Hi,
we have updated our samba4 AD a few weeks ago from 4.4.latest ->
4.5.latest using the sernet packages.
We are using open-xchange(OX) as web-mail. The ox is using ldap to
authenticate the users.
It is still working, but only for users created BEFORE we did the
update. All new users can not login!
From the log file we only get an:
ERROR: No user found with sAMAccountName=USERNAME
but ldapsearch is working for sAMAccountName=USERNAME.
It might be more an open-xchange issue, but may be someone had a similar
problem.
Can I use tcpdump between the OX-Server and our SAMBA4 server to see the
difference between an old and a new user ?
--
Bye,
Peer
________________________________________________________
Max-Planck-Institut für Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10 Telefon: ++49 3641 57-6705
D-07745 Jena Telefax: ++49 3641 57-7705
On Fri, 20 Apr 2018 10:23:37 +0200 "Dr. Peer-Joachim Koch via samba" <samba at lists.samba.org> wrote:> Hi, > > we have updated our samba4 AD a few weeks ago from 4.4.latest -> > 4.5.latest using the sernet packages.You do realise that the 4.5.x series is now EOL as far as Samba is concerned.> > We are using open-xchange(OX) as web-mail. The ox is using ldap to > authenticate the users. > > It is still working, but only for users created BEFORE we did the > update. All new users can not login! > > From the log file we only get an: > > ERROR: No user found with sAMAccountName=USERNAME > > but ldapsearch is working for sAMAccountName=USERNAME. > > It might be more an open-xchange issue, but may be someone had a > similar problem. >This is very probably an OX problem, probably the search is relying on an attribute or objectclass that it shouldn't.> > Can I use tcpdump between the OX-Server and our SAMBA4 server to see > the difference between an old and a new user ?Probably, but wouldn't it be easier to just dump the AD object of a user that works and the AD object of one that doesn't and then compare them ? Rowland
On 20.04.2018 11:26, Rowland Penny via samba wrote:> On Fri, 20 Apr 2018 10:23:37 +0200 > "Dr. Peer-Joachim Koch via samba" <samba at lists.samba.org> wrote: > >> Hi, >> >> we have updated our samba4 AD a few weeks ago from 4.4.latest -> >> 4.5.latest using the sernet packages. > You do realise that the 4.5.x series is now EOL as far as Samba is > concerned. > >> We are using open-xchange(OX) as web-mail. The ox is using ldap to >> authenticate the users. >> >> It is still working, but only for users created BEFORE we did the >> update. All new users can not login! >> >> From the log file we only get an: >> >> ERROR: No user found with sAMAccountName=USERNAME >> >> but ldapsearch is working for sAMAccountName=USERNAME. >> >> It might be more an open-xchange issue, but may be someone had a >> similar problem. >> > This is very probably an OX problem, probably the search is relying on > an attribute or objectclass that it shouldn't. > >> Can I use tcpdump between the OX-Server and our SAMBA4 server to see >> the difference between an old and a new user ? > Probably, but wouldn't it be easier to just dump the AD object of a > user that works and the AD object of one that doesn't and then compare > them ?How can I compare it ? ldapsearch for both accounts does not show any differences (for me) ... Bye, Peer> Rowland > > >-- Mit freundlichen Grüßen, Peer-Joachim Koch ________________________________________________________ Max-Planck-Institut für Biogeochemie Dr. Peer-Joachim Koch Hans-Knöll Str.10 Telefon: ++49 3641 57-6705 D-07745 Jena Telefax: ++49 3641 57-7705