I'm setting up a PDC using samba 3.0.14a-2 on fedora 4 with Openldap
2.2.23 to authenticate. Authentication via ldap through the various
linux service is working (login, ssh, etc.) via nss. Thus I know that
slapd is running and working properly. I used smbldap-tools to populate
and add test users/groups to the directory, and they worked just fine.
But samba, despite being configured correctly, as far as I can tell,
cannot even contact LDAP. slapd is running on the loopback interface
and logging everything including packets sent. I know from the openldap
logs that the samba server NEVER contacts the ldap server despite having
the correct URI (I can see it in the smbd.log file)
Here is the error I'm getting in the logfile...
[2005/07/25 21:44:51, 5] passdb/pdb_interface.c:make_pdb_methods_name(726)
Found pdb backend ldapsam
[2005/07/25 21:44:51, 2] lib/smbldap.c:smbldap_search_domain_info(1394)
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=neverland))]
[2005/07/25 21:44:51, 5] lib/smbldap.c:smbldap_search(1038)
smbldap_search: base => [dc=neverland,dc=com], filter =>
[(&(objectClass=sambaDo
main)(sambaDomainName=neverland))], scope => [2]
[2005/07/25 21:44:51, 5] lib/smbldap.c:smbldap_close(949)
The connection to the LDAP server was closed
[2005/07/25 21:44:51, 10] lib/smbldap.c:smbldap_open_connection(596)
smbldap_open_connection: ldap://127.0.0.1:389/
[2005/07/25 21:44:51, 2] lib/smbldap.c:smbldap_open_connection(692)
smbldap_open_connection: connection opened
[2005/07/25 21:44:51, 10] lib/smbldap.c:smbldap_connect_system(824)
ldap_connect_system: Binding to ldap server ldap://127.0.0.1:389/ as
"cn=Manager
,dc=neverland,dc=com"
[2005/07/25 21:44:51, 0] lib/smbldap.c:smbldap_connect_system(852)
failed to bind to server ldap://127.0.0.1:389/ with
dn="cn=Manager,dc=neverland,dc
=com" Error: Can't contact LDAP server
(unknown)
The above error repeats over and over about 15 times.
Here is my smb.conf with comments and share definitions removed
[global]
workgroup = NEVERLAND
netbios name = PALERMO
server string = PALMERO - The wise and mighty domain controller
passdb backend = ldapsam:ldap://127.0.0.1:389/
ldap suffix = dc=neverland,dc=com
ldap admin dn = cn=Manager,dc=neverland,dc=com
ldap ssl = no
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
admin users = root, "@Domain Admins"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
log level = 10
printcap name = /etc/printcap
load printers = yes
cups options = raw
log file = /var/log/samba/%m.log
max log size = 50
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
username map = /etc/samba/smbusers
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
logon path =
logon home =
wins support = yes
dns proxy = no
I have been working on this for three days now, and I am about to give
up home and move away from ldap. But I don't want to. Any help is
greatly appreciated!
Thanks in advance.
-Al
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
