[Samba] [samba4] How to use my ldap users in sam.ldb?

Andrew Bartlett abartlet at samba.org
Tue Sep 4 06:36:37 MDT 2012 

On Tue, 2012-09-04 at 14:16 +0200, Ced T wrote:
> Yes with this command line
> 
> //usr/local/samba/bin/samba-tool domain classicupgrade 
> --dbdir=/home/user/samba3/ --use-xattrs=yes  --realm=LABO.FR 
> /home/user/user/smb.conf/
> 
> (where smb.conf is a copy of my old samba3 server that use my openldap 
> database and /home/user/samba3 contains a copy of samba3 databases)
> 
> I can see he connects successfully to my openldap database and he begins 
> to export accounts
> 
> /Reading smb.conf//
> //Processing section "[homes]"//
> //Processing section "[printers]"//
> //Processing section "[print$]"//
> //Provisioning//
> //smbldap_search_domain_info: Searching 
> for:[(&(objectClass=sambaDomain)(sambaDomainName=LABO))]//
> //smbldap_open_connection: connection opened//
> //ldap_connect_system: successful connection to the LDAP server//
> //Exporting account policy//
> //Exporting groups//
> //ldapsam_setsamgrent: 0 entries in the base!//
> //Exporting users//
> //smbldap_search_paged: base => [dc=labo,dc=fr], filter => 
> [(&(uid=*)(objectclass=sambaSamAccount))],scope => [2], pagesize => [1024]//
> //smbldap_search_paged: search was successful//
> //init_sam_from_ldap: Entry found for user: balezo//
> //smbldap_search_domain_info: Searching 
> for:[(&(objectClass=sambaDomain)(sambaDomainName=LABO))]//
> //smbldap_open_connection: connection opened//
> //ldap_connect_system: successful connection to the LDAP server//
> //ERROR: Got 0 entries for gid 100, expected one//
> //Forcing Primary Group to 'Domain Users' for balezo//
> //primary group of [balezo] not found//
> //Ignoring group memberships of 'balezo' 
> S-1-5-21-3929439064-1197820248-2386129086-6000: Unable to enumerate 
> group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)//
> //init_sam_from_ldap: Entry found for user: calvigna//
> //ERROR: Got 0 entries for gid 100, expected one//
> //Forcing Primary Group to 'Domain Users' for calvigna//
> //primary group of [calvigna] not found//
> //Ignoring group memberships of 'calvigna' 
> S-1-5-21-3929439064-1197820248-2386129086-6002: Unable to enumerate 
> group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)//
> //init_sam_from_ldap: Entry found for user: currie//
> //ERROR: Got 0 entries for gid 100, expected one//
> /...
> But suddenly he crashes with these errors:
> 
> /Failed to connect to ldap URL 'ldaps://ldap.intra.labo.fr/' - LDAP 
> client internal error: NT_STATUS_BAD_NETWORK_NAME//
> //Failed to connect to 'ldaps://ldap.intra.labo.fr/' with backend 
> 'ldaps': (null)//
> //Could not open ldb connection to ldaps://ldap.intra.labo.fr/, the 
> error message is: (1, None)//
> //Exporting posix attributes//
> //smbldap_search_paged: base => [dc=labo,dc=fr], filter => 
> [(&(uid=*)(objectclass=sambaSamAccount))],scope => [2], pagesize => [1024]//
> //smbldap_search_paged: search was successful//
> //ERROR(<type 'exceptions.UnboundLocalError'>): uncaught exception - 
> local variable 'ldb_object' referenced before assignment//
> //  File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", 
> line 160, in _run//
> //    return self.run(*args, **kwargs)//
> //  File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", 
> line 1013, in run//
> //    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)//
> //  File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/upgrade.py", line 
> 795, in upgrade_from_samba3//
> //    homes[username] = get_posix_attr_from_ldap_backend(logger, 
> ldb_object, base_dn, username, "homeDirectory")/

My guess is you didn't build Samba4 against the gnutls development
headers.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list