----------------------------------- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 11/01/2005 17:06:16 : > Hi again, > > you say, i cannot compile with --with-ldap and --with-ldapsam. > Can you tell me why ? --with-ldap is used for samba-3 schema --with-ldapsam is used for old samba 2.2 schema. You can also read this : http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#id2531776 > Which one should i use, my intention is to > store all the secrets and attributs samba needs > in an openldap-Server ... ? Ok, I have a samba server with this configuration Samb with LDAP+ACL > Greets Harry > > [EMAIL PROTECTED] schrieb: > > > > > > > > > > You cannot compile with --with-ldap and --with-ldapsam both. > > > > > > ----------------------------------- > > Stéphane PURNELLE [EMAIL PROTECTED] > > Service Informatique Corman S.A. Tel : 00 32 087/342467 > > > > [EMAIL PROTECTED] a écrit sur > > 11/01/2005 16:52:21 : > > > > > >>Hi, > >> > >>i compiled with the following little script : > >>---snipp-- > >>#!/bin/sh > >># > >># configure & make template-script > >># > >># generated 2005.01.07 13:09,33 by make-mk > >># > >># (c) H. Rueter 01/2005 > >># > >>CPPFLAGS="-I /usr/local/bdb-4.3/include > >>LDFLAGS="-L /usr/local/bdb-4.3/lib > >>PATH=/usr/local/heimdal/bin:$PATH > >> > >>LD_LIBRARY_PATH="/usr/local/bdb-4.3/lib:$LD_LIBRARY_PATH" > >> > >>export CPPFLAGS LDFLAGS LD_LIBRARY_PATH PATH > >> > >>make clean > >> > >>./configure \ > >>--prefix=/usr/local/samba-3.0.10 \ > >>--mandir=/usr/man \ > >>--enable-static=yes \ > >>--enable-shared=yes \ > >>--enable-cups \ > >>--with-smbwrapper \ > >>--with-ldap \ > >>--with-ads \ > >>--with-krb5=/usr/local/heimdal \ > >>--with-automount \ > >>--with-smbmount \ > >>--with-pam \ > >>--with-pam_smbpass \ > >>--with-ldapsam \ > >>--with-syslog \ > >>--with-profiling-data \ > >>--with-quotas \ > >>--with-sys-quotas \ > >>--with-utmp \ > >>--with-manpages-langs={en} \ > >>--with-libsmbclient \ > >>--with-acl-support \ > >>--with-sendfile-support \ > >>--with-winbind \ > >>--with-included-popt \ > >>&& make && make install > >>---snipp-- > >> > >>So compiled in both options , is this a mistake ? > >> > >>greets Harry > >> > >>[EMAIL PROTECTED] schrieb: > >> > >>> > >>> > >>>Hi, > >>> > >>>have compiled with --with-ldap or --with-ldapsam ? > >>> > >>>If --with-ldap, you must delete these lines : > >>>ldap server = 486dx66.hrnet.de > >>>ldap port = 1389 > >>> > >>> > >>> > >>> > >>>----------------------------------- > >>>Stéphane PURNELLE [EMAIL PROTECTED] > >>>Service Informatique Corman S.A. Tel : 00 32 087/342467 > >>> > >>>[EMAIL PROTECTED] a écrit sur > >>>11/01/2005 16:33:31 : > >>> > >>> > >>> > >>>>Hi everybody, > >>>> > >>>>i'm having serious problems with the configuration > >>>>of samba 3.0.10. > >>>> > >>>>First my setup : > >>>> > >>>>samba-3.0.10 built from source > >>>>openldap-2.2.20 built from source > >>>>OS : Suse Linux 7.1 (but updated -> Kernel 2.4.27) > >>>> > >>>>My problem : > >>>>------------ > >>>> > >>>>I'm trying to use smbpasswd like the following : > >>>> > >>>>---snipp--- > >>>>[PTS2] 486dx66:/usr/local/samba3 # bin/smbpasswd -D 10 tina > >>>>Netbios name list:- > >>>>my_netbios_names[0]="486DX66" > >>>>Trying to load: ldapsam:ldap://486dx66.hrnet.de:1389/ > >>>>Attempting to register passdb backend ldapsam > >>>>Successfully added passdb backend 'ldapsam' > >>>>Attempting to register passdb backend ldapsam_compat > >>>>Successfully added passdb backend 'ldapsam_compat' > >>>>Attempting to register passdb backend smbpasswd > >>>>Successfully added passdb backend 'smbpasswd' > >>>>Attempting to register passdb backend tdbsam > >>>>Successfully added passdb backend 'tdbsam' > >>>>Attempting to register passdb backend guest > >>>>Successfully added passdb backend 'guest' > >>>>Attempting to find an passdb backend to match > >>>> > >>>>---snipp--- > >>>> > >>>>Everything seems to be okay, > >>>>but the following lines are the important ones ... > >>>> > >>>>---snipp--- > >>>>ldapsam:ldap://486dx66.hrnet.de:1389/ (ldapsam) > >>>>Found pdb backend ldapsam > >>>>Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))] > >>>>smbldap_search: base => [dc=hrnet,dc=de], filter => > >>>>[(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))], scope => [2] > >>>>smbldap_open_connection: ldap://486dx66.hrnet.de:1389/ > >>>>smbldap_open_connection: connection opened > >>>>fetch_ldap_pw: neither ldap secret retrieved! > >>>>ldap_connect_system: Failed to retrieve password from secrets.tdb > >>>>Connection to LDAP server failed for the 1 try! > >>>>---snipp--- > >>>> > >>>>And so on. So, it is said, there's a connection opened to > >>>>ldap://486dx66.hrnet.de:1389/ > >>>>but it isn't as the logs auf openldap show (there's no entry which > > > > shows > > > >>>>any connection from smbpasswd to LDAP-Server, believe me, i can't show > >>>>you anything,although loglevel is set to -1, which means that > >>>>everything would/will be logged) > >>>> > >>>>So one could think, there's simple a problem with OpenLDAP, > >>>>so let's try a similar search : > >>>> > >>>>---snipp--- > >>>>[PTS2] 486dx66:/usr/local/samba3 # ../openldap-2.2/bin/ldapsearch -x -H > >>>>ldap://486dx66.hrnet.de:1389 -b dc=hrnet,dc=de -s sub > >>>>'(&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN))' > >>>># extended LDIF > >>>># > >>>># LDAPv3 > >>>># base <dc=hrnet,dc=de> with scope sub > >>>># filter: (&(objectClass=sambaDomain)(sambaDomainName=HRDOMAIN)) > >>>># requesting: ALL > >>>># > >>>> > >>>># HRDOMAIN, hrnet.de > >>>>dn: sambaDomainName=HRDOMAIN,dc=hrnet,dc=de > >>>>sambaNextUserRid: 41000 > >>>>sambaSID: S-1-5-21-2344209003-2394295749-876522236 > >>>>objectClass: sambaDomain > >>>>sambaAlgorithmicRidBase: 1000 > >>>>sambaDomainName: HRDOMAIN > >>>> > >>>># search result > >>>>search: 2 > >>>>result: 0 Success > >>>> > >>>># numResponses: 2 > >>>># numEntries: 1 > >>>>[PTS2] [EMAIL PROTECTED]:/usr/local/samba3 # > >>>> > >>>>---snipp--- > >>>> > >>>>So OpenLDAP works , i can see it in the logs too .... > >>>>(too much to show, so you must believe me ;o) > >>>> > >>>>Now my question : > >>>> > >>>>Does anybody see, where the problem comes from, > >>>>is there a mistake in my smb.conf or does anyone > >>>>have hints/solutions ? > >>>> > >>>>I tried with ssl=on,ssl=off,ssl = start tls, > >>>>but this didn't change anything. > >>>>It must be a samba problem as all tools i tried are working > >>>>well with Openldap (did mostly try a search to test ..) > >>>> > >>>> > >>>>Here is my smb.conf (only the globals) : > >>>> > >>>>---snipp--- > >>>>[global] > >>>> netbios name = 486DX66 > >>>> workgroup = HRDOMAIN > >>>> domain logons = Yes > >>>> domain master = Yes > >>>> security = User > >>>> > >>>> server string = Samba-PDC %v on %h > >>>> > >>>> passdb backend = ldapsam:ldap://486dx66.hrnet.de:1389/ > >>>> > >>>> ldap server = 486dx66.hrnet.de > >>>> ldap suffix = "dc=hrnet,dc=de" > >>>> ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))" > >>>> ldap port = 1389 > >>>> ldap admin dn = "cn=ldapadmin,dc=hrnet,dc=de" > >>>> ldap ssl = off > >>>> ldap user suffix = ou=users > >>>> ldap group suffix = ou=groups > >>>> ldap machine suffix = ou=machines > >>>> > >>>> encrypt passwords = yes > >>>> time server = Yes > >>>> > >>>> kernel oplocks = no > >>>> short preserve case = yes > >>>> wins support = no > >>>> case sensitive = no > >>>> max log size = 1000 > >>>> > >>>> lock dir = /var/lock/samba > >>>> log file = /var/log/samba-%m.log > >>>> load printers = yes > >>>> logon drive = v: > >>>> os level = 255 > >>>> create mask = 0661 > >>>> logon home = \\%N\%u\.profiles > >>>> printing = cups > >>>> printcap = cups > >>>> > >>>> > >>>>---snipp--- > >>>> > >>>>So, i would be very thankfull if someone > >>>>could give me a hint ... > >>>> > >>>>If mor informations/logs/traces are needed tell > >>>>me, i will send them .. > >>>> > >>>>grets Harry > >>>>-- > >>>>To unsubscribe from this list go to the following URL and read the > >>>>instructions: https://lists.samba.org/mailman/listinfo/samba > >>> > >>> > >>-- > >>To unsubscribe from this list go to the following URL and read the > >>instructions: https://lists.samba.org/mailman/listinfo/samba > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba