[Samba] Failed to retrieve password from secrets.tdb with anonymous bind

Dr. Alberto Benati benati at economia.unife.it
Wed Sep 10 06:41:03 GMT 2008 

Unfortunately I don't have a password to administer this external ldap but
only query / bind anonymously

if I enable a local (127.0.0.1) openldap with administration (rootdn and
rootpw) everything works well.
Samba seems to work that must administer LDAP unlike ProFtpd that retrieve
data and stop

Alberto



> Try run:
> 
> root# smbpasswd -w ldap_password
> 
> and restart the samba
> 
> Reggars,
> 
> Iarly Selbir
> 
> 2008/9/9 Dr. Alberto Benati <benati at economia.unife.it>
> 
> > Samba 3.2.1 on linux OpenFiler 2.3
> >
> > I have an external LDAP server with anonymous bind and pam
> > ProFtpd linked to LDAP server works well without error
> >
> >
> > But samba does not work, in smbd.log I have:
> > [2008/09/09 22:01:54,  0] passdb/secrets.c:fetch_ldap_pw(888)
> >  fetch_ldap_pw: neither ldap secret retrieved!
> > [2008/09/09 22:01:54,  0] lib/smbldap.c:smbldap_connect_system(952)
> >  ldap_connect_system: Failed to retrieve password from secrets.tdb
> > [2008/09/09 22:01:54,  1] lib/smbldap.c:another_ldap_try(1178)
> >  Connection to LDAP server failed for the 1 try!
> > .........................
> >
> >
> > Part of smb.conf:
> > ldap ssl = no
> > ldap suffix = ou=People,dc=unizz,dc=it
> > encrypt passwords = yes
> > security = user
> > passdb backend = ldapsam:ldap://ldap.unizz.it
> > ldap user suffix = ou=People
> > pam password change = no
> >
> >
> > I tried to add password in secrets.tdb, but:
> > [root at backup2 samba]# smbpasswd -w ""
> > ERROR: 'ldap admin dn' not defined! Please check your smb.conf
> >
> > I then added in smb.conf a fake:
> > ldap admin dn = ou=People,dc=unizz,dc=it
> >
> > [root at backup2 samba]# tdbdump /etc/samba/secrets.tdb
> > {
> > key(19) = "SECRETS/SID/BACKUP2"
> > data(68) = "\01\04\00\00\00\00\00\05\15\00\00\00A,\EB\C1\E5\5C/(\E7\DDl
> >
> >
\A7\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
> > }
> > {
> > key(45) = "SECRETS/LDAP_BIND_PW/ou=People,dc=unizz,dc=it"
> > data(1) = "\00"
> >
> >
> > now without the row I have always same prev error
> > and with the row ldap admin dn = ou=People,dc=unizz,dc=it I have now:
> > [2008/09/09 22:15:13,  0] lib/smbldap.c:smbldap_connect_system(992)
> >  failed to bind to server ldap://ldap.unizz.it with
> > dn="ou=People,dc=unizz,dc=it" Error: Server is unwilling to perform
> >       unwilling to allow anonymous bind with non-empty DN
> > [2008/09/09 22:15:13,  1] lib/smbldap.c:another_ldap_try(1178)
> >  Connection to LDAP server failed for the 1 try!
> > ..................
> >
> > rightly, but I can not go out from this situation.
> > Any suggestion?
> >
> > Thank you
> > Alby
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
------- End of Original Message -------

More information about the samba mailing list