[Samba] Interacting with LDAP db without password as root

RhineDevil tanyadegurechaff at disroot.org
Wed Jul 15 15:38:05 UTC 2020 

Wed, 15 Jul 2020 16:18:32 +0100 Rowland penny via samba <samba at lists.samba.org>:
> On 15/07/2020 16:10, RhineDevil wrote:
> > Wed, 15 Jul 2020 16:07:06 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >> On 15/07/2020 15:44, RhineDevil wrote:
> >>> Wed, 15 Jul 2020 15:23:41 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>> On 15/07/2020 14:56, RhineDevil wrote:
> >>>>> Wed, 15 Jul 2020 13:56:48 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>>>> On 15/07/2020 13:36, RhineDevil via samba wrote:
> >>>>>>> How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
> >>>>>>> (ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
> >>>>>> Don't use ldap-utils, use ldb-tools and the machine password:
> >>>>>>
> >>>>>> sudo ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap
> >>>>>>
> >>>>>> Rowland
> >>>>> "ldap client internal error NT_STATUS_UNSUCCESFUL"
> >>>> Strange, I get:
> >>>>
> >>>> root at dc01:~# ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi
> >>>> ALL_MY_AD_RECORDS
> >>>>
> >>>> Snipped for brevity
> >>>>
> >>>> .....................
> >>>> ...................
> >>>> .................
> >>>> # Referral
> >>>> ref: ldap://samdom.example.com/CN=Configuration,DC=samdom,DC=example,DC=com
> >>>>
> >>>> # Referral
> >>>> ref: ldap://samdom.example.com/DC=DomainDnsZones,DC=samdom,DC=example,DC=com
> >>>>
> >>>> # Referral
> >>>> ref: ldap://samdom.example.com/DC=ForestDnsZones,DC=samdom,DC=example,DC=com
> >>>>
> >>>> # returned 479 records
> >>>> # 476 entries
> >>>> # 3 referrals
> >>>>
> >>>> You are running this on a DC ?
> >>>>
> >>>> Rowland
> >>>>
> >>> Yes I think, I just did samba-tool domain provision [...] and then tried to connect with this socket
> >> What OS and are you using distro packages or a self compiled Samba.
> >>
> >> Rowland
> >>
> > Devuan 10 beowulf with samba 4.9.5
> 
> Is Samba running ?
> 
> Rowland
> 
Yes it is
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL: <http://lists.samba.org/pipermail/samba/attachments/20200715/30d62f70/attachment.sig>

More information about the samba mailing list