[Samba] Cannot bind to AD using nslcd
Rob Mason
rob.mason at acasta.co.uk
Wed Nov 19 08:54:10 MST 2014
Hi Again - following on from my last request for help, I'm now attempting to
setup LDAP auth against my working samba4 AD.
Simplistically, I'm trying initially to SSH into my AD server (working)
using nslcd.
I've tried method #1 from
https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns
lcd
My simple config is:
uid nslcd
gid nslcd
uri ldap://127.0.0.1:389
base cn=Users,dc=acasta,dc=intra
binddn cn=nslcd-connect,cn=Users, dc=acasta,dc=intra
bindpw xxxxx
filter passwd (objectClass=user)
filter group (objectClass=group)
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName
map passwd gidNumber primaryGroupID
#map group uniqueMember member
Nsswitch.conf has been modified to include ldap.
Pam.conf has the appropriate values.
My syslog says:
Nov 19 14:32:35 kepler nslcd[13159]: [8b4567] <passwd(all)> failed to bind
to LDAP server ldap://kepler.acasta.intra/: Invalid credentials: Simple Bind
Failed: NT_STATUS_LOGON_FAILURE
Nov 19 14:32:35 kepler nslcd[13159]: [8b4567] <passwd(all)> no available
LDAP server found: Invalid credentials
# ldapsearch -x -D 'ACASTA\nslcd-connect' -w 'xxxxx' -E pr=1000/noprompt -b
'cn=Users,dc=acasta,dc=intra' SAMAccountName uid uidNumber
.authenticates and lists all my user objects
I've convinced myself that the problem somehow lies within the 'binddn'
setting. After several hours I'm no further forward.
Can anyone throw any light here???
TIA
More information about the samba
mailing list