[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Samba failed to bind Ldap



Sir,

Good Day!

Below is my smb.conf and slapd.conf file

################ smb.conf ################################
[global]
workgroup = FCB.NET
realm = FCB.NET
netbios aliases = smbldap.fcb.net
server string = FCB File Sharing
log file = /var/log/samba/log.%m
max log size = 500
log level = 2
encrypt passwords = yes
passwd program = /usr/local/sbin/smbldap-passwd -o %u
socket options = TCP_NODELAY
interfaces = eth0
local master = yes
preferred master = yes
passdb backend = ldapsam
domain logons = yes
keepalive = 10
os level = 64
ldap passwd sync = Yes
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
valid users = isd
add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel -r "%u"
add user to group script = /usr/local/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-groupmod -g "%g" "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add machine script = /usr/local/sbin/smbldap-useradd -w -d /dev/null -c 'Machine Account' -s /bin/false -g 'Domain Computers' '%u'
passdb backend = ldapsam:ldaps://127.0.0.1/
ldap ssl = on
ldap passwd sync = yes
ldap admin dn = cn=Manager,dc=fcb,dc=net
ldap delete dn = yes
ldap suffix = dc=fcb,dc=net
#ldap machine suffix = ou=Computers
#ldap users suffix = dc=fcb,dc=net
#ldap group suffix = ou=Groups


wins support = yes
dos charset = 850
dns proxy = no
unix charset = ISO8859-1
logon script = %U.bat
[netlogon]
comment = Domain Logon Service
path = /home/netlogon
browseable = No


[ISD]
   comment = Information Systems Division
   path = /home/isd
   valid users = @isd
   read only = No
   create mask = 0660
   directory mask = 0770

[profiles]
   path = /home/samba/profiles
   valid users = %U, "@Domain Admins"
   force user = %U
   read only = No
   create mask = 0600
   directory mask = 0700
   guest ok = Yes
   profile acls = Yes
   browseable = No
   csc policy = disable

########################## slapd.conf ##########################################

include            /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/samba.schema

allow bind_v2

pidfile        /usr/local/var/run/slapd.pid
argsfile    /usr/local/var/run/slapd.args

database    bdb
directory     /var/lib/ldap

suffix          "dc=fcb.net,dc=."
rootdn          "cn=Manager,dc=fcb.net,dc=."


#inserted at 5pm #limits dn="cn=Manager,dc=fcb,dc=net" #size.soft=-1 #size.hard=soft



index    objectClass,uidNumber,gidNumber                   eq
index   cn,sn,uid,displayName                       eq,pres,sub
index   memberUid,mail,givenname                       eq,subinitial
index   sambaSID,sambaPrimaryGroupSID,sambaDomainName  eq

rootpw    {SSHA}9c6LGBMLZeqDoEQfDT0lBIlvTw0GYu3k


access to attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange
by dn.children="dc=fcb.net,dc=." write
by self write
by anonymous auth
by * none


access to *
   by dn.children="dc=fcb.net,dc=." write
   by * read

########## E N D############

Thanks,

Emil Sicad



Buchan Milne wrote:
On Wednesday 26 November 2008 09:31:38 Emil Sicad - ISD wrote:
Good day to all,

Im new to LDAP,  I've been working with SAMBA-LDAP implem.
and i have these messages logs:


Nov 25 17:56:59 smbldap slapd[9974]: sql_select option missing Nov 25 17:56:59 smbldap slapd[9974]: auxpropfunc error no mechanism available Nov 25 17:56:59 smbldap ldap: slapd startup succeededs Nov 25 17:57:07 smbldap smbd[9987]: [2008/11/25 17:57:07, 0] lib/smbldap.c:smbldap_connect_system(850) Nov 25 17:57:07 smbldap smbd[9987]: failed to bind to server with dn= cn=Manager,dc=fcb.net,dc=. Error: Can't contact LDAP server Nov 25 17:57:07 smbldap smbd[9987]: (unknown) Nov 25 17:57:23 smbldap smbd[9987]: [2008/11/25 17:57:23, 0] lib/smbldap.c:smbldap_search_suffix(1155) Nov 25 17:57:23 smbldap smbd[9987]: smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out)

Question
1) Is my ldap working fine?

Can't tell, your ldap logging may not be high enough.

2) Why can't samba bind to Ldap?

You didn't include any of your samba (ldap-related) configuration, and that would really be more relevant on a samba list.


Regards,
Buchan