samba - Feb 2005 - samba 2 smbpasswd + ldap - not binding properly

I've been having difficulty getting smbpasswd -a working as follows.

wiggum:/etc# smbpasswd -D 10 -a rtr
New SMB password:
Retype new SMB password:
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=test,dc=net"
Bind failed: Can't contact LDAP server
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=test,dc=net"
Bind failed: Can't contact LDAP server
Failed to add entry for user rtr.
Failed to modify password entry for user rtr

Now it clearly says it's binding as "cn=manager,dc=test,dc=net". 
But
according to the ldap server debug info I see the following two binds.  
During the smbpasswd -a neither of which is cn=manager.

do_bind: version=3 dn="cn=nss,dc=test,dc=net" method=128
do_bind: v3 bind: "cn=nss,dc=test,dc=net" to
"cn=nss,dc=test,dc=net"

My smb.conf looks like this:

ldap admin dn   = cn=manager,dc=test,dc=net
ldap server     = ldap.test.net
ldap suffix     = ou=People,dc=test,dc=net

So is smbpasswd ignoring it?  Just a note cn=nss comes from my 
libnss_ldap.conf so it's possible what I'm really seeing is the bind for
nss
lookup of the the passwd entry and smbpasswd isn't attempting to bind at 
all..

I've been scanning the samba list for days and haven't seen any
solutions, so
if someone could help me out I would appreciate it.

Thanks
-- 
Tyler R. Retzlaff <rtr@myinternet.com.au>

Hi,
The problem isn't the authentication, as the server can't even connect
to
the LDAP server to try to authenticate.
Is your passdb backend correctly defined?

Best Regards,
Bruno Guerreiro

-----Original Message-----
From: Tyler R. Retzlaff [mailto:rtr@myinternet.com.au]
Sent: ter?a-feira, 1 de Fevereiro de 2005 23:15
To: samba@lists.samba.org
Subject: [Samba] samba 2 smbpasswd + ldap - not binding properly


I've been having difficulty getting smbpasswd -a working as follows.

wiggum:/etc# smbpasswd -D 10 -a rtr
New SMB password:
Retype new SMB password:
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=test,dc=net"
Bind failed: Can't contact LDAP server
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"cn=manager,dc=test,dc=net"
Bind failed: Can't contact LDAP server
Failed to add entry for user rtr.
Failed to modify password entry for user rtr

Now it clearly says it's binding as "cn=manager,dc=test,dc=net". 
But
according to the ldap server debug info I see the following two binds.  
During the smbpasswd -a neither of which is cn=manager.

do_bind: version=3 dn="cn=nss,dc=test,dc=net" method=128
do_bind: v3 bind: "cn=nss,dc=test,dc=net" to
"cn=nss,dc=test,dc=net"

My smb.conf looks like this:

ldap admin dn   = cn=manager,dc=test,dc=net
ldap server     = ldap.test.net
ldap suffix     = ou=People,dc=test,dc=net

So is smbpasswd ignoring it?  Just a note cn=nss comes from my 
libnss_ldap.conf so it's possible what I'm really seeing is the bind for
nss

lookup of the the passwd entry and smbpasswd isn't attempting to bind at 
all..

I've been scanning the samba list for days and haven't seen any
solutions,
so 
if someone could help me out I would appreciate it.

Thanks
-- 
Tyler R. Retzlaff <rtr@myinternet.com.au>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

On Wednesday 02 February 2005 23:51, you wrote:

It looks like the new day has given me a fresh outlook.  I foolishly neglected 
the fact that the defaults in my test environment were using non-ssl.  Since 
samba defaults ldap port to 636 this was why I was never seeing the 
connections.  Works perfect if you try to connect to a service on the correct 
port amazing!

Thanks Bruno.
> Best Regards,
> Bruno Guerreiro
>
-- 
Tyler R. Retzlaff <rtr@myinternet.com.au>