[Samba] objectClass:posixAccount missing

Luca Olivetti luca at wetron.es
Fri Aug 30 08:34:00 MDT 2013 

Al 30/08/13 10:11, En/na steve ha escrit:
> On Fri, 2013-08-30 at 00:34 +0200, Luca Olivetti wrote:
>> Al 29/08/13 21:54, En/na Rowland Penny ha escrit:
>>
>>>> Yes, I was trying sssd, but I forgot that I switched back nsswitch.conf
>>>> to ldap, so I thought your suggestion was working while it actually
>>>> wasn't (same error with Administrator as with HP$).
>>>>
>>>> Bye
>>> Hi, I am replying to you on list, could you please post your sssd.conf
>>> and what version of sssd you are using, also what is your OS
>>
>> OK, now I got sssd working *but* without kerberos.
> 
> Hi
> I'm not sure what you want. Is this now EOT or do you want to go on and
> debug to get gssapi?

Well, I'd like to get gssapi working

> 
> If you wish to go on:
> samba-tool domain exportkeytab /etc/krb5.sssd.keytab
> --principal=nslcd-connect
> (You may already have this from your nslcd config)

done

> Kill all nslcd processes.

done


> 
> ldap_sasl_mech = gssapi
> ldap_sasl_authid = nslcd-connect
> ldap_krb5_keytab = /etc/krb5.sssd.keytab

done, but when I try, say, "id oscar"

[sssd[be[default]]] [sdap_get_generic_ext_step] (0x0400): calling
ldap_search_ext with
[(&(samAccountName=oscar)(objectclass=user))][dc=wetron,dc=es].
[sssd[be[default]]] [sdap_get_generic_ext_done] (0x0400): Search result:
Operations error(1), 00002020: Operation unavailable without authentication
[sssd[be[default]]] [sdap_get_generic_ext_done] (0x0040): Unexpected
result from ldap: Operations error(1), 00002020: Operation unavailable
without authentication
[sssd[be[default]]] [sdap_get_generic_done] (0x0100):
sdap_get_generic_ext_recv failed [5]: Error d’Entrada/Sortida

> To get full benefit from sssd I'd recommend the latest version which has
> a proper AD backend. e.g. sssd version 1.11.1 gives you id and getent
> without requiring the posixAccount objectClass.

I don't need it even with the version I have.

Thank you

Bye
-- 
Luca Olivetti
Wetron Automation Technology http://www.wetron.es
Tel. +34 935883004  Fax +34 935883007

More information about the samba mailing list