[Samba] Interacting with LDAP db without password as root
Rowland penny
rpenny at samba.org
Wed Jul 15 15:18:32 UTC 2020
On 15/07/2020 16:10, RhineDevil wrote:
> Wed, 15 Jul 2020 16:07:06 +0100 Rowland penny via samba <samba at lists.samba.org>:
>> On 15/07/2020 15:44, RhineDevil wrote:
>>> Wed, 15 Jul 2020 15:23:41 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>> On 15/07/2020 14:56, RhineDevil wrote:
>>>>> Wed, 15 Jul 2020 13:56:48 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>>>> On 15/07/2020 13:36, RhineDevil via samba wrote:
>>>>>>> How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
>>>>>>> (ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
>>>>>> Don't use ldap-utils, use ldb-tools and the machine password:
>>>>>>
>>>>>> sudo ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap
>>>>>>
>>>>>> Rowland
>>>>> "ldap client internal error NT_STATUS_UNSUCCESFUL"
>>>> Strange, I get:
>>>>
>>>> root at dc01:~# ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi
>>>> ALL_MY_AD_RECORDS
>>>>
>>>> Snipped for brevity
>>>>
>>>> .....................
>>>> ...................
>>>> .................
>>>> # Referral
>>>> ref: ldap://samdom.example.com/CN=Configuration,DC=samdom,DC=example,DC=com
>>>>
>>>> # Referral
>>>> ref: ldap://samdom.example.com/DC=DomainDnsZones,DC=samdom,DC=example,DC=com
>>>>
>>>> # Referral
>>>> ref: ldap://samdom.example.com/DC=ForestDnsZones,DC=samdom,DC=example,DC=com
>>>>
>>>> # returned 479 records
>>>> # 476 entries
>>>> # 3 referrals
>>>>
>>>> You are running this on a DC ?
>>>>
>>>> Rowland
>>>>
>>> Yes I think, I just did samba-tool domain provision [...] and then tried to connect with this socket
>> What OS and are you using distro packages or a self compiled Samba.
>>
>> Rowland
>>
> Devuan 10 beowulf with samba 4.9.5
Is Samba running ?
Rowland
More information about the samba
mailing list