Follow-up (solution): [Samba] set up for Active Directory
Hello all - Thank you for all the guidance. I wanted to let you all know we have had success in getting our Sun Solaris 10 box connected to the Active Directory. All tests pass now. Here is the final solution to the problem I was having: "Though the firewall might have been one of the issues, I was missing an nss file. After finding this, all I had to do was create a soft link from libnss_winbind.so.1 to nss_winbind.so.1. After restarting winbind, I was able to successfully use getent." Jamen McGranahan Systems Services Librarian Vanderbilt University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
After doing some digging, I did discovered the libnss_winbind.so library was not installed for some reason, so I copied it from my samba source and placed it in the directory described here (http://docs.sun.com/app/docs/doc/819-1081/6n3fc3r2v?a=view). I also discovered the pid file in /var/samba/locks/winbindd.pid was not the correct pid, so I just rm it and created a softlink to the actual file (which was in /usr/local/samba/var/locks/). I restarted winbindd and voila!, it's now running as a service. I'm now getting entries with wbinfo -u and wbinfo -g. The next test is getent, which right now isn't generating anything. This might be a firewall issue, so we're checking with our ITS department with that. Jamen McGranahan Systems Services Librarian Vanderbilt University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
McGranahan, Jamen skrev: > FYI - reconfiguring & recompiling samba seems to have worked. At least > I'm further along than I have been. I've been able to join my domain, > but now the last step is testing winbind to see a list of the domain > users and groups. However, I'm not getting anything: just an error - > > # wbinfo -u > Error looking up domain users > # wbinfo -g > Error looking up domain groups > > I've modified the nsswitch.conf file, started winbind (have actually > restarted it a couple of times), but when I look at the services > (issuing the svcs command), I see that winbind is in maintenance mode. > How can I get it out of this mode? Dag-nabbit - so close! > > Jamen McGranahan > Systems Services Librarian > Vanderbilt University > > Did you install the libnss_winbind.so library in /usr/lib? You must use the library that was built with your Samba installation. A library that came with Solaris will probably NOT work. -hs -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
FYI - reconfiguring & recompiling samba seems to have worked. At least I'm further along than I have been. I've been able to join my domain, but now the last step is testing winbind to see a list of the domain users and groups. However, I'm not getting anything: just an error - # wbinfo -u Error looking up domain users # wbinfo -g Error looking up domain groups I've modified the nsswitch.conf file, started winbind (have actually restarted it a couple of times), but when I look at the services (issuing the svcs command), I see that winbind is in maintenance mode. How can I get it out of this mode? Dag-nabbit - so close! Jamen McGranahan Systems Services Librarian Vanderbilt University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
I tried your suggestion below, adding password server={keberos server} line to my smb.conf but no change. It still gives me the same error... Jamen McGranahan Systems Services Librarian Vanderbilt University -Original Message- From: samba-bounces+jamen.mcgranahan=vanderbilt@lists.samba.org [mailto:samba-bounces+jamen.mcgranahan=vanderbilt@lists.samba.org] On Behalf Of Bjoern Meier Sent: Tuesday, April 14, 2009 1:03 PM To: samba@lists.samba.org Subject: Re: [Samba] set up for Active Directory hi, http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member .html tell us: ADS support not compiled in Samba must be reconfigured (remove config.cache) and recompiled (make clean all install) after the Kerberos libraries and headers files are installed. -- To boldly go where no man has gone before ... I'll wait there with touristinformation -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
It was not in our version for some reason; hence, the reason why I have had to install it. :-( Jamen McGranahan Systems Services Librarian Vanderbilt University -Original Message- From: samba-bounces+jamen.mcgranahan=vanderbilt@lists.samba.org [mailto:samba-bounces+jamen.mcgranahan=vanderbilt@lists.samba.org] On Behalf Of David Markey Sent: Tuesday, April 14, 2009 1:13 PM To: samba@lists.samba.org Subject: Re: [Samba] set up for Active Directory Solaris 10 U6 comes with a samba that is capable to joining AD out of the box. Bjoern Meier wrote: > hi, > > 2009/4/14 McGranahan, Jamen : >> OK, I've installed the MIT version of KRB5 & samba appears to have >> installed correctly. However, it appears that I am not able to join my >> domain. >> >> # ./net ads join -U mcgr...@ds.vanderbilt.edu >> [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) >> WARNING: Ignoring invalid value 'ADS' for parameter 'security' >> [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) >> Ignoring unknown parameter "realm" >> ADS support not compiled in >> >> So I tried the -d3 version of ./net and got this: >> >> # ./net ads -d3 join -U mcgr...@vanderbilt.edu >> [2009/04/14 11:17:10, 3] param/loadparm.c:lp_load_ex(8794) >> lp_load_ex: refreshing parameters >> [2009/04/14 11:17:10, 3] param/loadparm.c:init_globals(4629) >> Initialising global parameters >> [2009/04/14 11:17:10, 3] param/params.c:pm_process(569) >> params.c:pm_process() - Processing configuration file >> "/usr/local/samba/lib/smb.conf" >> [2009/04/14 11:17:10, 3] param/loadparm.c:do_section(7457) >> Processing section "[global]" >> [2009/04/14 11:17:10, 0] param/loadparm.c:lp_set_enum_parm(7097) >> WARNING: Ignoring invalid value 'ADS' for parameter 'security' >> [2009/04/14 11:17:10, 1] param/loadparm.c:map_parameter(6131) >> Unknown parameter encountered: "realm" >> [2009/04/14 11:17:10, 0] param/loadparm.c:lp_do_parameter(7174) >> Ignoring unknown parameter "realm" >> [2009/04/14 11:17:10, 2] lib/interface.c:add_interface(340) >> added interface ce1 ip=129.59.95.89 bcast=129.59.95.255 >> netmask=255.255.255.0 >> ADS support not compiled in >> [2009/04/14 11:17:10, 2] utils/net.c:main(769) >> return code = -1 >> >> I'm not sure where to check now. Please advise. Thank you! >> >> Jamen McGranahan >> Systems Services Librarian >> Vanderbilt University >> >> >> -Original Message- >> From: jerry [mailto:je...@samba.org] >> Sent: Tuesday, April 14, 2009 9:40 AM >> To: McGranahan, Jamen >> Cc: samba@lists.samba.org >> Subject: Re: [Samba] set up for Active Directory >> > McGranahan, Jamen wrote: > > >>> configure:59580: checking for ldap_initialize > >>> configure:59663: result: no > >>> configure:59676: error: Active Directory support requires > >>> ldap_initialize > Did the howto that was previously posted not help? > > My advice is to get the latest OpenLDAP and MIT krb5 > libs and install those. Then rebuild Samba. Life is > to short to spend it trying to get code compiling :-) > But it's your call. > > > > > cheers, jerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba >> > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member .html > tell us: > ADS support not compiled in > Samba must be reconfigured (remove config.cache) and recompiled > (make clean all install) after the Kerberos libraries and headers > files are installed. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
Actually, I get results for LDAP, ADS, KRB, & WINBIND, which is why I thought this would work: # smbd -b|grep LDAP HAVE_LDAP_H HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SASL_WRAPPING HAVE_LDAP_SET_REBIND_PROC HAVE_LIBLDAP LDAP_SET_REBIND_PROC_ARGS # smbd -b|grep KRB HAVE_KRB5_H HAVE_KRB5_LOCATE_PLUGIN_H HAVE_ADDRTYPE_IN_KRB5_ADDRESS HAVE_INITIALIZE_KRB5_ERROR_TABLE HAVE_KRB5 HAVE_KRB5_AUTH_CON_SETUSERUSERKEY HAVE_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE HAVE_KRB5_C_ENCTYPE_COMPARE HAVE_KRB5_C_VERIFY_CHECKSUM HAVE_KRB5_ENCRYPT_BLOCK HAVE_KRB5_ENCRYPT_DATA HAVE_KRB5_ENCTYPE_TO_STRING HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG HAVE_KRB5_FREE_DATA_CONTENTS HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS HAVE_KRB5_FREE_UNPARSED_NAME HAVE_KRB5_FWD_TGT_CREDS HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC HAVE_KRB5_GET_INIT_CREDS_OPT_FREE HAVE_KRB5_GET_PERMITTED_ENCTYPES HAVE_KRB5_GET_RENEWED_CREDS HAVE_KRB5_KEYBLOCK_IN_CREDS HAVE_KRB5_KEYTAB_ENTRY_KEY HAVE_KRB5_KEYUSAGE_APP_DATA_CKSUM HAVE_KRB5_KT_FREE_ENTRY HAVE_KRB5_LOCATE_KDC HAVE_KRB5_MK_REQ_EXTENDED HAVE_KRB5_PRINCIPAL2SALT HAVE_KRB5_PRINC_COMPONENT HAVE_KRB5_PRINC_REALM HAVE_KRB5_SET_DEFAULT_TGS_ENCTYPES HAVE_KRB5_SET_DEFAULT_TGS_KTYPES HAVE_KRB5_SET_REAL_TIME HAVE_KRB5_STRING_TO_KEY HAVE_KRB5_TKT_ENC_PART2 HAVE_KRB5_USE_ENCTYPE HAVE_KRB5_VERIFY_CHECKSUM HAVE_LIBGSSAPI_KRB5 HAVE_LIBKRB5 HAVE_MAGIC_IN_KRB5_ADDRESS HAVE_SHORT_KRB5_MK_ERROR_INTERFACE HAVE_TICKET_POINTER_IN_KRB5_AP_REQ KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT KRB5_TICKET_HAS_KEYINFO KRB5_VERIFY_CHECKSUM_ARGS # smbd -b|grep ADS WITH_ADS WITH_ADS # smbd -b|grep WINBIND WITH_WINBIND WITH_WINBIND Jamen McGranahan Systems Services Librarian Vanderbilt University -Original Message- From: jerry [mailto:je...@samba.org] Sent: Tuesday, April 14, 2009 1:15 PM To: McGranahan, Jamen Cc: samba@lists.samba.org Subject: Re: [Samba] set up for Active Directory -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 McGranahan, Jamen wrote: > OK, I've installed the MIT version of KRB5 & samba appears to have > installed correctly. However, it appears that I am not able to join my > domain. If `smbd -b | WITH_ADS` returns nothing, then you don't have ADS support (as the long indicates). You're last email was about insufficient ldap_initialize support. SO did you install the OpenLDAP client libs? > # ./net ads join -U mcgr...@ds.vanderbilt.edu > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) > WARNING: Ignoring invalid value 'ADS' for parameter 'security' > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) > Ignoring unknown parameter "realm" > ADS support not compiled in cheers, jerry - -- = http://git.plainjoe.org/ CODE "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ5NKcIR7qMdg1EfYRAlLBAJ9YXh9Gw7z3SzosvYx25m6mNtVw3gCfXlPX B9ic6Qk7LsQEzWm8B++6KP4= =IIK5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
-bash-3.00# /usr/sfw/sbin/smbd -V Version 3.0.33 Not the most the up to date release bit its progress. jerry wrote: > David Markey wrote: > > Solaris 10 U6 comes with a samba that is capable to > > joining AD out of the box. > > Woot! didn't realize that. Very good news :-) What > version is it (out of curiousity). > > > > > cheers, jerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Markey wrote: > Solaris 10 U6 comes with a samba that is capable to > joining AD out of the box. Woot! didn't realize that. Very good news :-) What version is it (out of curiousity). cheers, jerry - -- = http://git.plainjoe.org/ CODE "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ5NQCIR7qMdg1EfYRAgnZAJ9sXm1P62VCZcb2bEXC3uPXoT/jJACggntg OZ+4s66c3R0B4KPjVMlJ1ho= =f9nU -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 McGranahan, Jamen wrote: > OK, I've installed the MIT version of KRB5 & samba appears to have > installed correctly. However, it appears that I am not able to join my > domain. If `smbd -b | WITH_ADS` returns nothing, then you don't have ADS support (as the long indicates). You're last email was about insufficient ldap_initialize support. SO did you install the OpenLDAP client libs? > # ./net ads join -U mcgr...@ds.vanderbilt.edu > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) > WARNING: Ignoring invalid value 'ADS' for parameter 'security' > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) > Ignoring unknown parameter "realm" > ADS support not compiled in cheers, jerry - -- = http://git.plainjoe.org/ CODE "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ5NKcIR7qMdg1EfYRAlLBAJ9YXh9Gw7z3SzosvYx25m6mNtVw3gCfXlPX B9ic6Qk7LsQEzWm8B++6KP4= =IIK5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
Solaris 10 U6 comes with a samba that is capable to joining AD out of the box. Bjoern Meier wrote: > hi, > > 2009/4/14 McGranahan, Jamen : >> OK, I've installed the MIT version of KRB5 & samba appears to have >> installed correctly. However, it appears that I am not able to join my >> domain. >> >> # ./net ads join -U mcgr...@ds.vanderbilt.edu >> [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) >> WARNING: Ignoring invalid value 'ADS' for parameter 'security' >> [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) >> Ignoring unknown parameter "realm" >> ADS support not compiled in >> >> So I tried the -d3 version of ./net and got this: >> >> # ./net ads -d3 join -U mcgr...@vanderbilt.edu >> [2009/04/14 11:17:10, 3] param/loadparm.c:lp_load_ex(8794) >> lp_load_ex: refreshing parameters >> [2009/04/14 11:17:10, 3] param/loadparm.c:init_globals(4629) >> Initialising global parameters >> [2009/04/14 11:17:10, 3] param/params.c:pm_process(569) >> params.c:pm_process() - Processing configuration file >> "/usr/local/samba/lib/smb.conf" >> [2009/04/14 11:17:10, 3] param/loadparm.c:do_section(7457) >> Processing section "[global]" >> [2009/04/14 11:17:10, 0] param/loadparm.c:lp_set_enum_parm(7097) >> WARNING: Ignoring invalid value 'ADS' for parameter 'security' >> [2009/04/14 11:17:10, 1] param/loadparm.c:map_parameter(6131) >> Unknown parameter encountered: "realm" >> [2009/04/14 11:17:10, 0] param/loadparm.c:lp_do_parameter(7174) >> Ignoring unknown parameter "realm" >> [2009/04/14 11:17:10, 2] lib/interface.c:add_interface(340) >> added interface ce1 ip=129.59.95.89 bcast=129.59.95.255 >> netmask=255.255.255.0 >> ADS support not compiled in >> [2009/04/14 11:17:10, 2] utils/net.c:main(769) >> return code = -1 >> >> I'm not sure where to check now. Please advise. Thank you! >> >> Jamen McGranahan >> Systems Services Librarian >> Vanderbilt University >> >> >> -Original Message- >> From: jerry [mailto:je...@samba.org] >> Sent: Tuesday, April 14, 2009 9:40 AM >> To: McGranahan, Jamen >> Cc: samba@lists.samba.org >> Subject: Re: [Samba] set up for Active Directory >> > McGranahan, Jamen wrote: > > >>> configure:59580: checking for ldap_initialize > >>> configure:59663: result: no > >>> configure:59676: error: Active Directory support requires > >>> ldap_initialize > Did the howto that was previously posted not help? > > My advice is to get the latest OpenLDAP and MIT krb5 > libs and install those. Then rebuild Samba. Life is > to short to spend it trying to get code compiling :-) > But it's your call. > > > > > cheers, jerry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba >> > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html > tell us: > ADS support not compiled in > Samba must be reconfigured (remove config.cache) and recompiled > (make clean all install) after the Kerberos libraries and headers > files are installed. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
hi, 2009/4/14 McGranahan, Jamen : > OK, I've installed the MIT version of KRB5 & samba appears to have > installed correctly. However, it appears that I am not able to join my > domain. > > # ./net ads join -U mcgr...@ds.vanderbilt.edu > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) > WARNING: Ignoring invalid value 'ADS' for parameter 'security' > [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) > Ignoring unknown parameter "realm" > ADS support not compiled in > > So I tried the -d3 version of ./net and got this: > > # ./net ads -d3 join -U mcgr...@vanderbilt.edu > [2009/04/14 11:17:10, 3] param/loadparm.c:lp_load_ex(8794) > lp_load_ex: refreshing parameters > [2009/04/14 11:17:10, 3] param/loadparm.c:init_globals(4629) > Initialising global parameters > [2009/04/14 11:17:10, 3] param/params.c:pm_process(569) > params.c:pm_process() - Processing configuration file > "/usr/local/samba/lib/smb.conf" > [2009/04/14 11:17:10, 3] param/loadparm.c:do_section(7457) > Processing section "[global]" > [2009/04/14 11:17:10, 0] param/loadparm.c:lp_set_enum_parm(7097) > WARNING: Ignoring invalid value 'ADS' for parameter 'security' > [2009/04/14 11:17:10, 1] param/loadparm.c:map_parameter(6131) > Unknown parameter encountered: "realm" > [2009/04/14 11:17:10, 0] param/loadparm.c:lp_do_parameter(7174) > Ignoring unknown parameter "realm" > [2009/04/14 11:17:10, 2] lib/interface.c:add_interface(340) > added interface ce1 ip=129.59.95.89 bcast=129.59.95.255 > netmask=255.255.255.0 > ADS support not compiled in > [2009/04/14 11:17:10, 2] utils/net.c:main(769) > return code = -1 > > I'm not sure where to check now. Please advise. Thank you! > > Jamen McGranahan > Systems Services Librarian > Vanderbilt University > > > -Original Message- > From: jerry [mailto:je...@samba.org] > Sent: Tuesday, April 14, 2009 9:40 AM > To: McGranahan, Jamen > Cc: samba@lists.samba.org > Subject: Re: [Samba] set up for Active Directory > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > McGranahan, Jamen wrote: > >> configure:59580: checking for ldap_initialize >> configure:59663: result: no >> configure:59676: error: Active Directory support requires >> ldap_initialize > > Did the howto that was previously posted not help? > > My advice is to get the latest OpenLDAP and MIT krb5 > libs and install those. Then rebuild Samba. Life is > to short to spend it trying to get code compiling :-) > But it's your call. > > > > > cheers, jerry > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFJ5KAqIR7qMdg1EfYRAmrDAJ93XxnV/TdvFlV2cjMRryPes/r3jwCfW8pH > qKFCqgc0v8mgtOmAyOxTXnc= > =TdQv > -END PGP SIGNATURE- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html tell us: ADS support not compiled in Samba must be reconfigured (remove config.cache) and recompiled (make clean all install) after the Kerberos libraries and headers files are installed. -- To boldly go where no man has gone before ... I'll wait there with touristinformation -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] set up for Active Directory
OK, I've installed the MIT version of KRB5 & samba appears to have installed correctly. However, it appears that I am not able to join my domain. # ./net ads join -U mcgr...@ds.vanderbilt.edu [2009/04/14 11:36:50, 0] param/loadparm.c:lp_set_enum_parm(7097) WARNING: Ignoring invalid value 'ADS' for parameter 'security' [2009/04/14 11:36:50, 0] param/loadparm.c:lp_do_parameter(7174) Ignoring unknown parameter "realm" ADS support not compiled in So I tried the -d3 version of ./net and got this: # ./net ads -d3 join -U mcgr...@vanderbilt.edu [2009/04/14 11:17:10, 3] param/loadparm.c:lp_load_ex(8794) lp_load_ex: refreshing parameters [2009/04/14 11:17:10, 3] param/loadparm.c:init_globals(4629) Initialising global parameters [2009/04/14 11:17:10, 3] param/params.c:pm_process(569) params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" [2009/04/14 11:17:10, 3] param/loadparm.c:do_section(7457) Processing section "[global]" [2009/04/14 11:17:10, 0] param/loadparm.c:lp_set_enum_parm(7097) WARNING: Ignoring invalid value 'ADS' for parameter 'security' [2009/04/14 11:17:10, 1] param/loadparm.c:map_parameter(6131) Unknown parameter encountered: "realm" [2009/04/14 11:17:10, 0] param/loadparm.c:lp_do_parameter(7174) Ignoring unknown parameter "realm" [2009/04/14 11:17:10, 2] lib/interface.c:add_interface(340) added interface ce1 ip=129.59.95.89 bcast=129.59.95.255 netmask=255.255.255.0 ADS support not compiled in [2009/04/14 11:17:10, 2] utils/net.c:main(769) return code = -1 I'm not sure where to check now. Please advise. Thank you! Jamen McGranahan Systems Services Librarian Vanderbilt University -Original Message- From: jerry [mailto:je...@samba.org] Sent: Tuesday, April 14, 2009 9:40 AM To: McGranahan, Jamen Cc: samba@lists.samba.org Subject: Re: [Samba] set up for Active Directory -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 McGranahan, Jamen wrote: > configure:59580: checking for ldap_initialize > configure:59663: result: no > configure:59676: error: Active Directory support requires > ldap_initialize Did the howto that was previously posted not help? My advice is to get the latest OpenLDAP and MIT krb5 libs and install those. Then rebuild Samba. Life is to short to spend it trying to get code compiling :-) But it's your call. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ5KAqIR7qMdg1EfYRAmrDAJ93XxnV/TdvFlV2cjMRryPes/r3jwCfW8pH qKFCqgc0v8mgtOmAyOxTXnc= =TdQv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] set up for Active Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 McGranahan, Jamen wrote: > configure:59580: checking for ldap_initialize > configure:59663: result: no > configure:59676: error: Active Directory support requires > ldap_initialize Did the howto that was previously posted not help? My advice is to get the latest OpenLDAP and MIT krb5 libs and install those. Then rebuild Samba. Life is to short to spend it trying to get code compiling :-) But it's your call. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ5KAqIR7qMdg1EfYRAmrDAJ93XxnV/TdvFlV2cjMRryPes/r3jwCfW8pH qKFCqgc0v8mgtOmAyOxTXnc= =TdQv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] set up for Active Directory
Running Sun OS 5.10 sparc. OK, I am trying to establish an Active Directory connection from my Sun Solaris box and am trying to utilize Samba to accomplish this task. I've installed OpenLDAP & Samba, but when I run a few checks, it appears that Samba is not seeing KRB or ADS, but is seeing LDAP & WINBIND. (This is Samba 3.3.3) # cd /usr/local/samba/sbin # smbd -b|grep LDAP HAVE_LDAP_H HAVE_LDAP HAVE_LDAP_INIT HAVE_LDAP_SASL_WRAPPING HAVE_LDAP_SET_REBIND_PROC HAVE_LIBLDAP LDAP_SET_REBIND_PROC_ARGS # smbd -b|grep KRB # smbd -b|grep ADS # smbd -b|grep WINBIND WITH_WINBIND WITH_WINBIND I thought it might have been something with my ./configure script I ran for samba, so I tried it again, but this time it tells me ldap is not initialized: configure:59398: checking whether LDAP support is used configure:59400: result: yes configure:59423: checking for Active Directory and krb5 support configure:59437: result: yes configure:59580: checking for ldap_initialize configure:59663: result: no configure:59676: error: Active Directory support requires ldap_initialize UGH! So frustrating. I've been at this one project for a week now and still have not been able to get this to work. Please - any guidance you can provide would be a great help! Thank you! *** * Jamen McGranahan * Systems Services Librarian * Library Information Technology Services * Vanderbilt University * Suite 700 * 110 21st Avenue South * Nashville, TN 37240 * (615) 343-1614 * (615) 343-8834 (fax) * jamen.mcgrana...@vanderbilt.edu *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba