samba - Mar 2004 - samba 2.2.3a / openLDAP connection problem

This is my first attempt at using samba with ldap but i've hit a problem 
which im trying to debug.

im following the OpenLDAP on Debian Woody guide from 
http://aqua.subnet.at/~max/ldap/

and im at the stage where im trying to add users to the LDAP database 
using smbpasswd

i've created a normal account for the user, but when i get to do :

# smbpasswd -D10 -a marvsmb

i get :

ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as 
"cn=manager,dc=ideaworks3d,dc=com"
Bind failed: Can't contact LDAP server
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as 
"cn=manager,dc=ideaworks3d,dc=com"
Bind failed: Can't contact LDAP server
Failed to add entry for user marvsmb.
Failed to modify password entry for user marvsmb

---------------

now, i know that the ldap server is running (I can telnet to it, i can 
log-in via ssh w/ ldap authentication)

what common problems should i be looking for?

what is a good way to debug this situation? (im running slapd in another 
term window so i can see its debug output)

if it helps my smb.conf contains these ldap settings :

# ldap settings
ldap admin dn = cn=manager,dc=ideaworks3d,dc=com
ldap server = localhost
ldap suffix = ou=People,dc=ideaworks3d,dc=com

and my slapd.conf contains :

include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/misc.schema
include         /etc/ldap/schema/samba.schema

# other stuff here

access to attribute=userPassword,lmPassword,ntPassword
         by dn="cn=manager,dc=ideaworks3d,dc=com" write
         by anonymous auth
         by * none
 

access to *
         by dn="cn=manager,dc=ideaworks3d,dc=com" write
         by dn="cn=nss,dc=ideaworks3d,dc=com" read
         by * auth

sorry for the long mail but i thought it wise to include as much 
relevant detail as possible (although my concept of relevant will no 
doubt change :)

thanks,

Martin

On Fri, 12 Mar 2004 14:27:48 +0000
Martin Wood <martin@ideaworks3d.com> wrote:
> i've created a normal account for the user, but when i get to do :
> 
> # smbpasswd -D10 -a marvsmb
> 
> i get :
> 
> ldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server as 
> "cn=manager,dc=ideaworks3d,dc=com"
> Bind failed: Can't contact LDAP server
> ldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server as 
> "cn=manager,dc=ideaworks3d,dc=com"
> Bind failed: Can't contact LDAP server
> Failed to add entry for user marvsmb.
> Failed to modify password entry for user marvsmb
It seems your Samba-process can not (or is not allowed to -- what does
slapd-output say?) connect to the slapd-server properly.
Did you run "smbpasswd -w $LDAP_BINDPW"?

Cheers,
Max

-- 
The first time any man's freedom is trodden on, we're all damaged.
                       <Cpt. Picard, "The Drumhead", StarTrek
TNG>

http://homex.subnet.at/~max/