1. Here's my case: [root@dsat ~]# net groupmap list [root@dsat ~]# net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=domainadmins adding entry for group Domain Admins failed! 2. Here's samba log: [root@dsat ~]# tail /var/log/smbd.log [2006/10/10 08:51:23, 0] lib/smbldap.c:smbldap_connect_system(851) ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/10/10 08:51:23, 1] lib/smbldap.c:another_ldap_try(1051) Connection to LDAP server failed for the 15 try! [2006/10/10 08:51:24, 0] passdb/secrets.c:fetch_ldap_pw(629) fetch_ldap_pw: neither ldap secret retrieved! [2006/10/10 08:51:24, 0] lib/smbldap.c:smbldap_connect_system(851) ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/10/10 08:51:24, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2170) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Time limit exceeded) Here's some setting in smb.conf security = user passdb backend = ldapsam:ldap://localhost ldap admin dn = cn=admin ldap suffix = dc=local,dc=atc ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups
> [root@dsat ~]# tail /var/log/smbd.log > [2006/10/10 08:51:23, 0] lib/smbldap.c:smbldap_connect_system(851) > ldap_connect_system: Failed to retrieve password from secrets.tdb > [2006/10/10 08:51:23, 1] lib/smbldap.c:another_ldap_try(1051) > Connection to LDAP server failed for the 15 try! > [2006/10/10 08:51:24, 0] passdb/secrets.c:fetch_ldap_pw(629) > fetch_ldap_pw: neither ldap secret retrieved! > [2006/10/10 08:51:24, 0] lib/smbldap.c:smbldap_connect_system(851) > ldap_connect_system: Failed to retrieve password from secrets.tdb > [2006/10/10 08:51:24, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2170) > ldapsam_search_one_group: Problem during the LDAP search: LDAP error: > (unknown) (Time limit exceeded)Sounds like you haven't told samba your bind password (you do this using smbpasswd and the -w or -W arguments).
I try to setup Samba 3 integrate with FDS 1.0.2 on FC5 1. Here's my case: [root@dsat ~]# net groupmap list [root@dsat ~]# net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=domainadmins adding entry for group Domain Admins failed! 2. Here's samba log: [root@dsat ~]# tail /var/log/smbd.log [2006/10/10 08:51:23, 0] lib/smbldap.c:smbldap_connect_system(851) ? ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/10/10 08:51:23, 1] lib/smbldap.c:another_ldap_try(1051) ? Connection to LDAP server failed for the 15 try! [2006/10/10 08:51:24, 0] passdb/secrets.c:fetch_ldap_pw(629) ? fetch_ldap_pw: neither ldap secret retrieved! [2006/10/10 08:51:24, 0] lib/smbldap.c:smbldap_connect_system(851) ? ldap_connect_system: Failed to retrieve password from secrets.tdb [2006/10/10 08:51:24, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2170) ? ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Time limit exceeded) Here's some setting in smb.conf security = user passdb backend = ldapsam:ldap://localhost ldap admin dn = cn=admin ldap suffix = dc=local,dc=atc ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups
> security = user > passdb backend = ldapsam:ldap://localhost > ldap admin dn = cn=admin > ldap suffix = dc=local,dc=atc > ldap user suffix = ou=People > ldap machine suffix = ou=Computers > ldap group suffix = ou=GroupsYour ldap admin dn parameter perhaps hsould be the complete dn of the admin user, ex: cn=admin,dc=local,dc=atc. Then try resetting the ldap bind password, and see if this works. Also, it looks like you were trying to add a group mapping, but the group mapping probably already exists - instead you should change the group mapping for Domain Admins. Do a net groupmap list to see if there is already an entry (probably an entry mapping Domain Admins to Unix group -1 or something like that)