[Samba] Samba 3.4.7 with LDAP authentication

Amit More amore at xetus.com
Fri Oct 7 15:44:18 MDT 2011

Hello Miguel,

Thanks for your response. I used ldapsearch to querry the LDAP server from the system  running samba and got the following output,

Querry used: ldapsearch -LLL  -x -D "cn=root,dc=xetus,dc=com" -W -H "ldap://" -b "ou=people,dc=xetus,dc=com" "(uid=amore)"

dn: cn=Amit  More,ou=people,dc=xetus,dc=com
givenName:: QW1pdCA=
sn: More
cn: Amit  More
uid: amore
userPassword:: e01ENX1JRWZ1eVpaMkhscVJFUE8vTndGMkNnPT0=
uidNumber: 5004
gidNumber: 5001
homeDirectory: /home/users/amore
loginShell: /bin/bash
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: hostObject
objectClass: top
host: fileserver

i have also confirmed this using phpldapadmin. 

Now, when i issue "pdbedit -L -u amore" command i get the following  output,

doing parameter security = user
doing parameter encrypt passwords = true
doing parameter passdb backend = ldapsam:ldap://ldap1.xetus.com/
doing parameter ldap admin dn = cn=root,dc=xetus,dc=com
doing parameter ldap user suffix = ou=people
doing parameter ldap group suffix = ou=groups
doing parameter ldap machine suffix = ou=people
doing parameter ldap suffix = dc=xetus,dc=com
doing parameter ldap ssl = no
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter usershare allow guests = yes
pm_process() returned Yes
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=FILESERVER))]
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
The LDAP server is successfully connected
ldapsam_getsampwnam: Unable to locate user [amore] count=0
Username not found!

I am not able to figure out where i am going wrong. 


On Oct 7, 2011, at 6:33 AM, Miguel Medalha wrote:

>> User Search failed!
> There's something seriously wrong with your LDAP configuration. Are you sure that the OUs exist and are in the proper place?
> Can you use some LDAP client (LAM,phpldapadmin, LDAPAdmin, Apache Directory Studio, etc) ro inspect the LDAP database?

More information about the samba mailing list