Sérgio A P Ferreira wrote: > Hi list, > Sep 21 14:59:15 zeus slapd[2123]: conn=18 op=2 SRCH > base="dc=cultura,dc=gov,dc=br" scope=2 deref=0 > filter="(&(uid=testuser)(objectClass=sambaSamAccount))" > Sep 21 14:59:15 zeus slapd[2123]: conn=18 op=2 SRCH attr=uid uidNumber > gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange > sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName > sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description > sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword > sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial > sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory > modifyTimestamp sambaLogonHours modifyTimestamp > Sep 21 14:59:15 zeus slapd[2123]: conn=18 op=2 SEARCH RESULT tag=101 err=0 > nentries=0 text= See the nentries=0? This is telling you the object was not found in your LDAP directory. Try to search from the commandline with ldapsearch like:
ldapsearch -D <here goes what you have for "ldap admin dn" in your smb.conf> -b "dc=gov,dc=br" -W (&(uid=testuser)(objectClass=sambaSamAccount) if that doesn't work try modifying the search filter to read: (&(uid=*)(objectClass=*) if it works (you get the entries back), your entry most likely misses the sambaSamAccount attributes, that is to say you missed a step in your setup (smbpasswd?) if it does not work it might be a problem with ACLs in your LDAP server. Try using your "rootdn" from slapd.conf for the -D switch in the above search. If that works change your ACLs to allow your "ldap admin dn" to read and write the necessary attributes. Another thing to check is if your users are visible to the system via NSS, a "getent passwd" should show your samba users along with the users from /etc/passwd. hth Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba