Samba4 OpenLDAP backend

nitin bhadauria bhadauria.nitin at gmail.com
Mon May 24 01:57:11 MDT 2010 

Hello All,

I am still trying to configure my samba4 with openldap as in doc
http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP.

Now i am stack on following ......

when i run  ./setup/provision --realm=SAMBA1.DOMAIN.COM
--domain=DOMAIN.COM--server-role='domain controller'
--ldap-backend-type=openldap
--slapd-path="/usr/local/libexec/slapd" --adminpass=passw0rd

config file testing succeeded
Failed to bind - LDAP client internal error:
NT_STATUS_UNEXPECTED_NETWORK_ERROR
Failed to connect to
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=samba1,DC=domain,DC=com
pdc_fsmo_init: no domain object present: (skip loading of domain details)

Adding configuration container
naming_fsmo_init: no partitions dn present: (skip loading of naming contexts
details)

Setting up sam.ldb schema
Reopening sam.ldb with new schema
naming_fsmo_init: no partitions dn present: (skip loading of naming contexts
details)

naming_fsmo_init: no partitions dn present: (skip loading of naming contexts
details)

Setting up sam.ldb configuration data
Setting up display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up sam.ldb users and groups
Setting up self join
Setting up sam.ldb rootDSE marking as synchronized
rndc: 'freeze' failed: not found
rndc: 'unfreeze' failed: not found
See /usr/local/samba/private/named.conf for an example configuration include
file for BIND
and /usr/local/samba/private/named.txt for further documentation required
for secure DNS updates
A Kerberos configuration suitable for Samba 4 has been generated at
/usr/local/samba/private/krb5.conf
Please install the phpLDAPadmin configuration located at
/usr/local/samba/private/phpldapadmin-config.php into
/etc/phpldapadmin/config.php
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           domain controller
Hostname:              samba1
NetBIOS Domain:        DOMAIN.COM
DNS Domain:            samba1.domain.com
DOMAIN SID:            S-1-5-21-1571209570-1697092050-1988424582
Admin password:        passw0rd
LDAP Admin User:       samba-admin
LDAP Admin Password:   #d$F[ktd7=C)ku>)knn))G]%qL9zK>mTs;AlfJuW0W at f72
@,P8QpTU<EMDC[v7 at 9
%#yIA>;z&(nnZ>zR-+orfnBfixS(NP=~390W!-pI7y<PU<LdV<1ro#w1L<>3fMSr6%h&MAwl?tOPtDe._M>[LcN?XQc~tDmnW,??<nKD29P.pTl6wOsGsEtV%I=7$Rot,=Cr8-vG0NWo?K![:@n?J6zgbt(Nys at aEpI
#~-6G0PqA]9!k7)P?bGQ?D
Use later the following commandline to start slapd, then Samba:
'/usr/local/libexec/slapd' '-F/usr/local/samba/private/ldap/slapd.d' '-h'
'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
This slapd-Commandline is also stored under:
/usr/local/samba/private/ldap/ldap_backend_startup.sh

I find this error in messages logs..

kernel: [171260.392801] slapd[8112]: segfault at 7ffffffb ip 006f9e91 sp
bf9dfe78 error 4 in libc-2.11.1.so[68a000+153000]

When checking sam.ldb

ldbsearch -H /usr/local/samba/private/sam.ldb
pdc_fsmo_init: no domain object present: (skip loading of domain details)

naming_fsmo_init: no partitions dn present: (skip loading of naming contexts
details)

schema_load_init: no schema head present: (skip schema loading)

module schema_load initialization failed
module kludge_acl initialization failed
module operational initialization failed
module acl initialization failed
module descriptor initialization failed
module objectclass initialization failed
module asq initialization failed
module server_sort initialization failed
module paged_results initialization failed
module lazy_commit initialization failed
module rootdse initialization failed
module samba_dsdb initialization failed
Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
Failed to connect to /usr/local/samba/private/sam.ldb - (null)

Hoping for some help..

On Thu, Apr 29, 2010 at 1:59 PM, nitin bhadauria
<bhadauria.nitin at gmail.com>wrote:

> Hello Andrew,
>
> By now i realised that this problem is because of SASL ..
>
> slapd[868]: auxpropfunc error invalid parameter supplied
> slapd[868]: rdnval: repaired=0
>
> I have following package installed...
>
> cyrus-sasl-plain-2.1.22-5.el5_4.3
> cyrus-sasl-2.1.22-5.el5_4.3
> cyrus-sasl-md5-2.1.22-5.el5_4.3
> cyrus-sasl-ntlm-2.1.22-5.el5_4.3
> cyrus-sasl-lib-2.1.22-5.el5_4.3
> cyrus-sasl-ldap-2.1.22-5.el5_4.3
> cyrus-sasl-gssapi-2.1.22-5.el5_4.3
> cyrus-sasl-devel-2.1.22-5.el5_4.3
>
>
>
>
> On Wed, Apr 28, 2010 at 5:43 PM, nitin bhadauria <
> bhadauria.nitin at gmail.com> wrote:
>
>> But what should i do to populate ldap database..
>>
>> # net newuser test
>> New Password:
>> pdc_fsmo_init: no domain object present: (skip loading of domain details)
>>
>> naming_fsmo_init: no partitions dn present: (skip loading of naming
>> contexts details)
>>
>> schema_load_init: no schema head present: (skip schema loading)
>>
>>
>> module schema_load initialization failed
>> module kludge_acl initialization failed
>> module operational initialization failed
>> module acl initialization failed
>> module descriptor initialization failed
>> module objectclass initialization failed
>> module asq initialization failed
>>
>> module server_sort initialization failed
>> module paged_results initialization failed
>> module lazy_commit initialization failed
>> module rootdse initialization failed
>>
>> module samba_dsdb initialization failed
>> Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
>> Failed to create user "test" : None
>>
>>
>> # /usr/local/samba/bin/ldbsearch -H /usr/local/samba/private/sam.ldb
>>
>> pdc_fsmo_init: no domain object present: (skip loading of domain details)
>>
>> naming_fsmo_init: no partitions dn present: (skip loading of naming
>> contexts details)
>>
>> schema_load_init: no schema head present: (skip schema loading)
>>
>>
>> module schema_load initialization failed
>> module kludge_acl initialization failed
>> module operational initialization failed
>> module acl initialization failed
>> module descriptor initialization failed
>> module objectclass initialization failed
>> module asq initialization failed
>>
>> module server_sort initialization failed
>> module paged_results initialization failed
>> module lazy_commit initialization failed
>> module rootdse initialization failed
>>
>> module samba_dsdb initialization failed
>> Unable to load modules for /usr/local/samba/private/sam.ldb: (null)
>> Failed to connect to /usr/local/samba/private/sam.ldb - (null)
>>
>>
>>
>>
>>
>> On Wed, Apr 28, 2010 at 5:27 PM, Andrew Bartlett <abartlet at samba.org>wrote:
>>
>>> On Wed, 2010-04-28 at 16:48 +0530, nitin bhadauria wrote:
>>> > Hello Andrew,
>>> >
>>> > After install cyrus-sasl* from yum,  provision script worked with some
>>> > errors.
>>> >
>>> > Failed to bind - LDAP client internal error:
>>> > NT_STATUS_UNEXPECTED_NETWORK_ERROR
>>> > Failed to connect to
>>> > 'ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi'
>>> > Setting up share.ldb
>>> > Setting up secrets.ldb
>>> > Setting up the registry
>>> > Setting up the privileges database
>>> > Setting up idmap db
>>> > Setting up SAM db
>>> > Setting up sam.ldb partitions and settings
>>> > Setting up sam.ldb rootDSE
>>> > Pre-loading the Samba 4 and AD schema
>>> > Adding DomainDN: DC=samba,DC=domain,DC=com
>>> > pdc_fsmo_init: no domain object present: (skip loading of domain
>>> details)
>>> >
>>> > Adding configuration container
>>> > naming_fsmo_init: no partitions dn present: (skip loading of naming
>>> contexts
>>> > details)
>>> >
>>> > Setting up sam.ldb schema
>>> > Reopening sam.ldb with new schema
>>> > naming_fsmo_init: no partitions dn present: (skip loading of naming
>>> contexts
>>> > details)
>>> > naming_fsmo_init: no partitions dn present: (skip loading of naming
>>> contexts
>>> > details)
>>> >
>>> >
>>> > And it didn't populated any database in ldap....
>>>
>>> I think it did.
>>>
>>> > # samba -i -M single -d3
>>> >
>>> > /usr/local/samba/sbin/samba_spnupdate: Failed to bind - LDAP error 49
>>> > LDAP_INVALID_CREDENTIALS -  <SASL(-13): user not found: no secret in
>>> > database> <>
>>>
>>> This is (mostly) harmless.  I need to fix it, but it just means it won't
>>> update it's DNS entries until I fix this.
>>>
>>> Andrew Bartlett
>>>
>>> --
>>> Andrew Bartlett
>>> http://samba.org/~abartlet/ <http://samba.org/%7Eabartlet/>
>>> Authentication Developer, Samba Team           http://samba.org
>>> Samba Developer, Cisco Inc.
>>>
>>
>>
>

More information about the samba-technical mailing list