[Samba] Samba/LDAP Backend: Error NT_STATUS_CONNECTION_REFUSED

Todd E Thomas todd_dsm at ssiresults.com
Fri Mar 27 02:29:57 GMT 2009 

When I run this command I am not prompted for a password, I just get the below error.

# smbclient -U root //zmail/homes
Error connecting to 10.0.0.14 (Connection refused)
Connection to zmail failed (Error NT_STATUS_CONNECTION_REFUSED)
---
Now for the back story:
  CentOS v5.2 with Samba v3.0.28-1.el5_2.1 and Zimbra 5.0.11_GA on x86_64 hardware.

I'm attempting to connect samba (PDC) with zimbra's included openldap. everything appeared to work correctly on an individual basis (samba, zimbra, openldap) and openldap appears to be working correctly via ldapsearch. 

Once I ran authconfig things went a little crazy for samba. I think it's not able to communicate with ldap and I'm not sure what tools and methods there are for a procedural verification of their intercommunication.

Is there such a resource?

As a result, there are a few errors. The one above and one other; smbd keeps dying on me. As I am a novice I'm not sure if these things are related or not. The conf is below.

# service smb status
smbd dead but pid file exists
nmbd (pid 9072) is running...


Thanks in advance,

Todd E Thomas
===
The host is zmail = 10.0.0.14
---
[global]
  netbios name = zmail
  workgroup = OFFICE
  security = user
  server string = Palladium %v
  wins support = yes
  dns proxy = no
  name resolve order = wins hosts lmhosts bcast
  wins server = 10.0.0.14
  log file = /var/log/samba/log.%m
  log level = 6
  max log size = 1000
  syslog only = no
  syslog = 0
  panic action = /usr/share/samba/panic-action %d
  enable privileges = yes
  encrypt passwords = yes
## Use ldap for auth
  ldap passwd sync = yes
  passdb backend = ldapsam:ldaps://zmail.ptest.us/
#  ldap port = 636
  ldap admin dn = "cn=config"
  ldap suffix = dc=ptest,dc=us
  ldap group suffix = ou=groups
  ldap user suffix = ou=people
  ldap machine suffix = ou=machines
  obey pam restrictions = no
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
  domain master = yes
  domain logons = yes
  os level = 33
  preferred master = yes
  local master = yes
  logon path = \\zmail.ptest.us\%U\profile
  logon home = \\zmail.ptest.us\%U
  add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
  add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --quiet --gecos "machine account" --force-badname %u
  socket options = TCP_NODELAY
[homes]
  comment = Home Directories
  browseable = yes
  read only = No
  valid users = %S
[netlogon]
  comment = Network Logon Service
  path = /export/netlogon
  read only     = yes
  write list = +ntadmin
  locking = no
===

More information about the samba mailing list