[Samba] ldap_initialize: Bad parameter to an ldap routine

grant little grantliddle at gmail.com
Thu Sep 2 14:42:09 MDT 2010


On Thu, Sep 2, 2010 at 12:25 AM, grant little <grantliddle at gmail.com> wrote:

> I searched and found this from Volker in 2007 same error message but the
> fix didn't fix in my case:
> http://lists.samba.org/archive/samba/2007-March/130093.html
>
> my system: ubuntu 10.04 LTS server samba 3.4.7
>
> error:
> [2010/09/01 23:57:17,  5] winbindd/idmap.c:169(smb_register_idmap)
>   Successfully added idmap backend 'ldap'
> [2010/09/01 23:57:17,  0] lib/smbldap.c:716(smb_ldap_setup_conn)
>   ldap_initialize: Bad parameter to an ldap routine
>
> global section of config
> [global]
>   unix extensions = no
>   disable spoolss = Yes
>   name resolve order = hosts
>   workgroup = AD
>   realm = AD.MYDOMAIN
>   server string = %h server (Samba, Ubuntu)
>   dns proxy = no
>   log file = /var/log/samba/log.%m
>   max log size = 1000
>   syslog = 0
>   log level = 3 passdb:0 auth:0 vfs:0 idmap:5
>   ldap debug level = 10
>   ldap debug threshold = 5
>   panic action = /usr/share/samba/panic-action %d
>   security = ads
>   kerberos method = system keytab
>   encrypt passwords = true
>   passdb backend = ldapsam:ldaps://ldap.ad.mydomain/
>   ldap ssl = off
>   ldap admin dn =
> CN=ucenters-ldap,ou=users,OU=UCenters,DC=AD,DC=MYDOMAIN,DC=MYTLD
>   obey pam restrictions = yes
>   unix password sync = yes
>   pam password change = no
>   map to guest = bad user
>   winbind enum groups = yes
>   winbind enum users = yes
>   idmap backend = ldap:ldap_url = ldaps://ldap.ad.mydomain/
>   idmap uid = 10000-1999999
>   idmap gid = 10000-1999999
>   idmap alloc backend = ldap
>   idmap alloc config : ldap_url = ldaps://ldap.ad.mydomain/
>   idmap alloc config : ldap_base_dn =
> OU=Users,OU=UCenters,DC=AD,DC=MYDOMAIN,DC=MYTLD
>   usershare allow guests = no
>
>
> Any hints?
>
> Thanks.
>

my test command is
wbinfo  --uid-info 1064262

OK after many permutations and combinations found it didn't like the line:
 idmap backend = ldap:ldap_url = ldaps://ldap.ad.mydomain/
but was happy with
 idmap backend = ldap:ldaps://ldap.ad.mydomain/

now it fails on
[2010/09/02 13:34:15,  3] lib/smbldap.c:1101(smbldap_connect_system)
  ldap_connect_system: successful connection to the LDAP server
[2010/09/02 13:34:15,  3]
winbindd/idmap_ldap.c:1014(idmap_ldap_unixids_to_sids)
  Failure looking up ids (No such object)

I've searched for that error (no hits) and looked at the source but am no
wiser.

any hints for that latest error? Could it be that ubuntu 10.04 samba 3.4.7
comes without ldapsam?


More information about the samba mailing list