[Samba] Failed to retrieve password from secrets.tdb with
anonymous bind
Richard Foltyn
richard.foltyn at gmail.com
Wed Sep 10 06:41:19 GMT 2008
Why don't you just *create* a dedicated samba DN in LDAP which Samba
can use? This is a much more secure setup than granting read or even
write access to passwords to unauthenticated external connections.
The official smbldap-tools HOWTO even suggests how to do this:
1) Create an LDAP entry which might look like this:
dn : cn=samba , ou=DSA, dc=IDEALX, dc=ORG
objectclass : organizationalRole
objectClass : top
objectClass : simpleSecurityObject
userPassword : sambasecretpwd
cn : samba
2) Set the password:
ldappasswd -x -h localhost -D "cn=Manager,dc=IDEALX,dc=ORG" -s sambasecretpwd \
-W cn=samba,ou=DSA,dc=IDEALX,dc=ORG
3) Set you ldap admin dn in smb.conf
4) Set the samba password with smbpasswd
Done.
(See the HOWTO for details:
http://www.iallanis.info/smbldap-tools/docs/samba-ldap-howto/ )
More information about the samba
mailing list