[Samba] Problem: LDAP as idmap backend
David Markey
dmarkey at dodds.dmarkey.com
Thu Aug 13 16:45:16 MDT 2009
ldap ssl = off
On Thu, 13 Aug 2009 23:26:37 +0200, Chris Osicki
<osk at admin.swisscom-mobile.ch> wrote:
> Hi
>
> I've just upgraded Samba on Solaris 10 from the bundled version (3.0.33)
> to 3.4.0 and winbind don't want to cooperate with LDAP as idmap backend
> anymore.
>
> The smb.conf I use is:
>
> [global]
> workgroup = CORPROOT
> netbios name = usonfs
> security = domain
> log level = 10
> preferred master = no
> bind interfaces only = yes
> interfaces = usonfs
>
> password server = sg000057.corproot.net sg1006z.corproot.net
> winbind uid = 20000-21000
> winbind gid = 20000-21000
> winbind enum users = no
> winbind enum groups = no
>
> # Using ldap server as winbindd backend
> idmap backend = ldap:ldap://usoldap01.swissptt.ch
> ldap:ldap://usoldap02.swissptt.ch
> ldap admin dn = uid=idmapadm,ou=idmap,dc=swissptt,dc=ch
> ldap idmap suffix = ou=idmap
> ldap suffix = dc=swissptt,dc=ch
>
> I compiled Samba myself: configure; make; make install.
>
> It must be something obvious I'm overlooking I hope somebody could
> point it out.
>
> Running winbindd as:
>
> /usr/local/samba/sbin/winbindd -d 3 -i -n
>
> I see those messages:
>
> [ 8286]: sid to uid S-1-5-21-796845957-1547161642-839522115-187984
> idmap_init: using 'ldap' as remote backend
> Failed to issue the StartTLS instruction: Connect error
> Connection to LDAP server failed for the 1 try!
> Failed to issue the StartTLS instruction: Connect error
> Connection to LDAP server failed for the 3 try!
> Failed to issue the StartTLS instruction: Connect error
> Connection to LDAP server failed for the 5 try!
> Failed to issue the StartTLS instruction: Connect error
> Connection to LDAP server failed for the 7 try!
>
>
> Thanks for your time.
>
> Regards,
> Chris
More information about the samba
mailing list