[Samba] samba4 auth (ldap) starnge problem
Dr. Peer-Joachim Koch
pkoch at bgc-jena.mpg.de
Fri Apr 20 10:36:37 UTC 2018
On 20.04.2018 11:26, Rowland Penny via samba wrote:
> On Fri, 20 Apr 2018 10:23:37 +0200
> "Dr. Peer-Joachim Koch via samba" <samba at lists.samba.org> wrote:
>
>> Hi,
>>
>> we have updated our samba4 AD a few weeks ago from 4.4.latest ->
>> 4.5.latest using the sernet packages.
> You do realise that the 4.5.x series is now EOL as far as Samba is
> concerned.
>
>> We are using open-xchange(OX) as web-mail. The ox is using ldap to
>> authenticate the users.
>>
>> It is still working, but only for users created BEFORE we did the
>> update. All new users can not login!
>>
>> From the log file we only get an:
>>
>> ERROR: No user found with sAMAccountName=USERNAME
>>
>> but ldapsearch is working for sAMAccountName=USERNAME.
>>
>> It might be more an open-xchange issue, but may be someone had a
>> similar problem.
>>
> This is very probably an OX problem, probably the search is relying on
> an attribute or objectclass that it shouldn't.
>
>> Can I use tcpdump between the OX-Server and our SAMBA4 server to see
>> the difference between an old and a new user ?
> Probably, but wouldn't it be easier to just dump the AD object of a
> user that works and the AD object of one that doesn't and then compare
> them ?
How can I compare it ?
ldapsearch for both accounts does not show any differences (for me) ...
Bye, Peer
> Rowland
>
>
>
--
Mit freundlichen Grüßen,
Peer-Joachim Koch
________________________________________________________
Max-Planck-Institut für Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10 Telefon: ++49 3641 57-6705
D-07745 Jena Telefax: ++49 3641 57-7705
More information about the samba
mailing list