On Friday 09 April 2004 04:00, Suhaimi Jamalludin wrote: > Hi Wim Bakker, > > You have to make sure that LDAP is running withi out any error. > Can you do this (note: make sure there is no ACL applied on the > slapd.conf else you wont see the out put ofyour DN): > # ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts > > Is there any out put? > > Can you please show me your smb.conf Globla config
Hai, Yes ldapsearch gives decent output. I found the error, I think, at least , it's working now. I used initially ldap-2.2.8. , I reinstalled everything but now with ldap-2.1.19 (after noticing somewhere that ldap-2.0/2.1 were tested ) and now I get users added. The only thing I had to change from the example in chapter 2 of the reference guide was the ldap admin dn from cn=Manager to cn=Manager,dc=unetix,dc=nl. My smb.conf (global section): [global] workgroup = AMSTERDAM netbios name = TEST server string = Samba PDC running %v passdb backend = ldapsam:ldap://localhost username map = /etc/samba/smbusers encrypt passwords = Yes update encrypted = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 add machine script = /usr/sbin/useradd -g machines -c Machine -d /dev/ null -s /bin/false %u$ add user script = /usr/sbin/useradd -g users -m -s /bin/false %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u logon script = logon.bat logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\%U\.profile domain logons = Yes os level = 255 preferred master = Yes domain master = Yes local master = Yes wins support = Yes ldap suffix = dc=unetix,dc=nl ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=People ldap idmap suffix = ou=People ldap admin dn = "cn=Manager,dc=unetix,dc=nl" ldap filter = (&(uid=%u)(objectclass=sambaSamAccount)) ldap ssl = Off ldap passwd sync = No idmap uid = 15000-20000 idmap gid = 15000-20000 winbind separator = + admin users = @wheel my slapd.conf: include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/samba.schema pidfile /var/run/slapd.pid argsfile /var/run/slapd.args database bdb suffix "dc=unetix,dc=nl" rootdn "cn=Manager,dc=unetix,dc=nl" rootpw {SSHA}4qk9y4r03iIV2ZxG0rvPdUjO4Eg2ZSCF directory /var/openldap-data index cn,sn,uid,displayName pres,sub,eq index uidNumber,gidNumber eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index memberUid eq index objectClass eq I compiled ldap-2.1.19 with : ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var samba-3.0.3pre2 with: ./configure --with-automount --with-smbmount --with-acl-support --with-libsmbclient --with-configdir=/etc/samba --with-logfilebase=/var/log/ samba --with-privatedir=/etc/samba/private --with-lockdir=/var/lock/samba --with-piddir=/var/run --with-mysql-prefix=/usr/local/mysql --with-expsam=mysql --enable-cups --with-ldap I didn't use nss ldap and pam ldap , users I have first to add to /etc/passwd , than I can add them with smbpasswd -a. output ldapsearch -x -b 'dc=unetix,dc=nl' '(objectclass=*)' : # extended LDIF # # LDAPv3 # base <dc=unetix,dc=nl> with scope sub # filter: (objectclass=*) # requesting: ALL # # unetix.nl dn: dc=unetix,dc=nl objectClass: dcObject objectClass: organization dc: unetix o: Quenya Org Network description: The Samba-3 Network LDAP Example # Manager, unetix.nl dn: cn=Manager,dc=unetix,dc=nl objectClass: organizationalRole cn: Manager description: Directory Manager # People, unetix.nl dn: ou=People,dc=unetix,dc=nl objectClass: top objectClass: organizationalUnit ou: People # admin, People, unetix.nl dn: cn=admin,ou=People,dc=unetix,dc=nl cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: e1NTSEF9NHFrOXk0cjAzaUlWMlp4RzBydlBkVWpPNEVnMlpTQ0Y= # Groups, unetix.nl dn: ou=Groups,dc=unetix,dc=nl objectClass: top objectClass: organizationalUnit ou: Groups # admin, Groups, unetix.nl dn: cn=admin,ou=Groups,dc=unetix,dc=nl cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: e1NTSEF9NHFrOXk0cjAzaUlWMlp4RzBydlBkVWpPNEVnMlpTQ0Y= # Computers, unetix.nl dn: ou=Computers,dc=unetix,dc=nl objectClass: top objectClass: organizationalUnit ou: Computers # admin, Computers, unetix.nl dn: cn=admin,ou=Computers,dc=unetix,dc=nl cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: e1NTSEF9NHFrOXk0cjAzaUlWMlp4RzBydlBkVWpPNEVnMlpTQ0Y= # AMSTERDAM, unetix.nl dn: sambaDomainName=AMSTERDAM,dc=unetix,dc=nl sambaDomainName: AMSTERDAM sambaSID: S-1-5-21-2053538423-3623938635-3332097444 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaNextUserRid: 41000 sambaNextGroupRid: 41001 # gerrit, People, unetix.nl dn: uid=gerrit,ou=People,dc=unetix,dc=nl uid: gerrit sambaSID: S-1-5-21-2053538423-3623938635-3332097444-67670 sambaPrimaryGroupSID: S-1-5-21-2053538423-3623938635-3332097444-1201 sambaPwdCanChange: 1081504922 sambaPwdMustChange: 2147483647 sambaLMPassword: BF33E1D731D97755AAD3B435B51404EE sambaNTPassword: E49B11B16B5C046D8475BF5F0B82304B sambaPwdLastSet: 1081504922 sambaAcctFlags: [U ] objectClass: sambaSamAccount objectClass: account # krelis, People, unetix.nl dn: uid=krelis,ou=People,dc=unetix,dc=nl uid: krelis sambaSID: S-1-5-21-2053538423-3623938635-3332097444-67672 sambaPrimaryGroupSID: S-1-5-21-2053538423-3623938635-3332097444-1201 sambaPwdCanChange: 1081504967 sambaPwdMustChange: 2147483647 sambaLMPassword: 644DC242C2698CFDAAD3B435B51404EE sambaNTPassword: 7A2773DD002533663A5325F83AB71D15 sambaPwdLastSet: 1081504967 sambaAcctFlags: [U ] objectClass: sambaSamAccount objectClass: account # search result search: 2 result: 0 Success # numResponses: 12 # numEntries: 11 I added to users , krelis and gerrit. Output smbclient -L test -U krelis Password: Domain=[AMSTERDAM] OS=[Unix] Server=[Samba 3.0.3pre2] Sharename Type Comment --------- ---- ------- public Disk pdf Printer pdf printer print$ Disk Printer Driver Download Area IPC$ IPC IPC Service (Samba PDC running 3.0.3pre2) ADMIN$ IPC IPC Service (Samba PDC running 3.0.3pre2) lp Printer lp krelis Disk Home directory of krelis Domain=[AMSTERDAM] OS=[Unix] Server=[Samba 3.0.3pre2] Server Comment --------- ------- TEST Samba PDC running 3.0.3pre2 Workgroup Master --------- ------- AMSTERDAM TEST UNETIX FILESERVER Seems like it's working basically. Now nss ldap and pam ldap. TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba