Hi, I'm trying to run samba 2.2.6 + OpenLDAP as user/group database ( not /etc/passwd). nss_ldap+pam_ldap is installed and working OK, as I can login using ssh, or trough console with one of ldap user. But trying to connect to samba, when samba is ran as #samba -d 2 -i I get: ... init_sam_from_ldap: User [ldapuser] does not ave a uid! pass_check_smb failed - invalid password for user [ldapuser] Rejecting user 'ldapuser': authentication failed ... Does it mean that samba does not use posixaccount ldap user ? One more question does anybody can confirm/deny that samba 2.2.x work with users/groups from LDAP (without /etc/passwd)? Thanks, -- Saulius p.s. The whole log [root@kaunas sbin]# ./smbd -d 2 -i smbd version 2.2.6 started. Copyright Andrew Tridgell and the Samba Team 1992-2002 uid=0 gid=0 euid=0 egid=0 Processing section "[netlogon]" Processing section "[profiles]" Processing section "[homes]" Processing section "[x]" Processing section "[y]" Processing section "[t]" Processing section "[z]" added interface ip=10.0.0.190 bcast=10.255.255.255 nmask=255.0.0.0 added interface ip=192.0.0.1 bcast=192.0.0.255 nmask=255.255.255.0 waiting for a connection netbios connect: name1=KS name2=KS netbios connect: local=ks remote=ks StartTLS issued: using a TLS connection ldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server ldap_search_one_user: searching for:[(&(uid=ldapuser)(objectclass=sambaAccount))] get_single_attribute: [uid] = [ldapuser] Entry found for user: ldapuser get_single_attribute: [pwdLastSet] = [0] get_single_attribute: [logonTime] = [0] get_single_attribute: [logoffTime] = [2147483647] get_single_attribute: [kickoffTime] = [2147483647] get_single_attribute: [pwdCanChange] = [0] get_single_attribute: [pwdMustChange] = [2147483647] get_single_attribute: [cn] = [ldapuser] get_single_attribute: [homeDrive] = [H:] get_single_attribute: [smbHome] = [\\KS\home] get_single_attribute: [scriptPath] = [ldapuser.cmd] get_single_attribute: [profilePath] = [\\KS\profiles\ldapuser] get_single_attribute: [description] = [System User] get_single_attribute: [userWorkstations] = [<does not exist>] get_single_attribute: [rid] = [3014] get_single_attribute: [primaryGroupID] = [1201] init_sam_from_ldap: User [ldapuser] does not ave a uid! pass_check_smb failed - invalid password for user [ldapuser] NT Password did not match for user 'ldapuser'! Defaulting to Lanman password for ldapuser StartTLS issued: using a TLS connection ldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server ldap_search_one_user: searching for:[(&(uid=ldapuser)(objectclass=sambaAccount))] get_single_attribute: [uid] = [ldapuser] Entry found for user: ldapuser get_single_attribute: [pwdLastSet] = [0] get_single_attribute: [logonTime] = [0] get_single_attribute: [logoffTime] = [2147483647] get_single_attribute: [kickoffTime] = [2147483647] get_single_attribute: [pwdCanChange] = [0] get_single_attribute: [pwdMustChange] = [2147483647] get_single_attribute: [cn] = [ldapuser] get_single_attribute: [homeDrive] = [H:] get_single_attribute: [smbHome] = [\\KS\home] get_single_attribute: [scriptPath] = [ldapuser.cmd] get_single_attribute: [profilePath] = [\\KS\profiles\ldapuser] get_single_attribute: [description] = [System User] get_single_attribute: [userWorkstations] = [<does not exist>] get_single_attribute: [rid] = [3014] get_single_attribute: [primaryGroupID] = [1201] init_sam_from_ldap: User [ldapuser] does not ave a uid! pass_check_smb failed - invalid password for user [ldapuser] Rejecting user 'ldapuser': authentication failed Closing connections
On Tue, 2002-11-12 at 12:03, Saulius Gurklys wrote:> Hi, > I'm trying to run samba 2.2.6 + OpenLDAP as user/group > database ( not /etc/passwd). nss_ldap+pam_ldap is installed and > working OK, as I can login using ssh, or trough > console with one of ldap user. > But trying to connect to samba, when samba is ran as > #samba -d 2 -i > I get: > ... > init_sam_from_ldap: User [ldapuser] does not ave a uid! > pass_check_smb failed - invalid password for user [ldapuser] > Rejecting user 'ldapuser': authentication failed > ... > > Does it mean that samba does not use posixaccount ldap user ?it does> One more question does anybody can confirm/deny that samba 2.2.x > work with users/groups from LDAP (without /etc/passwd)?yes it works fine. you need to add the samba stuff to the ldap store too the posixstuff is not sufficient. follow the howto here is one of my ldap users # bwlang, People, bitc, unh, edu dn: uid=bwlang,ou=People,dc=bitc,dc=unh,dc=edu loginShell: /bin/bash gidNumber: 100 shadowMax: 99999 homeDirectory: /home/bwlang shadowWarning: 7 uidNumber: 603 objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaAccount objectClass: phpgwAccount objectClass: phpgwAccount phpgwAccountType: u phpgwAccountStatus: A phpgwAccountExpires: -1 phpgwAccountLastLogin: 1036765185 phpgwAccountLastLoginFrom: xxxxxxx shadowLastChange: 11999 uid: bwlang rid: 2206 primaryGroupID: 1077 pwdLastSet: 1036773037 displayName: brad langhorst cn: brad langhorst logonTime: 0 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 0 pwdMustChange: 1038587437 acctFlags: [U the password fields have been removed brad