I fixed this error. I had not realized that I needed to specify --with-ldap
at compile-time. configure --help had led me to believe that that was the
default value, but I guess it was not.
Misty
On Wednesday 22 September 2004 17:12, Misty Stanley-Jones
wrote:> Hi all,
>
> I've compiled 3.0.7 on a test box which also has an LDAP server running
on
> it. This is the first time for me trying to use Samba with LDAP. I copied
> the IdealX scripts into /usr/local/sbin and edited the _config.pm file. It
> is attached at the bottom, stripped of comments. I then edited my smb.conf
> to the effect of the following:
>
> passdb backend = ldapsam:ldap://localhost
> ldap suffix = dc=mydomain,dc=com
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=People
> ldap group suffix = ou=Groups
> ldap idmap suffix = ou=People
> ldap admin dn = cn=Manager
> ldap ssl = no
> ldap passwd sync = Yes
> idmap uid = 15000-20000
> idmap gid = 15000-20000
> winbind separator = +
>
> I then did smbpasswd -w (insert cn=Manager password for LDAP)
>
> smbd and nmbd started up just fine. Here is when I run into problems:
> oink:/usr/local/samba/lib # smbclient -L oink
> protocol negotiation failed
>
> Same result if I use 'localhost' or reference it by IP. If you can
tell me
> what I have missed it would be greatly appreciated. I have been following
> the HOWTO step-by-step and I'm not sure what I missed.
>
> Thanks,
> Misty
>
> smbldap_conf.pm:
> use strict;
> package smbldap_conf;
>
> use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS
> $UID_START $GID_START $smbpasswd $slaveLDAP
> $masterLDAP
> $slavePort $masterPort $ldapSSL $slaveURI
> $masterURI $with_smbpasswd $mk_ntpasswd
> $ldap_path $ldap_opts $ldapmodify $suffix $usersdn
> $computersdn
> $groupsdn $scope $binddn $bindpasswd
> $slaveDN $slavePw $masterDN $masterPw
> $_userLoginShell $_userHomePrefix $_userGecos
> $_defaultUserGid $_defaultComputerGid
> $_skeletonDir $_userSmbHome
> $_userProfile $_userHomeDrive
> $_userScript $usersou $computersou $groupsou $SID
> $hash_encrypt $_defaultMaxPasswordAge
> );
>
> use Exporter;
> $VERSION = 1.00;
> @ISA = qw(Exporter);
>
> @EXPORT = qw(
> $UID_START $GID_START $smbpasswd $slaveLDAP
> $masterLDAP
> $slavePort $masterPort $ldapSSL $slaveURI
> $masterURI $with_smbpasswd $mk_ntpasswd
> $ldap_path $ldap_opts $ldapmodify $suffix $usersdn
> $computersdn $groupsdn $scope $binddn $bindpasswd
> $slaveDN $slavePw $masterDN $masterPw
> $_userLoginShell $_userHomePrefix $_userGecos
> $_defaultUserGid $_defaultComputerGid
> $_skeletonDir $_userSmbHome $_userProfile $_userHomeDrive $_userScript
> $usersou $computersou $groupsou $SID $hash_encrypt
> $_defaultMaxPasswordAge
> );
>
> $UID_START = 1000;
> $GID_START = 1000;
>
> $SID='S-1-5-21-725326080-1709766072-2910717368';
>
> $slaveLDAP = "127.0.0.1";
> $slavePort = "389";
>
> $masterLDAP = "127.0.0.1";
> $masterPort = "389";
>
> $ldapSSL = "0";
>
> $suffix = "dc=mydomain,dc=com";
>
>
> $usersou = q(_USERS_);
> $usersdn = "ou=People,$suffix";
>
> $computersou = q(_COMPUTERS_);
> $computersdn = "ou=$computersou,$suffix";
>
> $groupsou = q(_GROUPS_);
> $groupsdn = "ou=$groupsou,$suffix";
>
> $scope = "sub";
>
> $hash_encrypt="SSHA";
>
> $binddn = "cn=Manager,$suffix";
>
> $bindpasswd = 'some_unencrypted_password';
>
> $slaveDN = $binddn;
> $slavePw = $bindpasswd;
> $masterDN = $binddn;
> $masterPw = $bindpasswd;
>
>
> $_userLoginShell = q(/bin/false);
>
> $_userHomePrefix = q(/data/samba/home/);
>
> $_userGecos = q(System User);
>
> $_defaultUserGid = 513;
>
> $_defaultComputerGid = 553;
>
> $_skeletonDir = q(/etc/skel);
>
> $_defaultMaxPasswordAge = 90;
>
>
> $_userSmbHome = q(\\\\_PDCNAME_\\homes);
>
> $_userProfile = q(\\\\_PDCNAME_\\profiles\\);
>
> $_userHomeDrive = q(H:);
>
>
>
>
> $with_smbpasswd = 0;
> $smbpasswd = "/usr/local/samba/bin/smbpasswd";
> $mk_ntpasswd = "/usr/local/sbin/mkntpwd";
>
> $slaveURI = "ldap://$slaveLDAP:$slavePort";
> $masterURI = "ldap://$masterLDAP:$masterPort";
>
> $ldap_path = "/usr/bin";
>
> if ( $ldapSSL eq "0" ) {
> $ldap_opts = "-x";
> } elsif ( $ldapSSL eq "1" ) {
> $ldap_opts = "-x -Z";
> } else {
> die "ldapSSL option must be either 0 or 1.\n";
> }
>
> $ldapmodify = "$ldap_path/ldapmodify $ldap_opts -H $masterURI -D
> '$masterDN' -w '$masterPw'";
>
>
>
> 1;