Displaying 4 results from an estimated 4 matches for "no_ldap_security".
2003 Jul 29
1
cannot access LDAP when not root
...1634)
ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
(Insufficient access)ldapsam_search_one_group: searching for:
[(&(objectClass=sambaGroupMapp
ing)(gidNumber=-1))]
Exploring the source code, I found It was related to the euid of samba
(file lib/smbldap.c) :
#ifndef NO_LDAP_SECURITY
if (geteuid() != 0) {
DEBUG(0, ("smbldap_open: cannot access LDAP when not root..
\n"));
return LDAP_INSUFFICIENT_ACCESS;
}
#endif
NO_LDAP_SECURITY was not defined during compilation... How could I resolve
the problem ? How could I have an...
2003 Sep 16
4
smbldap.c
Hi !
I was just wondering if that piece of code was important (for security
and such), because I had to comment it in smbldap.c before compiling
samba-3.0; otherwise, I would have errors like:
"(Insufficient access)smbldap_open: cannot access LDAP when not root"
#ifndef NO_LDAP_SECURITY
if (geteuid() != 0) {
DEBUG(0, ("smbldap_open: cannot access LDAP when not
root..\n"));
return LDAP_INSUFFICIENT_ACCESS;
}
#endif
Thanks in advance for your answer.
Antoine
2007 Apr 17
1
Log: lib/smbldap.c:smbldap_open(1009)
...anonicalise_acl(2218)
canon_ace index 2. Type = allow SID = S-1-22-2-0 gid 0 (0) SMB_ACL_GROUP
perms rwx
I could see in the source of smbldap.c the 'offending line' but it didn't
help this much since the only way I could devise to correct the problem
was to recompile the program with NO_LDAP_SECURITY, which seemed to me to
be not what I should do.
I can also read in the log that it looks for a group with 'gidNumber=0'
(what I have none). I could not see if these two messages are related.
Thanks for any help.
Ricardo
2004 Feb 18
1
Cannot Access LDAP when not root...
I'm trying to resolve an issue with Samba and LDAP. I'm using a program
called Spider that provides network based rendering using domain logons to
controll who can access the renders on the farm. It requires a group called
SpiderAdmin to be setup (which I've done) and have added the users into the
group. However, the only way that the SpiderAdmin users can access the
renders on the