On Thursday 16 February 2006 09:07, Stefansson Håkan wrote: > Hi, > > I am setting up a fileserver in an AD domain, using Samba 3.0.21b under > Solaris 9. An Openldap server (version 2.3.17) is used fot the idmap > backend. > > Following the Samba HOWTO Collection, chapter 6, I used the statement > > ldap idmap suffix = ou=idmap,dc=uppsala,dc=se > > in my smb.conf. This doesn't work. When starting winbindd I get the > following in the log:
Correct. I have fixed this in the documentation. Thank-you for pointing us to this. - John T. > > [2006/02/15 10:31:14, 3] lib/smbldap.c:smbldap_connect_system(905) > ldap_connect_system: succesful connection to the LDAP server > [2006/02/15 10:31:14, 0] sam/idmap.c:idmap_init(146) > idmap_init: failed to initialize remote backend! > [2006/02/15 10:31:14, 1] nsswitch/winbindd.c:main(1011) > Could not init idmap -- netlogon proxy only > > In the slapd log I get this: > Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 940369 local4.debug] do_search > Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID 198467 local4.debug] >>> > dnPrettyNormal: <ou=idmap,dc=uppsala,dc=se,> Feb 15 10:31:14 sbkfs02 > slapd[2911]: [ID 458966 local4.debug] do_search: invalid dn > (ou=idmap,dc=uppsala,dc=se,) Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID > 131099 local4.debug] send_ldap_result: conn=0 op=2 p=3 Feb 15 10:31:14 > sbkfs02 slapd[2911]: [ID 291653 local4.debug] send_ldap_result: err=34 > matched="" text="invalid DN" Feb 15 10:31:14 sbkfs02 slapd[2911]: [ID > 324658 local4.debug] send_ldap_response: msgid=3 tag=101 err=34 Feb 15 > 10:31:14 sbkfs02 slapd[2911]: [ID 167594 local4.debug] conn=0 op=2 SEARCH > RESULT tag=101 err=34 nentries=0 text=invalid DN > > As it seems, trailing comma has been appended to the string. This, I think, > could be the cause of the error. > > However, when I changed the above statement in smb.conf to > > ldap suffix = dc=uppsala,dc=se > ldap idmap suffix = ou=idmap > > the error disappeared and the idmap backend seems to work now. > > So the statement in the HOWTO, > > ldap idmap suffix = ou=Idmap,dc=quenya,dc=org > > seems to be incorrect. Or maybe this was working as documented in the HOWTO > until the code was changed by mistake? I have not tried it with any > previous versions of Samba. > > > Håkan Stefansson -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228 Samba-3 by Example, 2 Ed., ISBN: 0131882221X Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba