fabricio bianco abreu
2005-Jul-28 18:35 UTC
[Samba] Win95 on a Samba3+LDAP domain on a Debian box
Hi folks,
I have successfuly migrated a WinNT 4.0 Domain to a Debian server with
Samba3+Ldap following the Samba-3 by Example guide from John H. Terpstra (an
impressive good guide) and The Linux Samba-OpenLADP Howto from Jerome Tournier
&
Olivier Lemaire.
The domain holds about 800 accounts. There are WinNT servers, WinXP and Win95
clients belonging to it.
WinNT servers and WinXP clients are working fine (i.e. as expected).
Nevertheless, Win95 clients are now unable to share local folders because they
cannot retrieve the user list from the domain. The following lines are logged on
the samba server:
[2005/07/27 14:28:45, 0] passdb/pdb_ldap.c:ldapsam_setsampwent(1236)
ldapsam_setsampwent: LDAP search failed: Size limit exceeded
[2005/07/27 14:28:45, 0] rpc_server/srv_samr_nt.c:load_sampwd_entries(342)
load_sampwd_entries: Unable to open passdb.
That makes the question an LDAP/Samba related issue (I believe).
I have browsed the list for help and found this:
http://marc.theaimsgroup.com/?l=samba&m=109416402629367&w=2
which did not worked for me.
I do not want to bother you with boring details. As for the Debian distribuition
caveats I'd like to mention:
1. There is no /etc/ldap.conf file. There are /etc/pam_ldap.conf from the
libpam-ldap package and /etc/linbss-ldap.conf from libnss-ldap package.
2. Slapd does not start if a statement like
[limits dn="cn=manager,dc=tcdf,dc=net" size.soft=-1
size.hard=soft"] is found in
/etc/ldap/slapd.conf. A statement like {sizelimit unlimited} is not a show
stopper.
Debian 3.1 (sarge)
slapd-2.2.23-8
samba-3.0.14a-3
smbldap-tools-0.8.7-4
The most interesting information is that it seems that Slapd is realy not
limiting the amount of information delivered. The folowing comands work flawless
in the Debian box:
1. pdbedit -L
2. getent passwd
3. ldapsearch -x
As for WinNT, no problems sharing folders and even User Manager for domains is
operational. As for WinXP, no problems at all when sharing folders.
Would anyone help me?
Thanks in advance,
________________________________________________________________
Fabricio Bianco Abreu
N?cleo de Inform?tica e Processamento de Dados
TRIBUNAL DE CONTAS DO DISTRITO FEDERAL (http://www.tc.df.gov.br)
Tel 55 - 61 - 314 2236
Fax 55 - 61 - 314 2268
Utilize software livre (visite http://www.tc.df.gov.br/tcbrasil)
________________________________________________________________
________ Information from NOD32 ________
This message was checked by NOD32 Antivirus System for Linux Mail Server.
http://www.nod32.com
Geert Stappers
2005-Jul-28 21:53 UTC
[Samba] Win95 on a Samba3+LDAP domain on a Debian box
On Thu, Jul 28, 2005 at 03:36:35PM -0300, fabricio bianco abreu wrote:> Hi folks, > > I have successfuly migrated a WinNT 4.0 Domain to a Debian server with > Samba3+Ldap following the Samba-3 by Example guide from John H. Terpstra (an > impressive good guide) and The Linux Samba-OpenLADP Howto from Jerome Tournier & > Olivier Lemaire. > > The domain holds about 800 accounts. There are WinNT servers, WinXP and Win95 > clients belonging to it. > > WinNT servers and WinXP clients are working fine (i.e. as expected). > > Nevertheless, Win95 clients are now unable to share local folders because they > cannot retrieve the user list from the domain. The following lines are logged on > the samba server: > > [2005/07/27 14:28:45, 0] passdb/pdb_ldap.c:ldapsam_setsampwent(1236) > ldapsam_setsampwent: LDAP search failed: Size limit exceeded > [2005/07/27 14:28:45, 0] rpc_server/srv_samr_nt.c:load_sampwd_entries(342) > load_sampwd_entries: Unable to open passdb. > > That makes the question an LDAP/Samba related issue (I believe).:-) I believe it is a Microsoft(TM) Windows(TM) 95 problem. And the good part of the joke is that it can be solved on the LDAP/Samba side (I believe) To me it seems that the Win95 system requests the password database, but has no rights the access it. Hence the error: Unable to open passdb.> I have browsed the list for help and found this: > http://marc.theaimsgroup.com/?l=samba&m=109416402629367&w=2 > > which did not worked for me. > > I do not want to bother you with boring details. As for the Debian distribuition > caveats I'd like to mention: > 1. There is no /etc/ldap.conf file. There are /etc/pam_ldap.conf from the > libpam-ldap package and /etc/linbss-ldap.conf from libnss-ldap package. > 2. Slapd does not start if a statement like > [limits dn="cn=manager,dc=tcdf,dc=net" size.soft=-1 size.hard=soft"] is found in > /etc/ldap/slapd.conf. A statement like {sizelimit unlimited} is not a show stopper. > > Debian 3.1 (sarge) > slapd-2.2.23-8 > samba-3.0.14a-3 > smbldap-tools-0.8.7-4 > > The most interesting information is that it seems that Slapd is realy not > limiting the amount of information delivered. The folowing comands work flawless > in the Debian box: > 1. pdbedit -L > 2. getent passwd > 3. ldapsearch -x > > As for WinNT, no problems sharing folders and even User Manager for domains is > operational. As for WinXP, no problems at all when sharing folders.Find out which account the Win95 system uses to acces the Samba passwords in LDAP.> > Would anyone help me? > > Thanks in advance,Cheers Geert Stappers
Kevin Brouelette
2005-Jul-31 19:24 UTC
[Samba] Win95 on a Samba3+LDAP domain on a Debian box
Hello, Just a thought... Doesn't Win95 require 'encrypt passwords = no' and Win98 and higher require 'yes'?? I recall from Samba 2.x that you had to choose one or the other. Maybe Samba 3.x is different[??] Corrections welcome. Kevin ----- Original Message ----- From: "fabricio bianco abreu" <fabricio@tc.df.gov.br> To: <samba@lists.samba.org> Sent: Thursday, July 28, 2005 11:36 AM Subject: [Samba] Win95 on a Samba3+LDAP domain on a Debian box> Hi folks, > > I have successfuly migrated a WinNT 4.0 Domain to a Debian server with > Samba3+Ldap following the Samba-3 by Example guide from John H. Terpstra > (an > impressive good guide) and The Linux Samba-OpenLADP Howto from Jerome > Tournier & > Olivier Lemaire. > > The domain holds about 800 accounts. There are WinNT servers, WinXP and > Win95 > clients belonging to it. > > WinNT servers and WinXP clients are working fine (i.e. as expected). > > Nevertheless, Win95 clients are now unable to share local folders because > they > cannot retrieve the user list from the domain. The following lines are > logged on > the samba server: > > [2005/07/27 14:28:45, 0] passdb/pdb_ldap.c:ldapsam_setsampwent(1236) > ldapsam_setsampwent: LDAP search failed: Size limit exceeded > [2005/07/27 14:28:45, 0] rpc_server/srv_samr_nt.c:load_sampwd_entries(342) > load_sampwd_entries: Unable to open passdb. > > That makes the question an LDAP/Samba related issue (I believe). > > I have browsed the list for help and found this: > http://marc.theaimsgroup.com/?l=samba&m=109416402629367&w=2 > > which did not worked for me. > > I do not want to bother you with boring details. As for the Debian > distribuition > caveats I'd like to mention: > 1. There is no /etc/ldap.conf file. There are /etc/pam_ldap.conf from the > libpam-ldap package and /etc/linbss-ldap.conf from libnss-ldap package. > 2. Slapd does not start if a statement like > [limits dn="cn=manager,dc=tcdf,dc=net" size.soft=-1 size.hard=soft"] is > found in > /etc/ldap/slapd.conf. A statement like {sizelimit unlimited} is not a show > stopper. > > Debian 3.1 (sarge) > slapd-2.2.23-8 > samba-3.0.14a-3 > smbldap-tools-0.8.7-4 > > The most interesting information is that it seems that Slapd is realy not > limiting the amount of information delivered. The folowing comands work > flawless > in the Debian box: > 1. pdbedit -L > 2. getent passwd > 3. ldapsearch -x > > As for WinNT, no problems sharing folders and even User Manager for > domains is > operational. As for WinXP, no problems at all when sharing folders. > > Would anyone help me? > > Thanks in advance, > ________________________________________________________________ > > Fabricio Bianco Abreu > N?cleo de Inform?tica e Processamento de Dados > TRIBUNAL DE CONTAS DO DISTRITO FEDERAL (http://www.tc.df.gov.br) > Tel 55 - 61 - 314 2236 > Fax 55 - 61 - 314 2268 > Utilize software livre (visite http://www.tc.df.gov.br/tcbrasil) > ________________________________________________________________ > > > > > > > > ________ Information from NOD32 ________ > This message was checked by NOD32 Antivirus System for Linux Mail Server. > http://www.nod32.com > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >