samba - Mar 2005 - samba ldap bind problems.

I have a solaris 9 box that I am configuring to be a PDC using the
latest version of samba authenticating off of an Openldap db.

This machine uses the same ldap server to authenticate the unix users
but after following documentation for setting up samba/ldap PDC.

Using smbldap-populate populated the database with no problems but when
I try and run

smblclient -L master

I get the following errors in syslog and the command times out
eventually. basically from what I am seeing I believe that somewhere
there is wrong bind being made to my ldap server. Nothing is appearing
in the logs of the ldap server. I have looked through all files that I
can think of that has bind information and that is correct. I have
dumped secrets.tbd and that is correct.

If anyone can offer any problems it would be much appreciated.

Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error] [2005/03/08
16:18:29, 0] lib/smbldap.c:smbldap_connect_system(850)
Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error]   failed to
bind to server with dn= cn=Manager,dc=sage,dc=ato Error: Can't contact
LDAP server
Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error]
(unknown)

# more /etc/samba/smb.conf
netbios name = master
workgroup = SAGE
ldap admin dn = cn=Manager,dc=sage,dc=ato
ldap suffix = dc=sage,dc=ato
os level = 32
preferred master = yes
domain master = yes
local master = yes
domain logons = yes

smbldap_conf.pm

# LDAP Suffix
# Ex: $suffix = "dc=IDEALX,dc=ORG";
$suffix = "dc=sage,dc=ato";

# Where are stored Users
# Ex: $usersdn = "ou=Users,$suffix"; for ou=Users,dc=IDEALX,dc=ORG
$usersou = q(USERS);
$usersdn = "ou=people,$suffix";

# Where are stored Computers
# Ex: $computersdn = "ou=Computers,$suffix"; for
ou=Computers,dc=IDEALX,dc=ORG
$computersou = q(COMPUTERS);
$computersdn = "ou=computers,ou=services,$suffix";

# Where are stored Groups
# Ex $groupsdn = "ou=Groups,$suffix"; for ou=Groups,dc=IDEALX,dc=ORG
$groupsou = q(GROUPS);
$groupsdn = "ou=groups,$suffix";

# Default scope Used
$scope = "sub";

# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA)
$hash_encrypt="CRYPT";


# Bind DN used
# Ex: $binddn = "cn=Manager,$suffix"; for cn=Manager,dc=IDEALX,dc=org
$binddn = "cn=Manager,$suffix";

# Bind DN passwd used
# Ex: $bindpasswd = 'secret'; for 'secret'
$bindpasswd = "secret";

S-1-5-21-4058613952-3403335136-1230151498

Barry Haycock
T +61 2 6216 8905
Cybertrust Pty Limited
243 Northbourne Ave
Lyneham ACT 2602
 
There are 10 types of people in the world. Those that understand binary
and those that don't.

<warning> I'm just getting started with samba-ldap myself, on linux.
<\warning>

Check your ldap.conf file for the correct binddn and bindpw.
If it's correct, is ldap.conf readable by the user Samba runs as?

Hudson

--- Barry Haycock <Barry.Haycock@cybertrust.com>
wrote:
> I have a solaris 9 box that I am configuring to be a PDC using the
> latest version of samba authenticating off of an Openldap db.
> 
> This machine uses the same ldap server to authenticate the unix users
> but after following documentation for setting up samba/ldap PDC.
> 
> Using smbldap-populate populated the database with no problems but when
> I try and run
> 
> smblclient -L master
> 
> I get the following errors in syslog and the command times out
> eventually. basically from what I am seeing I believe that somewhere
> there is wrong bind being made to my ldap server. Nothing is appearing
> in the logs of the ldap server. I have looked through all files that I
> can think of that has bind information and that is correct. I have
> dumped secrets.tbd and that is correct.
> 
> If anyone can offer any problems it would be much appreciated.
> 
> Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error] [2005/03/08
> 16:18:29, 0] lib/smbldap.c:smbldap_connect_system(850)
> Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error]   failed to
> bind to server with dn= cn=Manager,dc=sage,dc=ato Error: Can't contact
> LDAP server
> Mar  8 16:18:29 usfr140 smbd[4441]: [ID 702911 daemon.error]
> (unknown)
> 
> # more /etc/samba/smb.conf
> netbios name = master
> workgroup = SAGE
> ldap admin dn = cn=Manager,dc=sage,dc=ato
> ldap suffix = dc=sage,dc=ato
> os level = 32
> preferred master = yes
> domain master = yes
> local master = yes
> domain logons = yes
> 
> smbldap_conf.pm
> 
> # LDAP Suffix
> # Ex: $suffix = "dc=IDEALX,dc=ORG";
> $suffix = "dc=sage,dc=ato";
> 
> # Where are stored Users
> # Ex: $usersdn = "ou=Users,$suffix"; for
ou=Users,dc=IDEALX,dc=ORG
> $usersou = q(USERS);
> $usersdn = "ou=people,$suffix";
> 
> # Where are stored Computers
> # Ex: $computersdn = "ou=Computers,$suffix"; for
> ou=Computers,dc=IDEALX,dc=ORG
> $computersou = q(COMPUTERS);
> $computersdn = "ou=computers,ou=services,$suffix";
> 
> # Where are stored Groups
> # Ex $groupsdn = "ou=Groups,$suffix"; for
ou=Groups,dc=IDEALX,dc=ORG
> $groupsou = q(GROUPS);
> $groupsdn = "ou=groups,$suffix";
> 
> # Default scope Used
> $scope = "sub";
> 
> # Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA)
> $hash_encrypt="CRYPT";
> 
> 
> # Bind DN used
> # Ex: $binddn = "cn=Manager,$suffix"; for
cn=Manager,dc=IDEALX,dc=org
> $binddn = "cn=Manager,$suffix";
> 
> # Bind DN passwd used
> # Ex: $bindpasswd = 'secret'; for 'secret'
> $bindpasswd = "secret";
> 
> S-1-5-21-4058613952-3403335136-1230151498
> 
> Barry Haycock
> T +61 2 6216 8905
> Cybertrust Pty Limited
> 243 Northbourne Ave
> Lyneham ACT 2602
>  
> There are 10 types of people in the world. Those that understand binary
> and those that don't.
>  
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> 

	
		
__________________________________ 
Celebrate Yahoo!'s 10th Birthday! 
Yahoo! Netrospective: 100 Moments of the Web 
http://birthday.yahoo.com/netrospective/