Hi,
I have solved my problem.
The two last modifications before it works was :
1.)
In the configuration file of the SAMBA server :
I HAVE ADD :
obey pam restrictions = Yes
ldapsam:trusted = Yes
with
encrypt passwords = Yes
2.)
In the configuratin file of the NSS :
I HAVE ADD :
rootbinddn cn=chef,dc=server,dc=domaine,dc=fr
without forgotten the '/etc/ldap.secret' file with the password of the
'rootbinddn'.
Thanks again.
Bye.
-
Vincent Farget a écrit :
Hi everybody,
I have one SAMBA server (with PDC configuration) which is configure to
use an OpenLDAP server (on the same local server) where users and
computers account are store (I want to have the two Unix/Linux and Samba
account attributes stored to use Name Service Switch and Pluggable
Authentication Module).
My problem is as follow :
If I don't put the following line :
-> user1:x:527:400:Utilisateur 1:/home/user1:/bin/bash
in the '/etc/passwd' file, for a user, or :
-> pc046$:x:1110:582:Compte PC:/dev/null:/bin/false
for a computer, I can't connect and I have the following error in the
'/var/log/samba/log.pc046' log file :
..........
[2006/11/28 11:51:48, 1] auth/auth_util.c:make_server_info_sam(840)
User farget in passdb, but getpwnam() fails!
[2006/11/28 11:51:48, 0] auth/auth_sam.c:check_sam_security(324)
check_sam_security: make_server_info_sam() failed with
'NT_STATUS_NO_SUCH_USER'
..........
however, on my local server, if I type 'getent passwd|grep
user1', I have/can see the following :
-> user1:x:527:400:Utilisateur 1:/home/user1:/bin/bash
and an 'ldapsearch -x -LLL' show me all my directory without any
problems !!!!
I show several other mails from people who have the same 'getpwnam()
fails!' error, but I didn't succeed in found the solution !!!
So I want to know severals things :
--------------------------------------
1.) What seeks SAMBA precisely when it executes the 'getpwnam()'
function ? One or severals specials OpenLDAP attributes ?
2.) In the file '/etc/ldap/slapd.conf', what is 'index' used for ?
Actually I have the following index :
..........
# Indexing options for database #1
index objectClass,uidNumber,gidNumber eq
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
..........
Is these indexes Ok ?
I see that if I add the following line :
-> index uid eq
the 'ldapsearch -x -LLL' output is EMPTY !!!!
Here is my Debian Sarge server files configuration :
-> 'slapd' (OpenLDAP) v2.2.23-8,
-> 'samba' v3.0.14a-3sarge2,
-> 'samba-doc' v3.0.14a-3sarge2 with 'smbldap-tools' v0.8.7,
-> 'libnss-ldap' v238-1,
...
Thanks in advance for your help,
Best regards.
--
M. FARGET Vincent
IGE - Administrateur Systèmes / Informaticien de Laboratoire
UMR 5020 - Laboratoire des Neurosciences et Systemes Sensoriels
Universite Claude Bernard LYON 1 - CNRS
50, avenue Tony Garnier
69366 LYON Cedex 07
## Ce message est signé par un certificat CNRS ##
http://igc.services.cnrs.fr/Doc/General/trust.html
http://www.urec.cnrs.fr/igc/Certifs_CNRS.html
#####
# Pour que la signature soit valide, vous devrez
# récupérer préalablement le certificat de
# l'autorité de certification CNRS-Plus en
# cliquant sur le lien ci dessous :
http://igc.services.cnrs.fr/cgi-bin/viewca?cmd=load&CA=CNRS-Plus&ca=CNRS-Plus
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
