thr3ads.net - samba - [Samba] smbldap_search_suffix: Problem during the LDAP search [Sep 2004]

If this information is useful, please help other people find it:
Share via:

Glenn Arnold

2004-Sep-02 01:42 UTC

[Samba] smbldap_search_suffix: Problem during the LDAP search

Hello,

I need some help with the following errors that I have in my log.smbd:

[2004/09/01 21:14:39, 0] lib/smbldap.c:smbldap_search_suffix(1126)
  smbldap_search_suffix: Problem during the LDAP search:  (Size limit
exceeded)
[2004/09/01 21:14:39, 0] passdb/pdb_ldap.c:ldapsam_setsampwent(1078)
  ldapsam_setsampwent: LDAP search failed: Size limit exceeded
[2004/09/01 21:14:39, 0]
rpc_server/srv_samr_nt.c:load_sampwd_entries(232)
  load_sampwd_entries: Unable to open passdb.

I notice the problem Monday.  If I use User Manager to view user in my
Samba-LDAP PDC I get the following error "The stub received bad data"
Then I get the prompt "Do I want to select another domain to
administer".  If I run Server Manager I get the same error.  One problem
I discovered was that I had exceeded the size limit for openldap search.
The default SIZELIMIT  500 I increased the size to 10000 which I thought
this would solve the problem which it has not.  I can login to domain
with and access resource on the server with no problems.  I search this
list and google and did not come up with anything conclusive.  I am
running samba 3.04, openldap-2.1.22-8, and Redhat AS 3.0.  Any insight
on these errors would be appreciated.  Here is smb.conf

[global]
netbios name = HSFNP01
workgroup = MTHCS
server string security = user
os level = 64
domain master = yes
local master = yes
preferred master = yes
time server = yes
#passdb backend = tdbsam
ldappasswd sync =yes
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=samba,ou=DSA,dc=mthcs,dc=net
#ldap admin dn = cn=Manager,dc=mthcs,dc=net
ldap suffix = dc=mthcs,dc=net
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap ssl = no
unix extensions = yes
encrypt passwords = yes
domain logons = yes
logon script = logon.bat
logon drive = H:
logon home = \\%L\%U
logon path socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
SO_RCVBUF=8192
SO_SNDBUF=8192
wins support = no
wins server = 10.100.0.10
veto files = /*.eml/*.nws/riched20.dll/
lanman auth = yes
add user script = /usr/local/sbin/smbldap-useradd -m %u
delete user script = /usr/local/sbin/smbldap-userdel %u
ldap delete dn = yes
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupadd "%g"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-usermod -g
"%g"
"%u"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
"%u"
dos charset = 850
unix charset = ISO8859-1
oplocks = yes
load printers = yes
printing = cups
printer admin = Administrator, @Domain Admins
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = -
winbind use default domain = No

[netlogon]
path = /smbsrvr/netlogon/scripts
browsable = no
guest ok = yes
write list = Domain Admins

[homes]
comment = Home Directories
browseable = no
read only = no
hide dot files = yes
veto files /*.mp3/*.exe/*.com/*.js/*.bat/*.cmd/*.wsh/*.lnk/*.scr/*.zip/.*/
dos file times = yes

[C$]
valid users = @root
path = /smbsrvr
read only = no
create mask = 0770
directory mask = 0770
force group = Domain Admins
force directory mode = 0770
dos file times = yes

[Apps]
read only = no
path = /smbsrvr/Apps
create mask = 0770
directory mask = 0770
force create mode = 0770
force directory mode = 0770
dos filetimes = yes
inherit permissions = yes

[Students]
path = /smbsrvr/Students
read only = no
create mask = 0770
directory mask = 0770
force group = hsstudents
force create mode = 0770
force directory mode = 0770
dos filetimes = yes

[AdminTools$]
path = /smbsrvr/AdminTools
read only = no
dos filetimes = yes

[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
browseable = no
guest ok = yes

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = root, @ntadmin


#[%G]
#path = /home/groups/%G/
#read only = no
#force group = %G

[home$]
        writeable = yes
        write list = +ntadmin,@"MTHS-Domain Admins",@ntadmin,@root
        path = /home
        force directory mode = 0770
        force group = +ntadmin
        dos file times = yes
        create mask = 0770
        directory mask = 0770
        valid users = +ntadmins,+root,@"MTHS-Domain
Admins",@ntadmin,@root

[ezaudit]
path = /smbsrvr/ezaudit
read only = no
browsable = no
guest ok = yes

[HSGUIDANCE]
path = /smbsrvr/Guidance
read only = no
dos filetimes = yes

[HS PRINCIPAL]
path = /smbsrvr/hsprincipal
read only = no
dos filetimes = yes

[CIP]
path = /smbsrvr/CIP
read only = no
dos filetimes = yes

[POISE ISSUES]
path = /smbsrvr/Poise Issues
read only = no
dos filetimes = yes

[HSDISCIPLINE]
path = /smbsrvr/Discipline
read only = no
dos filetimes = yes

[YEARBOOK]
path = /smbsrvr/yearbook
read only = no
dos filetimes = yes

[INSTALL]
comment = Mt. Healthy Software
path = /smbsrvr/Install
read only = No
guest only = Yes

[ADMINTOOLS$]
path = /smbsrvr/AdminTools
read only = no
dos filetimes = yes

[hsstudents]
path = /home/hsstudents
read only = no
dos filetimes = yes

[hsstaff]
path = /home/hsstaff
read only = no
dos filetimes = yes

[hsbuilding]
path = /home/hsbuilding
read only = no
dos filetimes = yes

Thanks for your help!
-Glenn

Gerald (Jerry) Carter

2004-Sep-02 15:19 UTC

head link

[Samba] smbldap_search_suffix: Problem during the LDAP search

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Glenn Arnold wrote:
| Hello,
|
| I need some help with the following errors that I
| have in my log.smbd:
|
| smbldap_search_suffix: Problem during the LDAP search:
|    (Size limit exceeded)
| ldapsam_setsampwent: LDAP search failed: Size
|    limit exceeded
| load_sampwd_entries: Unable to open passdb.
|
| I am running samba 3.04, openldap-2.1.22-8, and Redhat
| AS 3.0.  Any insight on these errors would be appreciated.

Looks like you are hittiong the server's size limit for
any given search.  You can try dumping up the limit
in slapd.conf as a temporary workaround.  This is something
we should fix (use the PagedSearchControl or such).


cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot
(2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBNznuIR7qMdg1EfYRApMwAKCnhkRnXZcY9xni84hlIaXzWKeOPgCfXLTd
odfMkbeFPS48s3/GcKVvfKI=d/qN
-----END PGP SIGNATURE-----

Maybe Matching Threads

Search for more maybe matching threads

samba - Sep 2004 - smbldap_search_suffix: Problem during the LDAP search

[Samba] smbldap_search_suffix: Problem during the LDAP search

[Samba] smbldap_search_suffix: Problem during the LDAP search

Maybe Matching Threads