search for: simplesecurityobject

Hi, I'm trying to access to the internal's ldap of samba4 (running as AD-DC) with a simpleSecurityObject entry. It seems that the authentication process searches only 'user' objects (objectclass=user) in the ldb. Is that possible to configure the auth behavior ? I'd like to use simpleSecurityObject (that aren't 'user') to manage entries from cron, cgi and so on, without all...

...cn: Manager description: Manager # Setting up container for users dn: ou=People,dc=sovereign objectclass: top objectclass: organizationalUnit ou: People # Setting up admin handle for people dn: cn=admin,ou=People,dc=sovereign cn: admin objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: ********************************* # Setting up container for groups dn: ou=Groups,dc=sovereign objectclass: top objectclass: organizationalUnit ou: Groups # Setting up admin for Groups ou dn: cn=admin,ou=Groups,dc=sovereign cn: admin objectclass: top objectclass: organizationalRole...

...Setting up container for users dn: ou=People,dc=nephrology,dc=iupui,dc=edu objectclass: top objectclass: organizationalUnit ou: People # Setting up admin handle for People OU dn: cn=root,ou=People,dc=nephrology,dc=iupui,dc=edu cn: root objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: same as slapd # Setting up container for groups dn: ou=Groups,dc=nephrology,dc=iupui,dc=edu objectclass: top objectclass: organizationalUnit ou: Groups # Setting up admin handle for Groups OU dn: cn=root,ou=Groups,dc=nephrology,dc=iupui,dc=edu cn: root objectclass: top objectclass:...

I'm trying to get Samba up but I can't seem to get the LDAP connection working correctly. I can run a search from ldapsearch, but samba is complaining that it can't connect. Here's the error from log.smbd [2004/12/29 16:04:04, 0] lib/smbldap.c:smbldap_connect_system(850) failed to bind to server with dn= cn=Manager Error: Invalid credentials [2004/12/29 16:04:04, 1]

...s done. :-) How I did it was like this: 1. I set up a new OU called "Access Groups". 2. I created a new groupOfNames object in that OU called "Domain Controllers" For the "member" attribute, use the dn of the host record for your primary DC. 3. Using gq, I added simpleSecurityObject to the host record so that it would have a password. Note: Probably can't use the machine account instead due to some rather complex password issues. 4. I set the password by pasting the results of the following command into the userPassword attribute: [root@massive openldap]$ read -sp &...

...ydomain,dc=com the slapcat result dn: dc=bean,dc=mydomain,dc=com objectClass: top objectClass: dcObject objectClass: organization o: mydomain.com dc:bean structuralObjectClass: organization creatorsName: cn=admin,dc=bean,dc=mydomain,dc=com dn: cn=admin,dc=bean,dc=mydomain,dc=com objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator modifiersName: cn=admin,dc=bean,dc=mydomain,dc=com could you please hint us what can be the problem? ldap server is up and running. gsumk

...: 7e30d0ea-1e5c-102a-8a41-fe12d5744b3f creatorsName: cn=admin,dc=test,dc=example,dc=net modifiersName: cn=admin,dc=test,dc=example,dc=net createTimestamp: 20060120235909Z modifyTimestamp: 20060120235909Z entryCSN: 20060120235909Z#000001#00#000000 dn: cn=admin,dc=test,dc=example,dc=net objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword:: e1NTSEF9bEZuVVQyZ1I0bi9jWTd1Q3U2em9qZkkwb1YveVp5STYg structuralObjectClass: organizationalRole entryUUID: 7e441dbc-1e5c-102a-8a42-fe12d5744b3f creatorsName: cn=admin,dc=test,dc=example,dc=net modifiersName: cn=...

...se are required for ... something dn: ou=computers,dc=wingnut,dc=no objectClass: organizationalUnit ou:: Y29tcHV0ZXJzIA== description: Computers that are members of the Skogfaret domain dn: cn=admin,ou=groups,dc=wingnut,dc=no cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: xx dn: cn=admin,ou=computers,dc=wingnut,dc=no cn: admin objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: xx dn: uid=maxuid,dc=wingnut,dc=no objectClass: top objectClass: account description: 1000 uid: maxuid dn: uid=eivind,ou=users,...

Hello, I've been trying to get part of a disk visible from a HP J5600 Unix machine (hostname = oed209, IP = 192.168.33.209) running HP-UX 10.26 and Samba v1.9.18p7 to a MicronPC XKE Laptop (hostname = oed123, IP = 192.168.33.123) running W98SE. Net masks on both machines are set to 255.255.255.0. Neither machine uses DHCP. Hostnames, their aliases, and their IP addresses are defined on both

Is anyone using LDAP along with Dovecot where mail is being accessed in the form of /var/vmail/${domain}/${user}? I have not figured out how to extract the domain from LDAP in order to make this work. I know this is sparse information but maybe there is an easy fix. If not, I can post more information. Bryan

...strator password in my clients for obvious reasons. If I was using OpenLDAP (as I am on the non-Samba4 systems), I would create a suitable bind DN in the database: dn: cn=<hostname>,ou=Binddn,dc=... cn: <hostname> objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject userPassword:: <base64-password> and use this binddn on the clients; this works thanks to the ACL's that I have in the slapd configuration. However, this technique does not work with the Samba4 LDAP server presumably because the dn does not have suitable access rights to the databas...

...login: Disconnected: user=<ole_wobble>, method=PLAIN, rip=157.193.44.68, lip=157.193.40.36, TLS This is my database: dn: dc=zalm,dc=UGent,dc=be objectClass: top objectClass: dcObject objectClass: organization o: Universiteit Gent dc: zalm dn: cn=admin,dc=zalm,dc=UGent,dc=be objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword:: e2NyeXB0fVpsbWpDb21kL3JSbkU= dn: ou=accounts,dc=zalm,dc=UGent,dc=be objectClass: top objectClass: organizationalUnit ou: accounts dn: cn=dovecot,ou=accounts,dc=zalm,dc=UGent,dc=be objectClass: top objectClass...

...1d0ac-262b-1030-84d2-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000000#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: cn=admin,dc=server,dc=nas objectClass: organizationalRole objectClass: simpleSecurityObject cn: admin userPassword:: c2VjcmV0 description: LDAP administrator structuralObjectClass: organizationalRole entryUUID: 64127830-262b-1030-84d3-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000001#00#000000 modifiersName: cn=admin,dc=...

...id=user,userPassword=passwordpass_filter = (&(objectClass=inetOrgPerson)(uid=%u))iterate_attrs = uid=useriterate_filter = (objectClass=inetOrgPerson)* The user I try to log in with is: *cn=Klara Fall,ou=People,dc=[domainname],dc=de* *objectclasses: inetOrgPerson, organizationalPerson, person, simpleSecurityObject,top* *sn=Fall* *userPassword is set* *mail: klara.fall@[domainname].de* *uid: klarafall* I want to try with auth bind because I think i understood whats going on with that. When i try to a login klarafall [password] it gives me a NO [AUTHENTICATIONFAILED] Authentication failed. Any clues? This w...

Samba 3.2.1 on linux OpenFiler 2.3 I have an external LDAP server with anonymous bind and pam ProFtpd linked to LDAP server works well without error But samba does not work, in smbd.log I have: [2008/09/09 22:01:54, 0] passdb/secrets.c:fetch_ldap_pw(888) fetch_ldap_pw: neither ldap secret retrieved! [2008/09/09 22:01:54, 0] lib/smbldap.c:smbldap_connect_system(952) ldap_connect_system:

...it doesn't pull it off to send the right request to the LDAP server. First of all, this is how my LDAP-entries look: # ht dn: dc=ht objectClass: top objectClass: dcObject objectClass: organization o: ip dc: ht # admin, ht dn: cn=admin,dc=ht objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword:: e1NTSEF9cFY1b0ZZVUhack1aRTVvaUg1T3c2cytVWHV4aUNvaHI= # people, ht dn: ou=people,dc=ht objectClass: organizationalUnit objectClass: top ou: people # groups, ht dn: o...

...king system. On this system user "Manager" is the superuser used to join workstations to the domain (as well as the LDAP access bootstrap). The domain SID in this example was S-1-5-21-4049341300-984804467-2912306435. ===== dn: cn=Manager,dc=ipswichschools,dc=org cn: Manager objectClass: simpleSecurityObject objectClass: organizationalRole objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount userPassword:: e01ENX0xbEVka1dSNUQzcFhOL0dYaW1CR2V3PT0= description: Network and LDAP administrator sambaSID: S-1-5-21-4049341300-984804467-2912306435-500 uid: Manager sambaPrimaryGroup...

...pt"" I can't see nothing wrong. The .ldif file follows my signature. Any help would be appreciated. Warm Regards, M?rio Gamito -- dn: dc=telbit,dc=pt objectClass: top objectClass: dcObject objectClass: organization o: telbit.pt dc: telbit dn: cn=admin,dc=telbit,dc=pt objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword: {crypt}T7rvJYPW0bBVs dn: ou=accounts,dc=telbit,dc=pt objectClass: top objectClass: organizationalUnit ou: accounts description: Users dn: ou=sistemas,dc=telbit,dc=pt objectClass: top objectClass: organizationa...

...ctClass=sambaSamAccount))(objectClass=sambaSamAccount)) This search fails, because the ldif displayed in the howto does not include the sambaSamAccount objectclass in the admin object: dn: cn=admin,ou=People,dc=quenya,dc=org cn: admin objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: {SSHA}c3ZM9tBaBo9autm1dL3waDS21+JSfQVz Does anyone have any step by step instructions for getting a Win2k box to join a Samba domain that is known to work? Regards, Graham --

...============================== ==========SMBLDAP-DSA.LDIFF====== dn: ou=DSA,dc=mtgmilw,dc=biz objectClass: top objectClass: organizationalUnit ou: DSA description: security accounts for LDAP clients dn: cn=samba,ou=DSA,dc=mtgmilw,dc=biz objectclass: organizationalRole objectClass: top objectClass: simpleSecurityObject userPassword: {MD5}z6esruJ0bazhCUSsbfqPnw== cn: samba dn: cn=nssldap,ou=DSA,dc=mtgmilw,dc=biz objectclass: organizationalRole objectClass: top objectClass: simpleSecurityObject userPassword: {MD5}z6esruJ0bazhCUSsbfqPnw== cn: nssldap dn: cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz objectclass: organ...