[Samba] Samba and LDAP authentication backend

srtt.be - Michel Lombart subs at srtt.be
Thu Sep 11 08:42:34 MDT 2014


I'm facing a weird problem and I really do not know where I can find how 
to debug it.

Since some years, we have a LDAP server ( Debian 6 and OpenLDAP 2.4.23 ) 
and a Samba server ( Debian 6 and Samba 3.5.6 ). They work pefectly well 
in a workgroup. The LDAP server is also used for some other applications 
like Squid, Zimbra, ...

Now, we would to add a second Samba server ( Debian 7 and Samba 3.6.6 ). 
After having set up the server as I did for the other one, any login is 
allowed for LDAP users.

On the console, getenv passwd works perfectly, but the users list in the 
Samba module of Webmin is empty while the group list is correct ! Both 
are correct in the older Samba.

In Samba's log, I see errors like :

The primary group domain sid(S-.... ) does not match the domain 
sid(S-... ) for username(S-...)

and :

[2014/09/11 15:07:29.548824,  2] auth/auth.c:319(check_ntlm_password)
   check_ntlm_password:  Authentication for user [username] -> 

Where can I find more debugging info ? Do you have any idea of what I'm 

Thank for your help.


More information about the samba mailing list