[Samba] Windows clients connecting to Samba with OpenLDAP password backend

Adam Tauno Williams awilliam at whitemice.org
Mon Nov 2 06:38:51 MST 2009

On Mon, 2009-11-02 at 12:56 +0000, Jonathan Adams wrote:
> I am having real troubles with one of our servers.
> Background:
> We have been using samba in our company for more than 11 years now, since
> version 1.9.16 ...
> We run Sun Solaris on our servers.
> We used to run NIS+ as our password system, but due to it's almost
> impossibility to manage (basically only I knew how) we've moved to LDAP ...
> We have now decided to centralize all our Samba passwords into the LDAP.

Because LDAP is easier to manage! :)  I've been an OpenLDAP admin for 10
+ years... that really illustrates how horrible NIS was.

> On the one machine configured to use LDAP for passwords we have a mysterious
> problem, If we access the machine via a Windows computer (XP, Vista, etc) we
> can create files and folders we can even rename and delete folders, but we
> cannot rename or delete files.

This sounds like a basic permissions problem.  If NSS is working, and
you've authenticated, it pretty much has to be a permissions problem.

> If we access the machine via a Solaris or Linux machine using smbclient we
> can do everything.

Maybe those are invoking "unix extensions".  I've got no clue how that
specifically would effect permission handling.

> I originally wondered if it was due to the Sun compiled Samba 3.0.35 server
> that is installed, so i removed it and compiled in 3.4.2 with OpenLDAP
> support, but it has exactly the same issues.

Which even more strongly points to a permissions issue.

> This problem does not occur on our other machines (that run ldap as their
> naming service in all but samba) ...

I'm not sure what this means.

> I'm happy to show all relevant information and logs/debugs if
> necessary
> I have seen some people talk about this before on the internet, but there
> doesn't appear to be any answer.

More information about the samba mailing list