Hoferer, Patrick K. (Space Systems)
2003-Oct-22 00:27 UTC
[Samba] Cannot update Sun One DS directory with smbpasswd
I can't update the users within our LDAP database using smbpasswd. I have attached the output from the smbpasswd debugger below: isun02$ smbpasswd -D 256 -U hoferpa Netbios name list:- my_netbios_names[0]="ISUN02" New SMB password: Retype new SMB password: Trying to load: ldapsam Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam (ldapsam) Found pdb backend ldapsam Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=WORKGROUP))] smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=WORKGROUP))] smbldap_open_connection: ldap://localhost smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://localhost as "uid=sambaadmin,cn=directory administrators,dc=sbirs,dc=eng" ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesful connected pdb backend ldapsam has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init smbldap_search_suffix: searching for:[(&(objectclass=sambaSamAccount))] smbldap_open: already connected to the LDAP server ldapsam_getsampwnam: Duplicate entries for this user [hoferpa] Failing. count=4 Failed to find entry for user hoferpa. Failed to modify password entry for user hoferpa Below is the LDAP entry for the user hoferpa: isun02$ ldapsearch -h isun02.sbirs.eng -b dc=sbirs,dc=eng -D "uid=sambaadmin,cn=directory administrators,dc=sbirs,dc=eng" -w abc123 uid=hoferpa uid=hoferpa,ou=people,dc=sbirs,dc=eng cn=hoferpa uidNumber=411152 gidNumber=4013 gecos=Patrick Hoferer homeDirectory=/export/home/hoferpa loginShell=/usr/bin/tcsh uid=hoferpa shadowLastChange=12333 shadowFlag=0 objectClass=posixAccount objectClass=shadowAccount objectClass=account objectClass=top objectClass=sambasamaccount userPassword=abc123 sambaPrimaryGroupSID=S-1-5-21-3648157004-3289977631-1919091730-500-9027 sambaSID=S-1-5-21-3648157004-3289977631-1919091730-500-823304 I get the same errors for all of the accounts when I use smbpasswd. Is there something wrong with the "passwd backend = ldapsam". I made the ldapsam.so library after running make during my SAMBA 3.0 instance. Does anyone know what is missing?
Gerald (Jerry) Carter
2003-Oct-31 17:58 UTC
[Samba] Cannot update Sun One DS directory with smbpasswd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hoferer, Patrick K. (Space Systems) wrote: | I can't update the users within our LDAP database using smbpasswd. I have | attached the output from the smbpasswd debugger below: ... | smbldap_search_suffix: searching for:[(&(objectclass=sambaSamAccount))] | smbldap_open: already connected to the LDAP server | ldapsam_getsampwnam: Duplicate entries for this user [hoferpa] Failing. | count=4 | Failed to find entry for user hoferpa. | Failed to modify password entry for user hoferpa | | Below is the LDAP entry for the user hoferpa: | | isun02$ ldapsearch -h isun02.sbirs.eng -b dc=sbirs,dc=eng -D | "uid=sambaadmin,cn=directory administrators,dc=sbirs,dc=eng" -w abc123 | uid=hoferpa | uid=hoferpa,ou=people,dc=sbirs,dc=eng ... | objectClass=sambasamaccount | userPassword=abc123 | sambaPrimaryGroupSID=S-1-5-21-3648157004-3289977631-1919091730-500-9027 | sambaSID=S-1-5-21-3648157004-3289977631-1919091730-500-823304 You got me. Have you looked at an ethereal trace to see exactly what the directory server is sending back to smbd? What do you have set for the various 'ldap XXX suffix' lines in smb.conf? cheers, jerry ~ ---------------------------------------------------------------------- ~ Hewlett-Packard ------------------------- http://www.hp.com ~ SAMBA Team ---------------------- http://www.samba.org ~ GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc ~ "You can never go home again, Oatman, but I guess you can shop there." ~ --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/oqLZIR7qMdg1EfYRArudAKDeai1J29va+xq4tvtb48kpJL0VpACeOYB1 Q423O96qy1s8XEfUFvFd+Nc=6tv4 -----END PGP SIGNATURE-----