[Samba] upgrading to 4.4+

L.P.H. van Belle belle at bazuin.nl
Wed Aug 10 08:12:42 UTC 2016

>getting messages that it can't activate ldap plugin
I dont see that here. And ldap works fine. 

Can you post the message you get at the dbfix 
Or any other errors you see, these are most helpfull.
I fixed my db also and it all still works fine. 
But if you can show how you see your errors i'll check that agains my env. 
But untill now is dont have any problems, but maybe is missed something. 

Few pointers of my setup.
I used th 7.2.1 extentios (zarafaads.exe ) since thats still the latest. 
Imported these with this tool.

and yes few things like mobile support are missing but you can add this in the server.cfg. 

im now running samba 4.4.5 (packages from debian recompiled) with zarafa 7.2.1 extentions on debian Jessie. 
Mail server is running zarafa 7.2.4 /postfix and very thing over ldapS. 

my setup 

cat server.cfg | grep user_plugin
user_plugin             = ldap
user_plugin_config      = /etc/zarafa/ldap.cfg

I used the : ldap.active-directory.cfg config copied that to ldap.cfg
some of my ldap.cfg 

ldap_host =
ldap_port = 636 
ldap_protocol = ldaps
ldap_uri = ldaps://dc1.internal.domain.tld ldaps://dc2.internal.domain.tld 

ldap_bind_user = CN=SPECIAL_USERSHERE,OU=Service-Accounts,OU=MYCOMPANY
ldap_bind_passwd = mysecretpassword. 
ldap_search_base = OU=MYCOMPANY

# i limit search to only zarafaAddount enabled users. 
ldap_user_search_filter = (objectCategory=Person)(zarafaAccount=1) 
etc .. if you need mor just ask. 

Most important here, i have a correct ssl setup, internal side my own certificates,

cat /etc/ldap/ldap.conf
TLS_CACERT      /etc/ssl/certs/ca-certificates.crt

My root cert is in /etc/ssl/certs/ca-certificates.crt 



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens yabko via samba
> Verzonden: woensdag 10 augustus 2016 9:02
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] upgrading to 4.4+
> just to follow up i tried to upgrade again to 4.4.5 and run the dbcheck
> with
> --fix flag and it makes changes to zarafa extended schema attributes which
> breaks zarafa ldap integration (getting messages that it can't activate
> ldap
> plugin)
> my samba is compiled if that makes any difference
> also found similar issue here
> http://samba.2283325.n4.nabble.com/Previously-extended-schema-not-working-
> in-4-4-0-td4700868.html
> ill give it another try with either the patch there or wait until 4.5.0 is
> out
> --
> View this message in context:
> http://samba.2283325.n4.nabble.com/upgrading-to-4-4-tp4706380p4706450.html
> Sent from the Samba - General mailing list archive at Nabble.com.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list