Hello, I'm trying to use samba v3.3.8 on Centos 5.5 to act as a PDC, using ldap as the backend for users, groups, and computers. The ldap I'm using is Centos Directory Server v8.1.
The setting is a new, never used before, installation of samba and ldap. There are no users other than what exists by default after a Centos install. The smb.conf contains what is my best guess for the desired goal. The problem at the moment (besides having to guess at what to put in smb.conf - see below) is that smbd exits about 2 minutes after I start it. Here are what I think are the relevant bits from the log.smbd: [2011/01/18 13:40:42, 2] lib/smbldap_util.c:smbldap_search_domain_info(277) smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=CHI))] [2011/01/18 13:40:42, 2] lib/smbldap.c:smbldap_open_connection(856) smbldap_open_connection: connection opened [2011/01/18 13:40:42, 3] lib/smbldap.c:smbldap_connect_system(1067) ldap_connect_system: successful connection to the LDAP server [2011/01/18 13:40:42, 4] lib/smbldap.c:smbldap_open(1143) The LDAP server is successfully connected [2011/01/18 13:41:12, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1519) ldapsam_getsampwnam: Unable to locate user [root] count=0 [2011/01/18 13:41:42, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2481) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=0)) [2011/01/18 13:42:12, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2481) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-544)) [2011/01/18 13:42:27, 3] groupdb/mapping.c:pdb_create_builtin_alias(786) pdb_create_builtin_alias: Could not get a gid out of winbind [2011/01/18 13:42:27, 2] auth/token_util.c:create_local_nt_token(450) WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids? [2011/01/18 13:42:57, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2481) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545)) [2011/01/18 13:43:12, 1] passdb/pdb_ldap.c:ldapsam_enum_group_memberships(2871) User account [nobody] not found! [2011/01/18 13:43:12, 0] smbd/server.c:main(1404) ERROR: failed to setup guest info. winbind is running. log.winbindd contains nothing useful to me. log.winbindd-idmap contains lines suggesting it can't bind to the ldap server: 2011/01/18 13:42:41, 2] lib/smbldap.c:smbldap_connect_system(1052) failed to bind to server ldap://localhost with dn="uid=samba,ou=Special Users, dc=infinityhealthcare,dc=com" Error: Invalid credentials and [2011/01/18 13:42:49, 1] lib/smbldap.c:another_ldap_try(1231) Connection to LDAP server failed for the 8 try! Why doesn't the smbd log say something equivalent? In fact, it suggests the opposite, saying that "The LDAP server is successfully connected". I did set the samba admin dn's password with the command "smbpasswd -W" before starting either winbindd or smbd, and also verified that it is correct using the command "ldapsearch -x -h localhost -s sub -b ou=people,dc=infinityhealthcare,dc=com -D"uid=samba,ou=Special Users,dc=infinityhealthcare,dc=com" -W". Any ideas or suggestions? Thanks, Jon The rest of this email is my smb.conf: ============================= [global] workgroup = CHI server string = Samba Server Version %v netbios name = SAMBAPDC log file = /var/log/samba/log.%m log level = 4 max log size = 50 security = user passdb backend = ldapsam:ldap://localhost domain master = yes preferred master = yes domain logons = yes logon drive = N: logon path = \\%L\Profiles\%u logon script = %u.bat ldap admin dn = "uid=samba,ou=Special Users,dc=infinityhealthcare,dc=com" ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = out=IDmap ldap machine suffix = ou=Computers ldap suffix = dc=infinityhealthcare,dc=com ldap delete dn = no ldapsam:trusted = yes ldapsam:editposix = yes ldap ssl = off idmap backend = ldap:ldap://localhost idmap uid = 5000-50000 idmap gid = 5000-50000 winbind enum groups = yes winbind nested groups = yes template shell = /sbin/nologin template homedir = /home/%D/%U winbind use default domain = yes wins support = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [homes] comment = Home Directories browseable = no writable = yes [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no share modes = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
