samba - May 2008 - smb_ldap_setup_connection failed with blank user Password

Hi,

i have a succesfully PDC Setup on a Novell/Suse OES1 SP2 Server with
eDirectory/LDAP and Samba Version 3.0.26a-0.7-1616-SUSE-SLES9.

Only Problem is, a User with a blank Password can't be authenticated on
a Domain Member Server (Users with Passwords doesn't have this Problem).

A Samba Level 10 Log show me this:

<snip>

[2008/05/14 16:25:48, 9]
passdb/passdb.c:pdb_update_autolock_flag(1418)
pdb_update_autolock_flag: Account user not autolocked, no check
needed
[2008/05/14 16:25:48, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2008/05/14 16:25:48, 5]
passdb/pdb_nds.c:pdb_nds_update_login_attempts(770)
pdb_nds_update_login_attempts: Successful login for user
[2008/05/14 16:25:48, 3]
passdb/pdb_nds.c:pdb_nds_update_login_attempts(797)
pdb_nds_update_login_attempts: username user found dn
'cn=user,ou=stat,o=TKH'
[2008/05/14 16:25:48, 5] passdb/pdb_nds.c:pdb_nds_get_password(677)
NDS Universal Password retrieved for cn=user,ou=stat,o=TKH
[2008/05/14 16:25:48, 10]  lib/smbldap.c:smb_ldap_setup_conn(630)
smb_ldap_setup_connection: ldaps://172.30.10.25:636
[2008/05/14 16:25:51, 5]
passdb/pdb_nds.c:pdb_nds_update_login_attempts(825)
pdb_nds_update_login_attempts: ldap_simple_bind_s Failed for user

<snip>

This one looks to be the Problem:

smb_ldap_setup_connection: ldaps://172.30.10.25:636


What is the Problem?
Is there a way to avoid this?

Thomas

It looks like your LDAP backend is rejecting the bind - if the backend
was OpenLDAP, this would be because the LDAP administrator disabled
anonymous (passwordless) binds.  I don't know eDirectory, I jumped
ship on NDS years ago.

That's all I know, sorry.
--Charlie

On Sat, May 17, 2008 at 5:56 AM, Thomas Rei? <thomas@mypoint.franken.de>
wrote:
> Hi,
>
> i have a succesfully PDC Setup on a Novell/Suse OES1 SP2 Server with
> eDirectory/LDAP and Samba Version 3.0.26a-0.7-1616-SUSE-SLES9.
>
> Only Problem is, a User with a blank Password can't be authenticated on
> a Domain Member Server (Users with Passwords doesn't have this
Problem).
>
> A Samba Level 10 Log show me this:
>
> <snip>
>
> [2008/05/14 16:25:48, 9]
> passdb/passdb.c:pdb_update_autolock_flag(1418)
> pdb_update_autolock_flag: Account user not autolocked, no check
> needed
> [2008/05/14 16:25:48, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
> ntlm_password_check: Checking NT MD4 password
> [2008/05/14 16:25:48, 5]
> passdb/pdb_nds.c:pdb_nds_update_login_attempts(770)
> pdb_nds_update_login_attempts: Successful login for user
> [2008/05/14 16:25:48, 3]
> passdb/pdb_nds.c:pdb_nds_update_login_attempts(797)
> pdb_nds_update_login_attempts: username user found dn
> 'cn=user,ou=stat,o=TKH'
> [2008/05/14 16:25:48, 5] passdb/pdb_nds.c:pdb_nds_get_password(677)
> NDS Universal Password retrieved for cn=user,ou=stat,o=TKH
> [2008/05/14 16:25:48, 10]  lib/smbldap.c:smb_ldap_setup_conn(630)
> smb_ldap_setup_connection: ldaps://172.30.10.25:636
> [2008/05/14 16:25:51, 5]
> passdb/pdb_nds.c:pdb_nds_update_login_attempts(825)
> pdb_nds_update_login_attempts: ldap_simple_bind_s Failed for user
>
> <snip>
>
> This one looks to be the Problem:
>
> smb_ldap_setup_connection: ldaps://172.30.10.25:636
>
>
> What is the Problem?
> Is there a way to avoid this?
>
> Thomas
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>