Thank you for your response. I appreciate it. I changed the following directives, passdb backend = ldapsam:ldap://ldap1.example.com/ ldap user suffix = ou=people ldap group suffix = ou=groups
Added the following, ldap admin dn = cn=root,dc=example,dc=com ldap machine suffix = ou=people LDAP users are still not able to authenticate to the samba share. The error is the same. Heres an extract from the log file (/var/log/samba/user.log) [2011/10/06 13:48:38, 3] auth/auth.c:222(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [FILESERVER]\[amore]@[MACBOOKPRO-1B99] with the new password interface [2011/10/06 13:48:38, 3] auth/auth.c:225(check_ntlm_password) check_ntlm_password: mapped user is: [FILESERVER]\[amore]@[MACBOOKPRO-1B99] [2011/10/06 13:48:38, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/10/06 13:48:38, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/10/06 13:48:38, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/10/06 13:48:38, 2] lib/smbldap.c:890(smbldap_open_connection) smbldap_open_connection: connection opened [2011/10/06 13:48:38, 3] lib/smbldap.c:1101(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2011/10/06 13:48:38, 4] lib/smbldap.c:1177(smbldap_open) The LDAP server is successfully connected [2011/10/06 13:48:38, 4] passdb/pdb_ldap.c:1600(ldapsam_getsampwnam) ldapsam_getsampwnam: Unable to locate user [amore] count=0 [2011/10/06 13:48:38, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/10/06 13:48:38, 3] auth/auth_sam.c:282(check_sam_security) check_sam_security: Couldn't find user 'amore' in passdb. [2011/10/06 13:48:38, 2] auth/auth.c:320(check_ntlm_password) check_ntlm_password: Authentication for user [amore] -> [amore] FAILED with error NT_STATUS_NO_SUCH_USER [2011/10/06 13:48:38, 3] smbd/sesssetup.c:42(do_map_to_guest) No such user amore [FILESERVER] - using guest account [2011/10/06 13:48:38, 4] passdb/pdb_ldap.c:2550(ldapsam_getgroup) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) [2011/10/06 13:48:38, 3] smbd/sec_ctx.c:210(push_sec_ctx) Thanks, Amit On Oct 6, 2011, at 1:27 PM, Miguel Medalha wrote: > >> ldap user suffix = ou=people,dc=example,dc=com >> ldap group suffix = ou=groups,dc=example,dc=com >> ldap suffix = dc=example,dc=com > > Since your suffix is already in "ldap suffix", the other entries should be: > > ldap user suffix = ou=people > ldap group suffix = ou=groups > > Don't you need the entry "ldap machine suffix"? > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba