I am replying to myself because I solved this. The problem was the netgroup directive in the nsswitch.conf. It was ldap [NOTFOUND=return] files. I changed it to files ldap and everything is happy. I have no idea what that entry is even about. This is just a word to the wise.
Misty On Monday 27 September 2004 10:43, Misty Stanley-Jones wrote: > Not sure if this is where I should ask about this, but if I try to run any > of the smbldap-* scripts, I get the following kind of output: > > oink:/usr/local/sbin # ./smbldap-populate > Using builtin directory structure > erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad > protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > > I feel like this must be from a typo somewhere but I'm at a loss. I have > followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. > > Here are the relevant config files: > > ### smb.conf LDAP section ### > passdb backend = ldapsam:ldap://localhost > # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > ldap admin dn = cn=Manager,dc=borkholder,dc=com > ldap suffix = dc=borkholder,dc=com > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > ldap ssl = no > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = No > #delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" > "%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod -x > "%u" "%g" > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" > "%u" > > ### smbldap.conf without comments ### > SID="S-1-5-21-725326080-1709766072-2910717368" > slaveLDAP="127.0.0.1" > slavePort="389" > masterLDAP="127.0.0.1" > masterPort="389" > ldapTLS="0" > verify="optional" > cafile="/etc/openldap/slapd-cert.pem" > clientcert="/etc/smbldap-tools/smbldap-tools.pem" > clientkey="/etc/smbldap-tools/smbldap-tools.key" > suffix="dc=borkholder,dc=com" > usersdn="ou=People,${suffix}" > computersdn="ou=Computers,${suffix}" > groupsdn="ou=Groups,${suffix}" > idmapdn="ou=People,${suffix}" > sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" > scope="sub" > hash_encrypt="SSHA" > crypt_salt_format="%s" > userLoginShell="/bin/false" > userHome="/home/%U" > userGecos="Samba User" > defaultUserGid="513" > defaultComputerGid="515" > skeletonDir="/etc/skel" > defaultMaxPasswordAge="90" > userSmbHome="" > userProfile="" > userHomeDrive="" > userScript="" > mailDomain="borkholder.com" > with_smbpasswd="0" > smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't > think it mattered since with_smbpasswd is set to 0 > > ### smbldap_bind.conf ### > slaveDN="cn=Manager,dc=borkholder,dc=com" > slavePw="my_cleartext_pw" > masterDN="cn=Manager,dc=borkholder,dc=com" > masterPw="my_cleartext_pw" > > ### Proof that I am able to connect to my LDAP server and that nss_ldap > works ### > oink:/etc/smbldap-tools # id root > uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) > oink:/etc/smbldap-tools # more /etc/group |grep 512 > > Thanks in advance for your help. Please let me know if there is more info > needed to debug this problem. > > Misty -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba