[Samba] [samba4] How to use my ldap users in sam.ldb?

Tue Sep 4 06:39:24 MDT 2012

Le 04/09/2012 14:36, Andrew Bartlett a écrit :
> On Tue, 2012-09-04 at 14:16 +0200, Ced T wrote:
>> Yes with this command line
>>
>> //usr/local/samba/bin/samba-tool domain classicupgrade
>> --dbdir=/home/user/samba3/ --use-xattrs=yes  --realm=LABO.FR
>> /home/user/user/smb.conf/
>>
>> (where smb.conf is a copy of my old samba3 server that use my openldap
>> database and /home/user/samba3 contains a copy of samba3 databases)
>>
>> I can see he connects successfully to my openldap database and he begins
>> to export accounts
>>
>> /Reading smb.conf//
>> //Processing section "[homes]"//
>> //Processing section "[printers]"//
>> //Processing section "[print$]"//
>> //Provisioning//
>> //smbldap_search_domain_info: Searching
>> for:[(&(objectClass=sambaDomain)(sambaDomainName=LABO))]//
>> //smbldap_open_connection: connection opened//
>> //ldap_connect_system: successful connection to the LDAP server//
>> //Exporting account policy//
>> //Exporting groups//
>> //ldapsam_setsamgrent: 0 entries in the base!//
>> //Exporting users//
>> //smbldap_search_paged: base => [dc=labo,dc=fr], filter =>
>> [(&(uid=*)(objectclass=sambaSamAccount))],scope => [2], pagesize => [1024]//
>> //smbldap_search_paged: search was successful//
>> //init_sam_from_ldap: Entry found for user: balezo//
>> //smbldap_search_domain_info: Searching
>> for:[(&(objectClass=sambaDomain)(sambaDomainName=LABO))]//
>> //smbldap_open_connection: connection opened//
>> //ldap_connect_system: successful connection to the LDAP server//
>> //ERROR: Got 0 entries for gid 100, expected one//
>> //Forcing Primary Group to 'Domain Users' for balezo//
>> //primary group of [balezo] not found//
>> //Ignoring group memberships of 'balezo'
>> S-1-5-21-3929439064-1197820248-2386129086-6000: Unable to enumerate
>> group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)//
>> //init_sam_from_ldap: Entry found for user: calvigna//
>> //ERROR: Got 0 entries for gid 100, expected one//
>> //Forcing Primary Group to 'Domain Users' for calvigna//
>> //primary group of [calvigna] not found//
>> //Ignoring group memberships of 'calvigna'
>> S-1-5-21-3929439064-1197820248-2386129086-6002: Unable to enumerate
>> group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)//
>> //init_sam_from_ldap: Entry found for user: currie//
>> //ERROR: Got 0 entries for gid 100, expected one//
>> /...
>> But suddenly he crashes with these errors:
>>
>> /Failed to connect to ldap URL 'ldaps://ldap.intra.labo.fr/' - LDAP
>> client internal error: NT_STATUS_BAD_NETWORK_NAME//
>> //Failed to connect to 'ldaps://ldap.intra.labo.fr/' with backend
>> 'ldaps': (null)//
>> //Could not open ldb connection to ldaps://ldap.intra.labo.fr/, the
>> error message is: (1, None)//
>> //Exporting posix attributes//
>> //smbldap_search_paged: base => [dc=labo,dc=fr], filter =>
>> [(&(uid=*)(objectclass=sambaSamAccount))],scope => [2], pagesize => [1024]//
>> //smbldap_search_paged: search was successful//
>> //ERROR(<type 'exceptions.UnboundLocalError'>): uncaught exception -
>> local variable 'ldb_object' referenced before assignment//
>> //  File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 160, in _run//
>> //    return self.run(*args, **kwargs)//
>> //  File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>> line 1013, in run//
>> //    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)//
>> //  File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/upgrade.py", line
>> 795, in upgrade_from_samba3//
>> //    homes[username] = get_posix_attr_from_ldap_backend(logger,
>> ldb_object, base_dn, username, "homeDirectory")/
> My guess is you didn't build Samba4 against the gnutls development
> headers.
>
> Andrew Bartlett
>
Hmm I tried with ldap (without "s") and i got the same error :-(

Ced T