Hello All, I have samba (Version 3.4.7) installed on a Ubuntu Server 10.04 (64-bit) using apt. I'm attempting to authenticate users connecting to the samba share over LDAP following the documentation https://help.ubuntu.com/10.04/serverguide/C/samba-ldap.html, but the authentication over LDAP fails. The OpenLDAP server was already configured to include the samba.schema, so i have skipped all the steps that fall under the "OpenLDAP Configuration" section of the manual referenced earlier.
I have set the following directives in /etc/samba/smb.cnf file ####### Authentication ####### security = user encrypt passwords = true passdb backend = ldapsam:ldaps://ldap1.example.com/ ldap ssl = no ldap admin dn = cn=root,dc=example,dc=com ldap user suffix = ou=people,dc=example,dc=com ldap group suffix = ou=groups,dc=example,dc=com ldap suffix = dc=example,dc=com obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user =========== Share Definitions === [Documents] comment = Ubuntu File Server Share path = /data/Documents browsable = yes guest ok = no read only = no create mask = 0755 When a user tries to connect to the samba share the /var/log/samba/log.user file is populated with the following messages, [2011/10/06 10:15:53, 3] auth/auth.c:222(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [FILESERVER]\[amore]@[MACBOOKPRO-1B99] with the new password interface [2011/10/06 10:15:53, 3] auth/auth.c:225(check_ntlm_password) check_ntlm_password: mapped user is: [FILESERVER]\[amore]@[MACBOOKPRO-1B99] [2011/10/06 10:15:53, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/10/06 10:15:53, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/10/06 10:15:53, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/10/06 10:15:53, 2] lib/smbldap.c:890(smbldap_open_connection) smbldap_open_connection: connection opened [2011/10/06 10:15:53, 3] lib/smbldap.c:1101(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2011/10/06 10:15:53, 4] lib/smbldap.c:1177(smbldap_open) The LDAP server is successfully connected [2011/10/06 10:15:53, 4] passdb/pdb_ldap.c:1600(ldapsam_getsampwnam) ldapsam_getsampwnam: Unable to locate user [amore] count=0 [2011/10/06 10:15:53, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/10/06 10:15:53, 3] auth/auth_sam.c:282(check_sam_security) check_sam_security: Couldn't find user 'amore' in passdb. [2011/10/06 10:15:53, 2] auth/auth.c:320(check_ntlm_password) check_ntlm_password: Authentication for user [amore] -> [amore] FAILED with error NT_STATUS_NO_SUCH_USER [2011/10/06 10:15:53, 3] smbd/sesssetup.c:42(do_map_to_guest) No such user amore [FILESERVER] - using guest account [2011/10/06 10:15:53, 4] passdb/pdb_ldap.c:2550(ldapsam_getgroup) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) The messages in the /var/log/syslog file on the LDAP server are as follows, Oct 6 10:03:06 ldap1 slapd[450]: <= bdb_equality_candidates: (host) not indexed Oct 6 10:03:32 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSID) not indexed Oct 6 10:04:32 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSID) not indexed Oct 6 10:05:18 ldap1 slapd[450]: <= bdb_equality_candidates: (cn) not indexed Oct 6 10:05:18 ldap1 slapd[450]: <= bdb_substring_candidates: (sudoUser) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (cn) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_substring_candidates: (sudoUser) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaDomainName) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaGroupType) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSIDList) not indexed Oct 6 10:05:58 ldap1 slapd[450]: last message repeated 4 times Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaGroupType) not indexed Oct 6 10:05:58 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSIDList) not indexed Oct 6 10:06:13 ldap1 slapd[450]: last message repeated 4 times Oct 6 10:06:13 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSID) not indexed Oct 6 10:07:22 ldap1 slapd[450]: <= bdb_equality_candidates: (sambaSID) not indexed Oct 6 10:08:33 ldap1 slapd[450]: last message repeated 3 times Here are some details of the packages installed, slapd: version 2.4.21-0ubuntu5.4 libnss-ldapd: version 0.7.13 Samba and OpenLDAP are running on two different systems. LDAP users can ssh into the machine running samba without any issues. Can anybody point me in the right direction? I would appreciate all your time and help. Thanks, Amit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba