On Mon, 2005-03-21 at 11:30 -0800, Theodore Jencks wrote: > Figure this out a little further: > > I had the following in my smb.conf: > idmap uid = 10000-20000 > idmap gid = 10000-20000 > idmap backend = ldap:ldap://localhost > ldap admin dn = cn=manager,dc=navis,dc=net > ldap suffix = "ou=smb,dc=navis,dc=net" > ldap idmap suffix = "ou=idmap" > > I took the quotes off and now Winbind seems to connect to LDAP fine: > ldap suffix = ou=smb,dc=navis,dc=net > ldap idmap suffix = ou=idmap > > > I'm now getting this when I start Winbind in the Winbind log: > [2005/03/21 11:16:25, 5] lib/gencache.c:gencache_init(59) > Opening cache file at /var/lock/samba/gencache.tdb > [2005/03/21 11:16:25, 5] libsmb/namecache.c:namecache_enable(58) > namecache_enable: enabling netbios namecache, timeout 660 seconds > [2005/03/21 11:16:25, 5] sam/idmap.c:smb_register_idmap(91) > smb_register_idmap: Successfully added idmap backend 'ldap' > [2005/03/21 11:16:25, 5] sam/idmap.c:smb_register_idmap(91) > smb_register_idmap: Successfully added idmap backend 'tdb' > [2005/03/21 11:16:25, 3] sam/idmap.c:idmap_init(132) > idmap_init: using 'ldap' as remote backend > [2005/03/21 11:16:25, 5] lib/smbldap.c:smbldap_search(1038) > smbldap_search: base => [ou=idmap,ou=smb,dc=navis,dc=net], filter => > [(objectclass=sambaUnixIdPool)], scope => [2] > [2005/03/21 11:16:25, 5] lib/smbldap.c:smbldap_close(949) > The connection to the LDAP server was closed > [2005/03/21 11:16:25, 2] lib/smbldap.c:smbldap_open_connection(692) > smbldap_open_connection: connection opened > [2005/03/21 11:16:26, 3] lib/smbldap.c:smbldap_connect_system(866) > ldap_connect_system: succesful connection to the LDAP server > ldap_connect_system: LDAP server does support paged results > [2005/03/21 11:16:26, 4] lib/smbldap.c:smbldap_open(929) > The LDAP server is succesfully connected > [2005/03/21 11:16:26, 2] lib/tallocmsg.c:register_msg_pool_usage(57) > Registered MSG_REQ_POOL_USAGE > [2005/03/21 11:16:26, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) > Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED > [2005/03/21 11:16:26, 2] > nsswitch/winbindd_util.c:add_trusted_domain(175) > Added domain HQ HQ.NAVIS.NET S-0-0 > [2005/03/21 11:16:26, 4] > passdb/secrets.c:secrets_fetch_trust_account_password(290) > Using cleartext machine password > > > However I still think there is a problem because getent passwd only > returns local usernames. When I'm not using the ldap idmap backend > getent passwd runs as expected giving both local and domain usernames. > > Any help appreciated, > Theo > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Theodore Jencks > Sent: Monday, March 21, 2005 9:52 AM > To: [email protected] > Subject: RE: [Samba] idmap LDAP backend > > Ok, I made the change however the LDAP backend for idmap is still not > working. I set Winbind to debugging level 5 and get the following in > the logs: > > [2005/03/21 09:45:05, 2] lib/interface.c:add_interface(81) > added interface ip=192.168.192.112 bcast=192.168.195.255 > nmask=255.255.252.0 > [2005/03/21 09:45:05, 5] lib/util.c:init_names(256) > Netbios name list:- > my_netbios_names[0]="THEO" > [2005/03/21 09:45:05, 2] lib/interface.c:add_interface(81) > added interface ip=192.168.192.112 bcast=192.168.195.255 > nmask=255.255.252.0 > [2005/03/21 09:45:05, 5] lib/gencache.c:gencache_init(59) > Opening cache file at /var/lock/samba/gencache.tdb > [2005/03/21 09:45:05, 5] libsmb/namecache.c:namecache_enable(58) > namecache_enable: enabling netbios namecache, timeout 660 seconds > [2005/03/21 09:45:05, 5] sam/idmap.c:smb_register_idmap(91) > smb_register_idmap: Successfully added idmap backend 'ldap' > [2005/03/21 09:45:05, 5] sam/idmap.c:smb_register_idmap(91) > smb_register_idmap: Successfully added idmap backend 'tdb' > [2005/03/21 09:45:05, 3] sam/idmap.c:idmap_init(132) > idmap_init: using 'ldap' as remote backend > [2005/03/21 09:45:05, 5] lib/smbldap.c:smbldap_search(1038) > smbldap_search: base => ["ou=idmap","ou=smb,dc=navis,dc=net"], filter > => [(objectclass=sambaUnixIdPool)], scope => [2] > [2005/03/21 09:45:05, 5] lib/smbldap.c:smbldap_close(949) > The connection to the LDAP server was closed > [2005/03/21 09:45:05, 2] lib/smbldap.c:smbldap_open_connection(692) > smbldap_open_connection: connection opened > [2005/03/21 09:45:05, 3] lib/smbldap.c:smbldap_connect_system(866) > ldap_connect_system: succesful connection to the LDAP server > ldap_connect_system: LDAP server does support paged results > [2005/03/21 09:45:05, 4] lib/smbldap.c:smbldap_open(929) > The LDAP server is succesfully connected > [2005/03/21 09:45:05, 0] sam/idmap.c:idmap_init(138) > idmap_init: failed to initialize remote backend! > > > Looks like it tries to get what are called paged results and then it > fails to initialize remote backend. I'm not quite sure what is going on > here and any further guidance would be greatly appreciated. > > Thanks in advance, > Theo > > -----Original Message----- > From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] > Sent: Friday, March 18, 2005 7:18 AM > To: Theodore Jencks > Cc: [email protected] > Subject: Re: [Samba] idmap LDAP backend > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Theodore Jencks wrote: > > | ldap idmap suffix = "ou=idmap,ou=smb,dc=navis,dc=net" > | ldap suffix = "ou=smb,dc=navis,dc=net" > > > change this to > > ldap suffix = "ou=smb,dc=navis,dc=net" > ldap idmap suffix = "ou=idmap" > > > > cheers, jerry Seeing something similar myself. ldap_initialize: Time limit exceeded [2005/03/21 23:08:34, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 2 try! [2005/03/21 23:08:35, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Time limit exceeded [2005/03/21 23:08:35, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 3 try! [2005/03/21 23:08:36, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Time limit exceeded [2005/03/21 23:08:36, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 4 try! [2005/03/21 23:08:37, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Time limit exceeded [2005/03/21 23:08:37, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 5 try! [2005/03/21 23:08:38, 0] lib/smbldap.c:smbldap_open_connection(599) ldap_initialize: Time limit exceeded [2005/03/21 23:08:38, 1] lib/smbldap.c:another_ldap_try(990) Connection to LDAP server failed for the 6 try!
All other aspects of the ldap server appear to be working. I am testing with Centos 4. samba-3.0.10-1.4E smbldap-tools-0.8.7-2.2.el4.rf openldap-2.2.13-2 Could be a pilot error in my case, as I am doing a OX/Ldap/Samba integration and still getting my feet wet, still have quite a few things I need to recheck. Ted -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
