORT Uruguay.
>> E-mail: silva at ort.edu.uy
>> Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102
>> Fax: (+5982) 900-2952
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/listinfo/samba
>>
>
>
>
More information about the samba
mailing list