[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: samba ldap

To: Zdenek Styblik <stybla@turnovfree.net>
Subject: Re: samba ldap
From: Kaushal Shriyan <kaushalshriyan@gmail.com>
Date: Thu, 29 Oct 2009 00:00:03 +0530
Cc: Brett Maxfield <brett.maxfield@gmail.com>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=XIqcE9AZDK9noPgUJBxXVMfjF/TpIFZggNw3S3WiUjA=; b=GI52IVuHdGTKVEgiW8jvx9ZxPAVYVLtj2sD82J8OlZIvgdTIiqqN9VtRsKVXoyY7QU V9F4MYgPo5DgkHGhSogGj3TlH+y8xRhwqLP5oFQp4xp61MUo8k3hgTxo+bDYkzHE+Ucg mh9DLiAA0g8J4QRgkUMWmn2N7v7cttnaqj39E=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=W/j1xmmAZSM1vCtYzB473ryjNz5F40dYzuyXzPbDOBYzoE9keoVvSJUG4PkhGfYlAt DPgCtv4kI2mLkInElYolPlHcAySgaA54zdjQMcgXLmjAJDoEgywijSBbAJuCuZFJkkwe GkeyQpWaGTiH4eFifYPkXYUkt+6ORYYRQtETw=
In-reply-to: <4AE88C9D.20600@turnovfree.net>
References: <57E4E4D6-F795-489B-A110-C3B48B509A60@gmail.com> <6b16fb4c0910280836ib53819bo79409c327ca184e6@mail.gmail.com> <4AE8885D.6050103@turnovfree.net> <6b16fb4c0910281114j55597e76g8e9d149ca716818c@mail.gmail.com> <4AE88C9D.20600@turnovfree.net>

On Wed, Oct 28, 2009 at 11:55 PM, Zdenek Styblik <stybla@turnovfree.net> wrote:
> Kaushal Shriyan wrote:
>> On Wed, Oct 28, 2009 at 11:37 PM, Zdenek Styblik <stybla@turnovfree.net> wrote:
>>> Kaushal Shriyan wrote:
>>>> On Wed, Oct 28, 2009 at 5:17 AM, Brett Maxfield
>>>> <brett.maxfield@gmail.com> wrote:
>>>>> The log from samba says ldap: where's your test command says ldaps: maybe
>>>>> try ldap: from test command in case you only listen for ssl?
>>>>>
>>>>> On 27/10/2009, at 7:28 PM, Kaushal Shriyan <kaushalshriyan@gmail.com> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I am following https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
>>>>>> and ldap works perfectly fine.
>>>>>> I have issues with connecting to ldap from samba.
>>>>>>
>>>>>> I get
>>>>>>
>>>>>> [2009/10/27 12:37:28, 1] lib/smbldap.c:another_ldap_try(1153)
>>>>>> Connection to LDAP server failed for the 9 try!
>>>>>> [2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_open_connection(786)
>>>>>> smbldap_open_connection: connection opened
>>>>>> [2009/10/27 12:37:29, 2] lib/smbldap.c:smbldap_connect_system(982)
>>>>>> failed to bind to server ldap://localhost/ with
>>>>>> dn="cn=admin,dc=mt,dc=webaroo,dc=com" Error: Can't contact LDAP server
>>>>>>     (unknown)
>>>>>>
>>>>>> I have ldapserver running on the same server as samba server is
>>>>>> running. when i run ldapsearch -x -H ldaps://localhost. I am able to
>>>>>> see the user details.
>>>>>> Please let me know if anyone needs configs and additional information.
>>>>>> Also when i run smbldap-populate, i get
>>>>>> http://paste.ubuntu.com/302630/
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Kaushal
>>>> Hi,
>>>>
>>>> Below are my configs.
>>>>
>>>> http://pastebin.com/dcb24c87 ---> ldap.conf
>>>> http://pastebin.com/d721f0d4d ---> slapd.conf
>>>> http://pastebin.com/d102cbfc5 --->samba.conf
>>>> http://pastebin.com/d4a02b874 --> smbldap.conf
>>>> http://pastebin.com/d716fddc0 ---> smbldap_bind.conf
>>>>
>>>> I am running both ldap and samba server on the same host running on
>>>> ubuntu 8.04 Hardy server. I am following
>>>> https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html. I get the
>>>> below issue when i run smbldap-populate I get
>>>> http://pastebin.com/d30ed0db6.
>>>>
>>>> Please let me know if anyone needs more information.
>>>>
>>>> Thanks,
>>>>
>>>> Kaushal
>>>
>>> As three of already pointed out, the error is probably in ldap X ldaps.
>>> I recommend you to read smbldap.conf carefully.
>>>
>>> --- snip ---
>>> masterLDAP="127.0.0.1"
>>>
>>> #
>>> # Use TLS for LDAP
>>> #
>>> # If set to 1, this option will use start_tls for connection
>>> #
>>> # (you should also used the port 636)
>>> #
>>> # If not defined, parameter is set to "1"
>>> #
>>> ldapTLS="0"
>>> #
>>> ldapSSL="1"
>>> ------------
>>>
>>> It should be obvious (yes, set ldapSSL=0; set ldapTLS=1).
>>>
>>> btw your configs don't show whether is LDAP listening - is it port 389,
>>> or 636? Or better, it would be great to show parameters passed to # slapd;
>>
>> Hi Zdenek Styblik
>>
>> My slapd is running on port 636. so is it ldapSSL=1; set ldapTLS=0 ?
>>
>> Please suggest/guide.
>>
>> Thanks,
>>
>> Kaushal
>
> Try ldapSSL=0 + ldapTLS=1; as ldapSSL would be required for slapd
> listening at 389, imho.
> Check the log, if:
>> failed to bind to server ldap://localhost/ with
>
> got changed to:
>> .... bind to server ldaps://localhost/ ....
>
> Zdenek
>
> --
> Zdenek Styblik
> Net/Linux admin
> OS TurnovFree.net
> email: stybla@turnovfree.net
> jabber: stybla@jabber.turnovfree.net
>

Hi Zdenek,

I changed as suggested by you
I get http://pastebin.com/d26f0e671

Any further ideas.

Thanks,

Kaushal

Follow-Ups:
- Re: samba ldap
  - From: Zdenek Styblik <stybla@turnovfree.net>

References:
- Re: samba ldap
  - From: Brett Maxfield <brett.maxfield@gmail.com>
- Re: samba ldap
  - From: Kaushal Shriyan <kaushalshriyan@gmail.com>
- Re: samba ldap
  - From: Zdenek Styblik <stybla@turnovfree.net>
- Re: samba ldap
  - From: Kaushal Shriyan <kaushalshriyan@gmail.com>
- Re: samba ldap
  - From: Zdenek Styblik <stybla@turnovfree.net>

Prev by Date: Re: samba ldap
Next by Date: Re: samba ldap
Index(es):
- Chronological
- Thread