Sorisio, Chris
2003-Oct-15 18:59 UTC
[Samba] Samba 3.0 + OpenLDAP 2.1 Saga (LDAP Attacks!)
Oh Wise Ones, For the past two days, I have contested with the Samba documentation and other sources of lore in a vain attempt to achieve Samba/LDAP integration. My test system is running RedHat 9 with updates applied, along with OpenLDAP & OpenSSL from redhat-rawhide, and the Samba 3.0.1pre1 RPM from the Samba website. A couple of questions: The HOWTOs instruct one to slapadd a file which, among other entries, contains: # Setting up container for groups dn: ou=Groups,dc=quenya,dc=org objectclass: top objectclass: organizationalUnit ou: People Is it intentional that the container group setup references 'ou: People' or is that a typo? I've gotten as far as having Samba try to add a machine or user account. Before I started again from scratch, I was as far as getting errors like: Failed initialise SAM_ACCOUNT for user Failed to modify password entry for user But everything else seemed to work - it was binding to the LDAP server, etc. Any ideas? Are the LDIF's in the HOWTO all that are necessary to setup an LDAP server for use with Samba 3? Sincerely, Chris
John H Terpstra
2003-Oct-17 19:27 UTC
[Samba] Samba 3.0 + OpenLDAP 2.1 Saga (LDAP Attacks!)
On Wed, 15 Oct 2003, Sorisio, Chris wrote:> Oh Wise Ones, > > For the past two days, I have contested with the Samba documentation and > other sources of lore in a vain attempt to achieve Samba/LDAP integration. > > My test system is running RedHat 9 with updates applied, along with OpenLDAP > & OpenSSL from redhat-rawhide, and the Samba 3.0.1pre1 RPM from the Samba > website. > > A couple of questions: > > The HOWTOs instruct one to slapadd a file which, among other entries, > contains: > > # Setting up container for groups > dn: ou=Groups,dc=quenya,dc=org > objectclass: top > objectclass: organizationalUnit > ou: People > > Is it intentional that the container group setup references 'ou: People' or > is that a typo?That is a typo. Sorry. It will be fixed in the next exciting edition of the Samba-HOWTO-Collection. :) Thanks for the heads up. - John T.> > I've gotten as far as having Samba try to add a machine or user account. > Before I started again from scratch, I was as far as getting errors like: > > Failed initialise SAM_ACCOUNT for user > Failed to modify password entry for user > > But everything else seemed to work - it was binding to the LDAP server, etc. > > Any ideas? Are the LDIF's in the HOWTO all that are necessary to setup an > LDAP server for use with Samba 3? > > Sincerely, > > Chris >-- John H Terpstra Email: jht@samba.org