[Samba] Samba ad dc | Squid Auth

Epsilon Minus theepsilonminus at gmail.com
Tue Jan 24 23:25:15 UTC 2017


Hello,

Me again. I greatly appreciate the help. I'm sorry for my English, I'm
trying to improve it.

I am trying to connect Squid (Pfsense) to the Samba4 LDAP. I suspect
that the error is in the filters, I do not completely understand where
I should trace the error.


[2017/01/24 20:17:27.603195,  3]
../lib/ldb-samba/ldb_wrap.c:321(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2017/01/24 20:17:27.607318,  3]
../source4/auth/ntlm/auth.c:270(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user
[CLINICAGUEMES]\[pfsense]@[(null)]
  auth_check_password_send: mapped user is: [CLINICAGUEMES]\[pfsense]@[(null)]
[2017/01/24 20:17:27.615634,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2017/01/24 20:17:37.838123,  3]
../lib/ldb-samba/ldb_wrap.c:321(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2017/01/24 20:17:37.842162,  3]
../source4/auth/ntlm/auth.c:270(auth_check_password_send)
  auth_check_password_send: Checking password for unmapped user
[CLINICAGUEMES]\[pfsense]@[(null)]
  auth_check_password_send: mapped user is: [CLINICAGUEMES]\[pfsense]@[(null)]
[2017/01/24 20:17:37.850422,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]

My Conf in Squid auth:

LDAP Server User DN:
CN=pfsense,OU=PFSENSE,OU=clinicaguemes,DC=clinicaguemes,DC=com,DC=ar

LDAP PASS: MyPass of pfsense

LDAP Base Domain: OU=Clinicaguemes,DC=clinicaguemes,DC=com,DC=ar

LDAP Username DN Attribute:    sAMAccountName

LDAP Search Filter:                   (&(objectClass=person)(sAMAccountName=%s))


All users are on:

DN: OU=usuarios,OU=clinicaguemes,DC=clinicaguemes,DC=com,DC=ar


If they help me what steps to follow to track down the problem I would
greatly appreciate them.



More information about the samba mailing list