[Samba] samba + nslcd
basti
mailinglist at unix-solution.de
Mon Jan 23 12:46:09 UTC 2023
Hello,
we have a Linux machine that need the UID's / GID's from samba AD.
So we setup nslcd like https://wiki.samba.org/index.php/Nslcd
nslcd is run in debug mode and the error is as follow:
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_initialize(ldap://dc1.samdom.example.com/)
nslcd: [8b4567] <passwd="testuser"> DEBUG: ldap_set_rebind_proc()
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
nslcd: [8b4567] <passwd="testuser"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_TIMELIMIT,0)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_TIMEOUT,0)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_OFF)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
nslcd: [8b4567] <passwd="testuser"> DEBUG:
ldap_sasl_interactive_bind_s(NULL,"GSSAPI")
(uri="ldap://dc1.samdom.example.com/")
nslcd: [8b4567] <passwd="testuser"> DEBUG: do_sasl_interact(): were
asked for sasl_authzid but we don't have any
nslcd: [8b4567] <passwd="testuser"> failed to bind to LDAP server
ldap://dc1.samdom.example.com/: Local error: SASL(-1): generic failure:
GSSAPI Error: Miscellaneous failure (see text) (get-principal
lstat(/tmp/nslcd.tkt)): No such file or directory
nslcd: [8b4567] <passwd="testuser"> DEBUG: ldap_unbind()
nslcd: [8b4567] <passwd="testuser"> no available LDAP server found,
sleeping 1 seconds
The linux machine is not a domain member and should not be one and there
is no samba stuff installed on this machine.
Do I also need Kerberos here?
Whats missing here?
More information about the samba
mailing list