fire-eyes
2005-Oct-14 16:38 UTC
[Samba] 3.0.14 -> 3.0.20a: ldap errors, unable to authenticate or browse
Hello, I was using version 3.0.14 and upgraded to 3.0.20a. I did not change my config, however, I am seeing some serious problems now, and I am not sure what to do about it. I noticed there were a large number of changes between these two versions. I looked at the changes briefly, but there are just so many. This samba server is a domain memmber, on an ADS domain with a win 2003 enterprise server. I am able to join and leave it just fine. I followed the directions here: http://us2.samba.org/samba/docs/man/Samba3-ByExample/unixclients.html#adssdm I am using Gentoo linux, with kernel 2.6.13.4-grsec-20051012. When I start samba, smbd takes well over 30 seconds to start, and the logs show: *** log.smbd *** [2005/10/14 12:22:59, 0] smbd/server.c:main(806) smbd version 3.0.20a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/10/14 12:22:59, 2] lib/interface.c:add_interface(81) added interface ip=192.168.1.8 bcast=192.168.1.255 nmask=255.255.255.0 [2005/10/14 12:22:59, 2] lib/interface.c:add_interface(81) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2005/10/14 12:22:59, 2] lib/smbldap.c:smbldap_open_connection(630) smbldap_open_connection: connection opened [2005/10/14 12:22:59, 0] passdb/secrets.c:fetch_ldap_pw(578) fetch_ldap_pw: neither ldap secret retrieved! [2005/10/14 12:22:59, 0] lib/smbldap.c:smbldap_connect_system(751) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/10/14 12:22:59, 1] lib/smbldap.c:another_ldap_try(951) Connection to LDAP server failed for the 1 try! [2005/10/14 12:23:00, 2] lib/smbldap.c:smbldap_open_connection(630) smbldap_open_connection: connection opened [2005/10/14 12:23:00, 0] passdb/secrets.c:fetch_ldap_pw(578) fetch_ldap_pw: neither ldap secret retrieved! [2005/10/14 12:23:00, 0] lib/smbldap.c:smbldap_connect_system(751) ldap_connect_system: Failed to retrieve password from secrets.tdb [2005/10/14 12:23:00, 1] lib/smbldap.c:another_ldap_try(951) Connection to LDAP server failed for the 2 try! And it just tries for a long time. After smbd finally starts, nmbd starts, then winbindd starts. When I try to explore \\badger , I am prompted for my username and password, which I did not need to do in the past. I enter my username and password, which is the same on the system the samba server is running on, and the win dc. Which is rejected. Then I get: [2005/10/14 12:28:21, 0] lib/util_sock.c:get_peer_addr(1222) getpeername failed. Error was Transport endpoint is not connected And that is as far as I got. All of this worked fine with 3.0.14. My samba config file can be found at http://fire-eyes.org/temp/smb-1014-1.conf So, any ideas? To me it seems to be a change between samba 3.0.14 and 3.0.20a.
Chris
2005-Oct-14 16:54 UTC
[Samba] 3.0.14 -> 3.0.20a: ldap errors, unable to authenticate or browse
On Friday 14 October 2005 12:38 pm, fire-eyes wrote:> Hello, I was using version 3.0.14 and upgraded to 3.0.20a. I did not > change my config, however, I am seeing some serious problems now, and > I am not sure what to do about it. > > I am using Gentoo linux, with kernel 2.6.13.4-grsec-20051012.Highly suggest moving to Samba-3.0.20b and testing again. The Gentoo ebuild for 3.0.20a built Samba using "--with-ldapsam" if the ldap use flag was set. And "passdb backend = ldapsam_compat" became the default (and it isn't set in your config file). See: https://bugs.gentoo.org/show_bug.cgi?id=108400 for details. The 3.0.20b ebuild has a separate ldapsam use flag.