[Samba] Samba + LDAP problem

Adam Williams awilliam at mdah.state.ms.us
Tue Feb 3 18:24:19 GMT 2009


 Samba-3 generates a Windows Security Identifier (SID) only when smbd  has
been started. For this reason, you start Samba. After a few seconds
delay, execute:

root#  smbclient -L localhost -U%
root#  net getlocalsid

A report such as the following means that the domain SID has not yet been
written to the secrets.tdb or to the LDAP backend:

[2005/03/03 23:19:34, 0] lib/smbldap.c:smbldap_connect_system(852)
  failed to bind to server ldap://massive.abmas.biz
with dn="cn=Manager,dc=abmas,dc=biz" Error: Can't contact LDAP server
[2005/03/03 23:19:48, 0] lib/smbldap.c:smbldap_search_suffix(1169)
  smbldap_search_suffix: Problem during the LDAP search:
        (unknown) (Timed out)

The attempt to read the SID will cause and attempted bind to the LDAP
server. Because the LDAP server is not running, this operation will fail
by way of a timeout, as shown previously. This is normal output; do not
worry about this error message. When the domain has been created and
written to the secrets.tdb file, the output should look like this:

SID for domain MASSIVE is: S-1-5-21-3504140859-1010554828-2431957765

If, after a short delay (a few seconds), the domain SID has still not been
written to the secrets.tdb file, it is necessary to investigate what may
be misconfigured. In this case, carefully check the smb.conf file for
typographical errors (the most common problem). The use of the testparm is
highly recommended to validate the contents of this file.

> Hello everyone, I have a question here that has been giving me troubles :
> I installed my PDC with samba + LDAP... everything seems to work just
> fine (user creation, population, groups, users and machines connecting
> to the domain)... but one thing keeps not working : net getlocalsid... I
> keep getting this message : Can't fetch domain SID for name: MACHINENAME
> I searched the internet like crazy even asked in IRC channels but no
> luck... can anyone enlight me on this one ?
> Thanks,
> A.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list