[Samba] OpenLDAP integration

Brad Nielsen Brad.Nielsen at techsonix.com
Tue Nov 11 07:07:17 GMT 2008 

I've followed the OpenLDAP + SAMBA Domain Controller tutorial
step-by-step: http://ubuntuforums.org/showthread.php?t=640760

And after long hours, and enless googling, I've yet to find a solution.

LDAP works great
SAMBA works great.

But the intergration between them don't work.

Here is the samba log:
root:/etc# tail /var/log/samba/log.smbd
  smbd version 3.0.28a started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/11/10 22:11:32, 0] auth/auth_util.c:create_builtin_administrators(792)
  create_builtin_administrators: Failed to create Administrators
[2008/11/10 22:11:32, 0] auth/auth_util.c:create_builtin_users(758)
  create_builtin_users: Failed to create Users
[2008/11/10 22:11:47, 0] auth/auth_util.c:create_builtin_administrators(792)
  create_builtin_administrators: Failed to create Administrators
[2008/11/10 22:11:47, 0] auth/auth_util.c:create_builtin_users(758)
  create_builtin_users: Failed to create Users

I've tried to "net groupmap" the group's, but they've already been
mapped, and still no luck.

I'm running Ubuntu 8.04, samba version 3.0.28a-1ubuntu4.5

When i try to access the share from the local machine with smbclient, I get:
root:/etc# smbclient //hostname/Storage -U ricky
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

(Note: I renamed "hostname" with the original hostname, i don't want
to post any internal info.)

And if I do a ldapsearch, it brings up all of the right information.

My LDAP configuration in the smb.conf looks like this:

        passdb backend = ldapsam:ldap://localhost/

        ldap admin dn = cn=admin,dc=domain,dc=com
        ldap user suffix = ou=Users
        ldap suffix = dc=domain,dc=com
        ldap idmap suffix = ou=Users
        ldap passwd sync = Yes
        ldap delete dn = Yes
        ldap machine suffix = ou=Computers
        ldap group suffix = ou=Groups

(Note: I renamed "domain com" with the original domain, I don't want
to post any internal info.)

I've double, triple, quad triple, and had someone else look at it, and
we are not seeing what could be going wrong.

If there is anyone who can shine some light on this, it'd be greatly
appreciated!

Thanks!

- Bradley

More information about the samba mailing list