[Samba] samba 3.4.2 centos with ldap 2.4.11 stucks

Kent Nasveschuk knasveschuk at mbl.edu
Thu Oct 15 11:36:51 MDT 2009 

Sorry, don't have a BDC running in test environment. 

Kent 

----- Original Message ----- 
From: "Martin Hochreiter" <linuxbox at wavenet.at> 
To: "Kent Nasveschuk" <knasveschuk at mbl.edu> 
Cc: samba at lists.samba.org 
Sent: Thursday, October 15, 2009 10:10:17 AM GMT -05:00 US/Canada Eastern 
Subject: Re: [Samba] samba 3.4.2 centos with ldap 2.4.11 stucks 

Hi Kent, 

yes - our PDC is running the same combination - without any problems, 
and on that BDC machine (that I have completely reinstalled to eliminate 
other errors) I have 
that confusing daemon problems ... 

regard 
> I have the same setup Centos5.3, Samba3.4.2, OpenLDAP 2.4.11 (running on 127.0.0.1). Those entries show up in individual machine logs, there are no problems that I can see between OpenLDAP and Samba. 
> 
> smb.conf: 
> ... 
> log file = /opt/samba-3.4.2/var/log/samba.%m 
> ... 
> 
> Kent 
> 
> ----- Original Message ----- 
> From: "Martin Hochreiter" <linuxbox at wavenet.at> 
> To: samba at lists.samba.org 
> Sent: Thursday, October 15, 2009 8:51:25 AM GMT -05:00 US/Canada Eastern 
> Subject: [Samba] samba 3.4.2 centos with ldap 2.4.11 stucks 
> 
> Hi! 
> 
> We are using Samba 3.4.2 from sernet on a centos 5.3 box with 
> ldap 2.4.11 as db. 
> 
> I have very heavy problems with the smbd daemon. 
> If I set the smb.conf to the local ldap 
> via ldapsam:ldap://127.0.0.1 or just ldapsam 
> 
> # LDAP SETTINGS 
> ldap admin dn="uid=Admin,ou=Users,dc=xxx,dc=xxx" 
> ldap ssl = no 
> passdb backend = ldapsam:ldap://127.0.0.1 
> ldap delete dn = no 
> ldap user suffix = ou=Users 
> ldap group suffix = ou=Groups 
> ldap machine suffix = ou=Clients 
> ldap suffix = dc=fh-stpoelten,dc=ac.at 
> ldap passwd sync = yes 
> 
> the smbd daemon stucks while connecting to it (see "non working log") 
> I have to kill -9 the daemons 
> 
> If I use the same 3.4.2 ldap externally from a similar centos 5.3 machine 
> the the connection works without problems (see "working log") 
> 
> You can query the local ldap with the ldaptools in various ways and you 
> get the correct response (with the credentials stored to the .tdb) 
> 
> - does anyone has a hint for me? 
> 
> regards 
> Maritn 
> 
> 
> 
> 
> 
> Non working log (debug 2): 
> 
> 
> [2009/10/15 14:42:59, 2] smbd/server.c:676(smbd_parent_loop) 
> waiting for connections 
> [2009/10/15 14:43:02, 2] smbd/sesssetup.c:1360(setup_new_vc_session) 
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources. 
> [2009/10/15 14:43:02, 2] lib/smbldap.c:856(smbldap_open_connection) 
> smbldap_open_connection: connection opened 
> [2009/10/15 14:43:02, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) 
> init_sam_from_ldap: Entry found for user: nsc 
> [2009/10/15 14:43:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:43:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:43:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:43:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 1003 
> [2009/10/15 14:43:02, 2] auth/auth.c:310(check_ntlm_password) 
> check_ntlm_password: authentication for user [nsc] -> [nsc] -> [nsc] 
> succeeded 
> 
> 
> 
> 
> 
> 
> Working log (debug 2): 
> 
> 
> [2009/10/15 14:45:41, 2] smbd/sesssetup.c:1360(setup_new_vc_session) 
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources. 
> [2009/10/15 14:45:41, 2] lib/smbldap.c:856(smbldap_open_connection) 
> smbldap_open_connection: connection opened 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) 
> init_sam_from_ldap: Entry found for user: nsc 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 999 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 1003 
> [2009/10/15 14:45:41, 2] auth/auth.c:310(check_ntlm_password) 
> check_ntlm_password: authentication for user [nsc] -> [nsc] -> [nsc] 
> succeeded 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) 
> init_group_from_ldap: Entry found for group: 998 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) 
> init_sam_from_ldap: Entry found for user: Admin 
> [2009/10/15 14:45:41, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) 
> init_sam_from_ldap: Entry found for user: Admin 
> [2009/10/15 14:45:41, 1] smbd/service.c:1047(make_connection_snum) 
> 10.222.0.240 (10.222.0.240) connect to service netlogon initially as 
> user nsc (uid=1746, gid=999) (pid 3061) 
>

More information about the samba mailing list