[Samba] Samba 3.2 Ldap problem

Ernesto Silva silva at ort.edu.uy
Thu Jul 3 23:47:36 GMT 2008


Misty, sorry I forgot to mention that the secrets.tdb file is correctly set with 'smbpasswd -w myldapmanagerpassword'

regards,
-- 
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: silva at ort.edu.uy
Tel: (+5982) 903-1995, (+5982) 902-9687  ext. 102 
Fax: (+5982) 900-2952


misty at borkholder.com wrote:
>> 	[2008/07/01 04:54:01,  1] passdb/pdb_ldap.c:init_sam_from_ldap(567)
>> 	  init_sam_from_ldap: No uid attribute found for this user!
>> 	[2008/07/01 04:54:01,  1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
>> 	  ldapsam_getsampwnam: init_sam_from_ldap failed for user 'xxxxx'!
>>
> 
> Have you looked in the LDAP log to see what attribute it's actually
> looking for?  I haven't used 3.2 yet but I guess it's possible that
> something has changed with that.
> 
> 
>> [global]
>>
>>     os level = 64
> 
> I don't think you need or want this since you are not a WINS server...
> 
> 
>>     ldap admin dn   = cn=Manager,dc=my,dc=company
>>     ldap suffix     = dc=my,dc=company
>>     ldap machine suffix     = ou=Computers
>>     ldap group suffix   = ou=Groups
>>     ldap idmap suffix   = ou=Idmap
>>     ldap user suffix    = ou=People
>>     ldap passwd sync    = Yes
> 
> 
> Have you run smbpasswd -w to write the LDAP admin password into secrets.tdb?
> 
>>
>> [www2]
>>     valid users = +groupA +groupB
>>     force user = www2
> 
> Only last night I was dealing with a terrible problem with 3.0.28a wih
> these two parameters.  Try commenting these out and see if you can get to
> your share.  Try naming individual users instead of groups.  Also,
> apparently the required syntax for expanding groups has changed and I
> think it should be +DOMAIN\groupA and the like.  Though I'm not sure that
> the '+' syntax is still favored either.  You'll need to look in the docs
> for your version to verify this.  Comment them out for testing anyway.
> 
> Also I was made aware last night that it is better to set the sticky bit
> on the directory than to use 'force user' or 'force group' (thanks JHT). 
> It will solve the 'create mask' too, I think.
> 
> 
>>     create mask = 0775
> 
>> Best regards,
>> --
>> Ing. Ernesto Silva.
>> Coordinador de Desarrollo Web y Sistemas Abiertos
>> Centro de Procesamiento de Datos
>> Universidad ORT Uruguay.
>> E-mail: silva at ort.edu.uy
>> Tel: (+5982) 903-1995, (+5982) 902-9687  ext. 102
>> Fax: (+5982) 900-2952
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>
> 
> 
> 



More information about the samba mailing list