Re: [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
On Tue, 11 Jan 2005, [ISO-8859-1] Harry Rüter wrote:
> Hi ;o)
>
> here are more informations :
>
> Because just testing and not public you get to know all my secrets ;o)
>
> PW is : secret
>
> slapd.conf (partly ..):
>
> ---snipp---
> databasebdb
> suffix "dc=hrnet,dc=de"
> rootdn "cn=ldapmanager,dc=hrnet,dc=de"
> rootpw secret
> directory /usr/local/openldap-2.2/var/openldap-data
> indexobjectClasseq
> indexsambaSIDeq
> indexsambaPrimaryGroupSIDeq
> indexsambaDomainNameeq
> indexuid,uidNumber,gidNumber,memberUid eq
> indexcn,mail,surname,givenname eq,subinitial
> access to *
> by * write
> ---snipp---
>
> smb.conf (partly, what's of interest) :
>
> ---snipp---
>
> # now without passdb backend
> #passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
>
> ldap server = 486dx66.hrnet.de
> ldap suffix = "dc=hrnet,dc=de"
> ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
> ldap port = 1389
> ldap admin dn = "cn=ldapmanager,dc=hrnet,dc=de"
> ldap ssl = off
>
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap machine suffix = ou=machines
> ---snipp---
>
>
> William Jojo schrieb:
> >
> > I'm using 3.0.10 and 2.2.20 without any problems, so assuming it's
> > compiled ok, which I believe it is since you are getting errors about not
> > finding the rootdn password.
> >
> > Hmmm, well, here's a couple of things:
> >
> > 1) How tight do you have the restrictions on slapd.conf with respect to
> > accessing certain containers?
>
> See above, no restrictions now ..
>
> > 2) be certain the rootdn in slapd.conf exactly matches "ldap admin dn".
>
> See above ...
>
> > 3) don't run smbpasswd -w rootdnpw until *after* the smb.conf changes are
> > in place. (i've done that myself :-)
>
> Okay, i did this again after having finished smb.conf ...
>
> > 4) tdbdump the secrets.tdb to verify that the entry in the database shows
> > the correct rootdn and password selected.
>
> Seems to be okay
>
> ---snipp---
>
> [PTS2] 486dx66:/usr/local/samba3 # bin/tdbdump private/secrets.tdb {
> key = "SECRETS/LDAP_BIND_PW/cn=ldapmanager,dc=hrnet,dc=de"
> data = "secret\00"
> }
> {
> key = "SECRETS/SID/HRDOMAIN"
> data =
> "\01\04\00\00\00\00\00\05\15\00\00\00L\9B\E6\9F\B1\E1\FF#'\C3\B6G\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
> }
> {
> key = "SECRETS/SID/486DX66"
> data =
> "\01\04\00\00\00\00\00\05\15\00\00\00L\9B\E6\9F\B1\E1\FF#'\C3\B6G\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
> }
> ---snipp---
>
> Here's the output i have now ..
>
> ---snipp---
>
> [PTS2] [EMAIL PROTECTED]:/usr/local/samba3 # bin/smbpasswd -D 10 -c
> etc/smb.conf tina
> Netbios name list:-
> my_netbios_names[0]="486DX66"
> Trying to load: ldapsam_compat
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match ldapsam_compat
> (ldapsam_compat)
> Found pdb backend ldapsam_compat
> pdb backend ldapsam_compat has a valid init
> Attempting to find an passdb backend to match guest (guest)
> Found pdb backend guest
> pdb backend guest has a valid init
> New SMB password:
> New SMB password:
> Retype new SMB password:
> smbldap_search: base => [dc=hrnet,dc=de], filter =>
> [(&(&(uid=tina)(objectclass=sambaSamAccount))(objectclass=sambaAccount))],
> scope => [2]
this is going to be a problem if the account is not created with both
object classes, but I can't say for sure as I've never even tried it. I'd
pick the newer --with-ldap option and go from there.
> smbldap_open_connection: ldap://486dx66.hrnet.de:1389
> smbldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server ldap://486dx66.hrnet.de:1389
> as "cn=ldapmanager,dc=hrnet,dc=de"
> failed to bind to server with dn= cn=ldapmanager,dc=hrnet,dc=de Error:
> Can't contact LDAP server
> (unknown)
> Connection to LDAP server failed for the 1 try!
check for firewall/DNS issues here. everything else looks good.
> smbldap_open_connection: ldap://486dx66.hrnet.de:1389
> smbldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server ldap://486dx66.hrnet.de:1389
> as "cn=ldapmanager,dc=hrnet,dc=de"
> [ -- cut here -- ]
> ---snipp---
>
>
> So what's wrong ?
> Is it that i compiled in --with-ldap AND --with-l
Re: [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
Hi ;o)
here are more informations :
Because just testing and not public you get to know all my secrets ;o)
PW is : secret
slapd.conf (partly ..):
---snipp---
databasebdb
suffix "dc=hrnet,dc=de"
rootdn "cn=ldapmanager,dc=hrnet,dc=de"
rootpw secret
directory /usr/local/openldap-2.2/var/openldap-data
indexobjectClasseq
indexsambaSIDeq
indexsambaPrimaryGroupSIDeq
indexsambaDomainNameeq
indexuid,uidNumber,gidNumber,memberUid eq
indexcn,mail,surname,givenname eq,subinitial
access to *
by * write
---snipp---
smb.conf (partly, what's of interest) :
---snipp---
# now without passdb backend
#passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
ldap server = 486dx66.hrnet.de
ldap suffix = "dc=hrnet,dc=de"
ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
ldap port = 1389
ldap admin dn = "cn=ldapmanager,dc=hrnet,dc=de"
ldap ssl = off
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
---snipp---
William Jojo schrieb:
I'm using 3.0.10 and 2.2.20 without any problems, so assuming it's
compiled ok, which I believe it is since you are getting errors about not
finding the rootdn password.
Hmmm, well, here's a couple of things:
1) How tight do you have the restrictions on slapd.conf with respect to
accessing certain containers?
See above, no restrictions now ..
2) be certain the rootdn in slapd.conf exactly matches "ldap admin dn".
See above ...
3) don't run smbpasswd -w rootdnpw until *after* the smb.conf changes are
in place. (i've done that myself :-)
Okay, i did this again after having finished smb.conf ...
4) tdbdump the secrets.tdb to verify that the entry in the database shows
the correct rootdn and password selected.
Seems to be okay
---snipp---
[PTS2] 486dx66:/usr/local/samba3 # bin/tdbdump private/secrets.tdb {
key = "SECRETS/LDAP_BIND_PW/cn=ldapmanager,dc=hrnet,dc=de"
data = "secret\00"
}
{
key = "SECRETS/SID/HRDOMAIN"
data =
"\01\04\00\00\00\00\00\05\15\00\00\00L\9B\E6\9F\B1\E1\FF#'\C3\B6G\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
}
{
key = "SECRETS/SID/486DX66"
data =
"\01\04\00\00\00\00\00\05\15\00\00\00L\9B\E6\9F\B1\E1\FF#'\C3\B6G\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"
}
---snipp---
Here's the output i have now ..
---snipp---
[PTS2] [EMAIL PROTECTED]:/usr/local/samba3 # bin/smbpasswd -D 10 -c
etc/smb.conf tina
Netbios name list:-
my_netbios_names[0]="486DX66"
Trying to load: ldapsam_compat
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match ldapsam_compat
(ldapsam_compat)
Found pdb backend ldapsam_compat
pdb backend ldapsam_compat has a valid init
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
New SMB password:
New SMB password:
Retype new SMB password:
smbldap_search: base => [dc=hrnet,dc=de], filter =>
[(&(&(uid=tina)(objectclass=sambaSamAccount))(objectclass=sambaAccount))],
scope => [2]
smbldap_open_connection: ldap://486dx66.hrnet.de:1389
smbldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server ldap://486dx66.hrnet.de:1389
as "cn=ldapmanager,dc=hrnet,dc=de"
failed to bind to server with dn= cn=ldapmanager,dc=hrnet,dc=de Error:
Can't contact LDAP server
(unknown)
Connection to LDAP server failed for the 1 try!
smbldap_open_connection: ldap://486dx66.hrnet.de:1389
smbldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server ldap://486dx66.hrnet.de:1389
as "cn=ldapmanager,dc=hrnet,dc=de"
[ -- cut here -- ]
---snipp---
So what's wrong ?
Is it that i compiled in --with-ldap AND --with-ldapsam =
greets Harry
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
Hi again, i'm very happy someone out there tries to solute my problem ;o) If you mean the pw for ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de" yes, i did ... greets Harry William Jojo schrieb: did you set the rootdn password with "smbpasswd -w rootdnpw"? Bill [deleted] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
[EMAIL PROTECTED] a écrit sur
11/01/2005 17:06:16 :
> Hi again,
>
> you say, i cannot compile with --with-ldap and --with-ldapsam.
> Can you tell me why ?
--with-ldap is used for samba-3 schema
--with-ldapsam is used for old samba 2.2 schema.
You can also read this :
http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#id2531776
> Which one should i use, my intention is to
> store all the secrets and attributs samba needs
> in an openldap-Server ... ?
Ok, I have a samba server with this configuration
Samb with LDAP+ACL
> Greets Harry
>
> [EMAIL PROTECTED] schrieb:
> >
> >
> >
> >
> > You cannot compile with --with-ldap and --with-ldapsam both.
> >
> >
> > ---
> > Stéphane PURNELLE [EMAIL PROTECTED]
> > Service Informatique Corman S.A. Tel : 00 32 087/342467
> >
> > [EMAIL PROTECTED] a écrit sur
> > 11/01/2005 16:52:21 :
> >
> >
> >>Hi,
> >>
> >>i compiled with the following little script :
> >>---snipp--
> >>#!/bin/sh
> >>#
> >># configure & make template-script
> >>#
> >># generated 2005.01.07 13:09,33 by make-mk
> >>#
> >># (c) H. Rueter 01/2005
> >>#
> >>CPPFLAGS="-I /usr/local/bdb-4.3/include
> >>LDFLAGS="-L /usr/local/bdb-4.3/lib
> >>PATH=/usr/local/heimdal/bin:$PATH
> >>
> >>LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"
> >>
> >>export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH
> >>
> >>make clean
> >>
> >>./configure \
> >>--prefix=/usr/local/samba-3.0.10 \
> >>--mandir=/usr/man \
> >>--enable-static=yes \
> >>--enable-shared=yes \
> >>--enable-cups \
> >>--with-smbwrapper \
> >>--with-ldap \
> >>--with-ads \
> >>--with-krb5=/usr/local/heimdal \
> >>--with-automount \
> >>--with-smbmount \
> >>--with-pam \
> >>--with-pam_smbpass \
> >>--with-ldapsam \
> >>--with-syslog \
> >>--with-profiling-data \
> >>--with-quotas \
> >>--with-sys-quotas \
> >>--with-utmp \
> >>--with-manpages-langs={en} \
> >>--with-libsmbclient \
> >>--with-acl-support \
> >>--with-sendfile-support \
> >>--with-winbind \
> >>--with-included-popt \
> >>&& make && make install
> >>---snipp--
> >>
> >>So compiled in both options , is this a mistake ?
> >>
> >>greets Harry
> >>
> >>[EMAIL PROTECTED] schrieb:
> >>
> >>>
> >>>
> >>>Hi,
> >>>
> >>>have compiled with --with-ldap or --with-ldapsam ?
> >>>
> >>>If --with-ldap, you must delete these lines :
> >>>ldap server = 486dx66.hrnet.de
> >>>ldap port = 1389
> >>>
> >>>
> >>>
> >>>
> >>>---
> >>>Stéphane PURNELLE [EMAIL PROTECTED]
> >>>Service Informatique Corman S.A. Tel : 00 32
087/342467
> >>>
> >>>[EMAIL PROTECTED] a écrit sur
> >>>11/01/2005 16:33:31 :
> >>>
> >>>
> >>>
> Hi everybody,
>
> i'm having serious problems with the configuration
> of samba 3.0.10.
>
> First my setup :
>
> samba-3.0.10 built from source
> openldap-2.2.20 built from source
> OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
>
> My problem :
>
>
> I'm trying to use smbpasswd like the following :
>
> ---snipp---
> [PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
> Netbios name list:-
> my_netbios_names[0]="486DX66"
> Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match
>
> ---snipp---
>
> Everything seems to be okay,
> but the following lines are the important ones ...
>
> ---snipp---
> ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
> Found pdb backend ldapsam
> Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
> smbldap_search: base => [dc=hrnet,dc=de], filter =>
> [(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope =>
[2]
> smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
> smbldap_open_connection: connection opened
> fetch_ldap_pw: neither ldap secret retrieved!
> ldap_connect_system: Failed to retrieve password from secrets.tdb
> Connection to LDAP server failed for the 1 try!
> ---snipp---
>
> And so on. So, it is said, there's a connection opened to
> ldap://486dx66.hrnet.de:1389/
> but it isn't as the logs auf openldap show (there's no entry which
>
Re: RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
Hi again,
you say, i cannot compile with --with-ldap and --with-ldapsam.
Can you tell me why ?
Which one should i use, my intention is to
store all the secrets and attributs samba needs
in an openldap-Server ... ?
Greets Harry
[EMAIL PROTECTED] schrieb:
You cannot compile with --with-ldap and --with-ldapsam both.
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
[EMAIL PROTECTED] a écrit sur
11/01/2005 16:52:21 :
Hi,
i compiled with the following little script :
---snipp--
#!/bin/sh
#
# configure & make template-script
#
# generated 2005.01.07 13:09,33 by make-mk
#
# (c) H. Rueter 01/2005
#
CPPFLAGS="-I /usr/local/bdb-4.3/include
LDFLAGS="-L /usr/local/bdb-4.3/lib
PATH=/usr/local/heimdal/bin:$PATH
LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"
export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH
make clean
./configure \
--prefix=/usr/local/samba-3.0.10 \
--mandir=/usr/man \
--enable-static=yes \
--enable-shared=yes \
--enable-cups \
--with-smbwrapper \
--with-ldap \
--with-ads \
--with-krb5=/usr/local/heimdal \
--with-automount \
--with-smbmount \
--with-pam \
--with-pam_smbpass \
--with-ldapsam \
--with-syslog \
--with-profiling-data \
--with-quotas \
--with-sys-quotas \
--with-utmp \
--with-manpages-langs={en} \
--with-libsmbclient \
--with-acl-support \
--with-sendfile-support \
--with-winbind \
--with-included-popt \
&& make && make install
---snipp--
So compiled in both options , is this a mistake ?
greets Harry
[EMAIL PROTECTED] schrieb:
Hi,
have compiled with --with-ldap or --with-ldapsam ?
If --with-ldap, you must delete these lines :
ldap server = 486dx66.hrnet.de
ldap port = 1389
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
[EMAIL PROTECTED] a écrit sur
11/01/2005 16:33:31 :
Hi everybody,
i'm having serious problems with the configuration
of samba 3.0.10.
First my setup :
samba-3.0.10 built from source
openldap-2.2.20 built from source
OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
My problem :
I'm trying to use smbpasswd like the following :
---snipp---
[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
Netbios name list:-
my_netbios_names[0]="486DX66"
Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match
---snipp---
Everything seems to be okay,
but the following lines are the important ones ...
---snipp---
ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
smbldap_search: base => [dc=hrnet,dc=de], filter =>
[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
smbldap_open_connection: connection opened
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!
---snipp---
And so on. So, it is said, there's a connection opened to
ldap://486dx66.hrnet.de:1389/
but it isn't as the logs auf openldap show (there's no entry which
shows
any connection from smbpasswd to LDAP-Server, believe me, i can't show
you anything,although loglevel is set to -1, which means that
everything would/will be logged)
So one could think, there's simple a problem with OpenLDAP,
so let's try a similar search :
---snipp---
[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
# extended LDIF
#
# LDAPv3
# base with scope sub
# filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
# requesting: ALL
#
# HRDOMAIN, hrnet.de
dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
sambaNextUserRid: 41000
sambaSID: S-1-5-21-2344209003-2394295749-876522236
objectClass: sambaDomain
sambaAlgorithmicRidBase: 1000
sambaDomainName: HRDOMAIN
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[PTS2] [EMAIL PROTECTED]:/usr/local/samba3 #
---snipp---
So OpenLDAP works , i can see it in the logs too
(too much to show, so you must believe me ;o)
Now my question :
Does anybody see, where the problem comes from,
is there a mistake in my smb.conf or does anyone
have hints/solutions ?
I tried with ssl=on,ssl=off,ssl = start tls,
but this didn't change anythin
Re: RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
You cannot compile with --with-ldap and --with-ldapsam both.
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
[EMAIL PROTECTED] a écrit sur
11/01/2005 16:52:21 :
> Hi,
>
> i compiled with the following little script :
> ---snipp--
> #!/bin/sh
> #
> # configure & make template-script
> #
> # generated 2005.01.07 13:09,33 by make-mk
> #
> # (c) H. Rueter 01/2005
> #
> CPPFLAGS="-I /usr/local/bdb-4.3/include
> LDFLAGS="-L /usr/local/bdb-4.3/lib
> PATH=/usr/local/heimdal/bin:$PATH
>
> LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"
>
> export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH
>
> make clean
>
> ./configure \
> --prefix=/usr/local/samba-3.0.10 \
> --mandir=/usr/man \
> --enable-static=yes \
> --enable-shared=yes \
> --enable-cups \
> --with-smbwrapper \
> --with-ldap \
> --with-ads \
> --with-krb5=/usr/local/heimdal \
> --with-automount \
> --with-smbmount \
> --with-pam \
> --with-pam_smbpass \
> --with-ldapsam \
> --with-syslog \
> --with-profiling-data \
> --with-quotas \
> --with-sys-quotas \
> --with-utmp \
> --with-manpages-langs={en} \
> --with-libsmbclient \
> --with-acl-support \
> --with-sendfile-support \
> --with-winbind \
> --with-included-popt \
> && make && make install
> ---snipp--
>
> So compiled in both options , is this a mistake ?
>
> greets Harry
>
> [EMAIL PROTECTED] schrieb:
> >
> >
> >
> > Hi,
> >
> > have compiled with --with-ldap or --with-ldapsam ?
> >
> > If --with-ldap, you must delete these lines :
> > ldap server = 486dx66.hrnet.de
> > ldap port = 1389
> >
> >
> >
> >
> > ---
> > Stéphane PURNELLE [EMAIL PROTECTED]
> > Service Informatique Corman S.A. Tel : 00 32 087/342467
> >
> > [EMAIL PROTECTED] a écrit sur
> > 11/01/2005 16:33:31 :
> >
> >
> >>Hi everybody,
> >>
> >>i'm having serious problems with the configuration
> >>of samba 3.0.10.
> >>
> >>First my setup :
> >>
> >>samba-3.0.10 built from source
> >>openldap-2.2.20 built from source
> >>OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
> >>
> >>My problem :
> >>
> >>
> >>I'm trying to use smbpasswd like the following :
> >>
> >>---snipp---
> >>[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
> >>Netbios name list:-
> >>my_netbios_names[0]="486DX66"
> >>Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
> >>Attempting to register passdb backend ldapsam
> >>Successfully added passdb backend 'ldapsam'
> >>Attempting to register passdb backend ldapsam_compat
> >>Successfully added passdb backend 'ldapsam_compat'
> >>Attempting to register passdb backend smbpasswd
> >>Successfully added passdb backend 'smbpasswd'
> >>Attempting to register passdb backend tdbsam
> >>Successfully added passdb backend 'tdbsam'
> >>Attempting to register passdb backend guest
> >>Successfully added passdb backend 'guest'
> >>Attempting to find an passdb backend to match
> >>
> >>---snipp---
> >>
> >>Everything seems to be okay,
> >>but the following lines are the important ones ...
> >>
> >>---snipp---
> >>ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
> >>Found pdb backend ldapsam
> >>Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
> >>smbldap_search: base => [dc=hrnet,dc=de], filter =>
> >>[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
> >>smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
> >>smbldap_open_connection: connection opened
> >>fetch_ldap_pw: neither ldap secret retrieved!
> >>ldap_connect_system: Failed to retrieve password from secrets.tdb
> >>Connection to LDAP server failed for the 1 try!
> >>---snipp---
> >>
> >>And so on. So, it is said, there's a connection opened to
> >>ldap://486dx66.hrnet.de:1389/
> >>but it isn't as the logs auf openldap show (there's no entry which
shows
> >>any connection from smbpasswd to LDAP-Server, believe me, i can't show
> >>you anything,although loglevel is set to -1, which means that
> >>everything would/will be logged)
> >>
> >>So one could think, there's simple a problem with OpenLDAP,
> >>so let's try a similar search :
> >>
> >>---snipp---
> >>[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
> >>ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
> >>'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
> >># extended LDIF
> >>#
> >># LDAPv3
> >># base with scope sub
> >># filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
> >># requesting: ALL
> >>#
> >>
> >># HRDOMAIN, hrnet.de
> >>dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
> >>sambaNextUserRid: 41000
> >>sambaSID: S-1-5-21-2344209003-2394295749-876522236
> >>objectClass: sambaDomain
> >>sambaAlgorithmicRidBase: 1000
> >>sambaDomainName: HRDOMAIN
> >>
> >># search result
> >>search: 2
> >>result: 0 Success
> >>
> >># numResponses: 2
> >># numEntries: 1
> >>[PTS2] [EMAIL PROTECTED]:/usr/local/samba3 #
> >>
> >>
Re: RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
Hi,
i compiled with the following little script :
---snipp--
#!/bin/sh
#
# configure & make template-script
#
# generated 2005.01.07 13:09,33 by make-mk
#
# (c) H. Rueter 01/2005
#
CPPFLAGS="-I /usr/local/bdb-4.3/include
LDFLAGS="-L /usr/local/bdb-4.3/lib
PATH=/usr/local/heimdal/bin:$PATH
LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH"
export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH
make clean
./configure \
--prefix=/usr/local/samba-3.0.10 \
--mandir=/usr/man \
--enable-static=yes \
--enable-shared=yes \
--enable-cups \
--with-smbwrapper \
--with-ldap \
--with-ads \
--with-krb5=/usr/local/heimdal \
--with-automount \
--with-smbmount \
--with-pam \
--with-pam_smbpass \
--with-ldapsam \
--with-syslog \
--with-profiling-data \
--with-quotas \
--with-sys-quotas \
--with-utmp \
--with-manpages-langs={en} \
--with-libsmbclient \
--with-acl-support \
--with-sendfile-support \
--with-winbind \
--with-included-popt \
&& make && make install
---snipp--
So compiled in both options , is this a mistake ?
greets Harry
[EMAIL PROTECTED] schrieb:
Hi,
have compiled with --with-ldap or --with-ldapsam ?
If --with-ldap, you must delete these lines :
ldap server = 486dx66.hrnet.de
ldap port = 1389
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
[EMAIL PROTECTED] a écrit sur
11/01/2005 16:33:31 :
Hi everybody,
i'm having serious problems with the configuration
of samba 3.0.10.
First my setup :
samba-3.0.10 built from source
openldap-2.2.20 built from source
OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27)
My problem :
I'm trying to use smbpasswd like the following :
---snipp---
[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina
Netbios name list:-
my_netbios_names[0]="486DX66"
Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match
---snipp---
Everything seems to be okay,
but the following lines are the important ones ...
---snipp---
ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))]
smbldap_search: base => [dc=hrnet,dc=de], filter =>
[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2]
smbldap_open_connection: ldap://486dx66.hrnet.de:1389/
smbldap_open_connection: connection opened
fetch_ldap_pw: neither ldap secret retrieved!
ldap_connect_system: Failed to retrieve password from secrets.tdb
Connection to LDAP server failed for the 1 try!
---snipp---
And so on. So, it is said, there's a connection opened to
ldap://486dx66.hrnet.de:1389/
but it isn't as the logs auf openldap show (there's no entry which shows
any connection from smbpasswd to LDAP-Server, believe me, i can't show
you anything,although loglevel is set to -1, which means that
everything would/will be logged)
So one could think, there's simple a problem with OpenLDAP,
so let's try a similar search :
---snipp---
[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H
ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub
'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))'
# extended LDIF
#
# LDAPv3
# base with scope sub
# filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))
# requesting: ALL
#
# HRDOMAIN, hrnet.de
dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de
sambaNextUserRid: 41000
sambaSID: S-1-5-21-2344209003-2394295749-876522236
objectClass: sambaDomain
sambaAlgorithmicRidBase: 1000
sambaDomainName: HRDOMAIN
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[PTS2] [EMAIL PROTECTED]:/usr/local/samba3 #
---snipp---
So OpenLDAP works , i can see it in the logs too
(too much to show, so you must believe me ;o)
Now my question :
Does anybody see, where the problem comes from,
is there a mistake in my smb.conf or does anyone
have hints/solutions ?
I tried with ssl=on,ssl=off,ssl = start tls,
but this didn't change anything.
It must be a samba problem as all tools i tried are working
well with Openldap (did mostly try a search to test ..)
Here is my smb.conf (only the globals) :
---snipp---
[global]
netbios name = 486DX66
workgroup = HRDOMAIN
domain logons = Yes
domain master = Yes
security = User
server string = Samba-PDC %v on %h
passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/
ldap server = 486dx66.hrnet.de
ldap suffix = "dc=hrnet,dc=de"
ldap filter = "(&(uid=%u)
RE [Samba] Problems with OpenLDAP 2.2.20/Samba 3.0.10 and smbpasswd
Hi, have compiled with --with-ldap or --with-ldapsam ? If --with-ldap, you must delete these lines : ldap server = 486dx66.hrnet.de ldap port = 1389 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 11/01/2005 16:33:31 : > Hi everybody, > > i'm having serious problems with the configuration > of samba 3.0.10. > > First my setup : > > samba-3.0.10 built from source > openldap-2.2.20 built from source > OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27) > > My problem : > > > I'm trying to use smbpasswd like the following : > > ---snipp--- > [PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina > Netbios name list:- > my_netbios_names[0]="486DX66" > Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/ > Attempting to register passdb backend ldapsam > Successfully added passdb backend 'ldapsam' > Attempting to register passdb backend ldapsam_compat > Successfully added passdb backend 'ldapsam_compat' > Attempting to register passdb backend smbpasswd > Successfully added passdb backend 'smbpasswd' > Attempting to register passdb backend tdbsam > Successfully added passdb backend 'tdbsam' > Attempting to register passdb backend guest > Successfully added passdb backend 'guest' > Attempting to find an passdb backend to match > > ---snipp--- > > Everything seems to be okay, > but the following lines are the important ones ... > > ---snipp--- > ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam) > Found pdb backend ldapsam > Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))] > smbldap_search: base => [dc=hrnet,dc=de], filter => > [(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2] > smbldap_open_connection: ldap://486dx66.hrnet.de:1389/ > smbldap_open_connection: connection opened > fetch_ldap_pw: neither ldap secret retrieved! > ldap_connect_system: Failed to retrieve password from secrets.tdb > Connection to LDAP server failed for the 1 try! > ---snipp--- > > And so on. So, it is said, there's a connection opened to > ldap://486dx66.hrnet.de:1389/ > but it isn't as the logs auf openldap show (there's no entry which shows > any connection from smbpasswd to LDAP-Server, believe me, i can't show > you anything,although loglevel is set to -1, which means that > everything would/will be logged) > > So one could think, there's simple a problem with OpenLDAP, > so let's try a similar search : > > ---snipp--- > [PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H > ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub > '(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))' > # extended LDIF > # > # LDAPv3 > # base with scope sub > # filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN)) > # requesting: ALL > # > > # HRDOMAIN, hrnet.de > dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de > sambaNextUserRid: 41000 > sambaSID: S-1-5-21-2344209003-2394295749-876522236 > objectClass: sambaDomain > sambaAlgorithmicRidBase: 1000 > sambaDomainName: HRDOMAIN > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > [PTS2] [EMAIL PROTECTED]:/usr/local/samba3 # > > ---snipp--- > > So OpenLDAP works , i can see it in the logs too > (too much to show, so you must believe me ;o) > > Now my question : > > Does anybody see, where the problem comes from, > is there a mistake in my smb.conf or does anyone > have hints/solutions ? > > I tried with ssl=on,ssl=off,ssl = start tls, > but this didn't change anything. > It must be a samba problem as all tools i tried are working > well with Openldap (did mostly try a search to test ..) > > > Here is my smb.conf (only the globals) : > > ---snipp--- > [global] > netbios name = 486DX66 > workgroup = HRDOMAIN > domain logons = Yes > domain master = Yes > security = User > > server string = Samba-PDC %v on %h > > passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/ > > ldap server = 486dx66.hrnet.de > ldap suffix = "dc=hrnet,dc=de" > ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))" > ldap port = 1389 > ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de" > ldap ssl = off > ldap user suffix = ou=users > ldap group suffix = ou=groups > ldap machine suffix = ou=machines > > encrypt passwords = yes > time server = Yes > > kernel oplocks = no > short preserve case = yes > wins support = no > case sensitive = no > max log size = 1000 > > lock dir = /var/lock/samba > log file = /var/log/samba-%m.log > load printers = yes > logon drive = v: > os level = 255 > create mask = 0661 > logon home = \\%N\%u\.profiles > printing = cups > printcap = cups
