[Samba] Weird issue with samba 3.4.7
Amit More
amore at xetus.com
Wed Oct 26 14:13:00 MDT 2011
Hello Chris,
Thank you for your response. I appreciate it.
> Are you using a custom cert for your ldap server?
- Yes i am using a custom cert for the ldap connection
> If so, do you have the root cert installed and do your ldap configuration
> files have the right tls_cacertfile entries?
- I have the root cert installed and the samba host has the right tls_certificate entries
-
> Is your ldap password password properly configured on the 10.04 host?
- Yes the ldap password is properly configured on the samba 10.04 host.
When i add the following directives to the smb.conf file and run "smbpasswd -W" to write the password to the secrets.tdb file, samba is able to connect to the LDAP server (verified through logs) and do a user lookup. Now users trying to mount the shares are authenticated successfully only if they have previously logged in to the system (via ssh), else i get errors (in logs) such as "NT_STATUS_WRONG_PASSWORD".
I am stuck here. For now, I am reading how authentication in samba works.
Thanks,
Amit
On Oct 26, 2011, at 12:22 PM, Chris Perry wrote:
> On Wed, Oct 26, 2011 at 2:59 PM, Amit More <amore at xetus.com> wrote:
>
>> Hello All,
>>
>>
>> I have samba version 3.3.2 installed on a system running Ubuntu Server 9.04
>> (32-bit). The users trying to mount the samba shares authenticate over the
>> LDAP server.
>> Here is how my configuration files look like,
>>
>
> Your /etc/nsswitch.conf and pam.d configurations look identical to my 10.04
> 64bit config, other than the fact that I don't have the pam_smbpass.so in
> password or pam_mkhomerdir.so in session, so I don't think your problem lies
> there.
>
> I would check your ldap configuration to make sure that works properly
> before investigating the samba config.
> In that regard a few questions come to mind:
>
> Are you using a custom cert for your ldap server?
> If so, do you have the root cert installed and do your ldap configuration
> files have the right tls_cacertfile entries?
> Is your ldap password password properly configured on the 10.04 host?
>
> -Chris
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list