On Tue, 2005-03-22 at 12:41 -0500, John Zakhar wrote: > Tony Earnshaw wrote: > > >John Zakhar: > > > > > > > >>First email was rejected due to size so the log files are inline in the > >>msg now.. > >> > >>I have NEVER had so much trouble with a > >>samba PDC before. I need to turn in my unix admin license, this is > >>pathetic... > >> > >> > > > >Hey wait a minute, we all get fits like that now and again. Have to admit > >that mine mostly come with Windows, I can always get Unix/Linux to work ;) > > > >This could take some time, I live in Europe, it's near my bedtime, I'm > >licked for today and I need sleep. What's more, I'm a modem person at home > >and am only connected a couple of times a day. > > > >Anyway: I have a 75+ PDC running "at work", with Samba 3.0.11 and OpenLDAP > >2.2.23. on RHAS3, so ... > > > > > > > >>Anyway, I am here. When trying to join a domain with the administrator > >>account I get "no mapping between account name and security ID's was done" > >> And the joining fails... > >> > >> > >>All the needed files are attached, from the ldap log. to the samba.conf > >>to the ldifs of the machine, root and admin account. Trying with the root > >>account nets me the same error > >> > >> > > > >There's too much shit there. You're getting hung up in the details. And I > >didn't see any LDAP log, even if I had, it probably would have been > >useless. You need to do a 'tail -f' on it (-d 256) while things are > >happening to get any sense from it. > > > >Your local SIDs are all messed up for a start. You have: > > > >S-1-5-21-1391849139-953726148-1374988380 > >and > >S-1-5-21-3107161993-1039155829-3332455197 > > > >all mixed up together. > > > >And the following SIDs can surely not be right: > > > >Administrators (S-1-5-32-544) -> Administrators > >Print Operators (S-1-5-32-550) -> Print Operators > >Backup Operators (S-1-5-32-551) -> Backup Operators > >Replicators (S-1-5-32-552) -> Replicators > > > >Get all that sorted out before you go on. > > > >Your smb.conf looks more or less o.k. (didn't dwell on it) > > > >You're using the Idealx crap without understanding LDAP or what you're > >doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. Look > >at the alternative Appendix A method of using LDAP in Samba in the Samba > >HOWTO. Here are my mappings up to now at my production site (sorry about > >the wrapping, I decided to use SquirrelMail for this mail and it always > >breaks at 76 chars): > > > >Domain Admins (S-1-5-21-2520587299-2798274336-2978297563-512) -> domadmin > >Domain Guests (S-1-5-21-2520587299-2798274336-2978297563-514) -> domguest > >Domain Users (S-1-5-21-2520587299-2798274336-2978297563-513) -> domuser > >Leden van Personeel (S-1-5-21-2520587299-2798274336-2978297563-8001) -> > >personeel > >Leden van Docenten (S-1-5-21-2520587299-2798274336-2978297563-1001) -> > >docenten > >Leden van Leerlingen (S-1-5-21-2520587299-2798274336-2978297563-2001) -> > >leerlingen > >Leden van Directie (S-1-5-21-2520587299-2798274336-2978297563-10001) -> > >directie > >Administratie (S-1-5-21-2520587299-2798274336-2978297563-15007) -> > >administratie > > > >Never mind that you don't know what the Dutch words mean. See that I map > >from NT IDs to Unix IDs where the Unix IDs are Posix IDs? See that the > >domain SIDs are all the same? > > > >The secrets are in Appendix A of the Samba HOWTO and in getting things > >working with GQ. > > > >Get those right, and I'll see if I can come back tomorrow ;) > > > >Best, > > > >--Tonni > > > >-- > >mail: [EMAIL PROTECTED] > >http://www.billy.demon.nl > > > > > > > Tony Earnshaw wrote: > > > John Zakhar: > > > > > > > >> First email was rejected due to size so the log files are inline in the > >> msg now.. > >> > >> I have NEVER had so much trouble with a > >> samba PDC before. I need to turn in my unix admin license, this is > >> pathetic... > >> > > > > > > Hey wait a minute, we all get fits like that now and again. Have to admit > > that mine mostly come with Windows, I can always get Unix/Linux to > > work ;) > > > > This could take some time, I live in Europe, it's near my bedtime, I'm > > licked for today and I need sleep. What's more, I'm a modem person at > > home > > and am only connected a couple of times a day. > > > > Anyway: I have a 75+ PDC running "at work", with Samba 3.0.11 and > > OpenLDAP > > 2.2.23. on RHAS3, so ... > > > > > > > >> Anyway, I am here. When trying to join a domain with the administrator > >> account I get "no mapping between account name and security ID's was > >> done" > >> And the joining fails... > >> > >> > >> All the needed files are attached, from the ldap log. to the samba.conf > >> to the ldifs of the machine, root and admin account. Trying with the > >> root > >> account nets me the same error > >> > > > > > > There's too much shit there. You're getting hung up in the details. And I > > didn't see any LDAP log, even if I had, it probably would have been > > useless. You need to do a 'tail -f' on it (-d 256) while things are > > happening to get any sense from it. > > > > Your local SIDs are all messed up for a start. You have: > > > > S-1-5-21-1391849139-953726148-1374988380 > > and > > S-1-5-21-3107161993-1039155829-3332455197 > > > > all mixed up together. > > > > And the following SIDs can surely not be right: > > > > Administrators (S-1-5-32-544) -> Administrators > > Print Operators (S-1-5-32-550) -> Print Operators > > Backup Operators (S-1-5-32-551) -> Backup Operators > > Replicators (S-1-5-32-552) -> Replicators > > > > Get all that sorted out before you go on. > > > > Your smb.conf looks more or less o.k. (didn't dwell on it) > > > > You're using the Idealx crap without understanding LDAP or what you're > > doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. > > Look > > at the alternative Appendix A method of using LDAP in Samba in the Samba > > HOWTO. Here are my mappings up to now at my production site (sorry about > > the wrapping, I decided to use SquirrelMail for this mail and it always > > breaks at 76 chars): > > > > Domain Admins (S-1-5-21-2520587299-2798274336-2978297563-512) -> domadmin > > Domain Guests (S-1-5-21-2520587299-2798274336-2978297563-514) -> domguest > > Domain Users (S-1-5-21-2520587299-2798274336-2978297563-513) -> domuser > > Leden van Personeel (S-1-5-21-2520587299-2798274336-2978297563-8001) -> > > personeel > > Leden van Docenten (S-1-5-21-2520587299-2798274336-2978297563-1001) -> > > docenten > > Leden van Leerlingen (S-1-5-21-2520587299-2798274336-2978297563-2001) -> > > leerlingen > > Leden van Directie (S-1-5-21-2520587299-2798274336-2978297563-10001) -> > > directie > > Administratie (S-1-5-21-2520587299-2798274336-2978297563-15007) -> > > administratie > > > > Never mind that you don't know what the Dutch words mean. See that I map > > from NT IDs to Unix IDs where the Unix IDs are Posix IDs? See that the > > domain SIDs are all the same? > > > > The secrets are in Appendix A of the Samba HOWTO and in getting things > > working with GQ. > > > > Get those right, and I'll see if I can come back tomorrow ;) > > > > Best, > > > > --Tonni > > > > -- > > mail: [EMAIL PROTECTED] > > http://www.billy.demon.nl > > > > > > > > >Your local SIDs are all messed up for a start. You have: > > >S-1-5-21-1391849139-953726148-1374988380 > >and > >S-1-5-21-3107161993-1039155829-3332455197 > > >all mixed up together. > > >And the following SIDs can surely not be right: > > >Administrators (S-1-5-32-544) -> Administrators > >Print Operators (S-1-5-32-550) -> Print Operators > >Backup Operators (S-1-5-32-551) -> Backup Operators > >Replicators (S-1-5-32-552) -> Replicators > > >Get all that sorted out before you go on. > > >Your smb.conf looks more or less o.k. (didn't dwell on it) > > >You're using the Idealx crap without understanding LDAP or what you're > >doing. Use GQ 1.0beta1 for managing your Your mappings are all wrong. Look > >at the alternative Appendix A method of using LDAP in Samba in the Samba > >HOWTO. Here are my mappings up to now at my production site (sorry about > >the wrapping, I decided to use SquirrelMail for this mail and it always > > I have been working with LDAP for many many years, while I may not have > a complete understanding on the IDEALX tools, I fully understand LDAP > and all it's innerworkings to the "t" =) > I also use ldapbrowser from time to time if i need a GUI utility. > I will work on fixing the SID's right now. Seems like a good place to > start, I am going to respond in this one email to all the questions > posed so far.. > > > Also, I am a newbie to LDAP too but shouldn't your suffixes be the > > full DN. > > For example, instead of > > > Yes, you are correct. however it is just a "best practices" thing. I > have 38 unix servers using that directory for system/ftp/ssh logins and > so on. The former admin had no concept of LDAP and just winged it, And a > year later after he was fired and I was hired on here we are. I cannot > at this time make any major modifications to our directory structure as > we have clients who use this for various things and the paths are hard > coded (this happened before I got here and I threw a fit when I found out.) > > > No - I think that ldap machine suffix = ou=Computers > > is sufficient and proper for the above > > the ldap filter should probably be commented out though - but it should > > work. > > Craig > > > Yeah the machine accounts are found during an ldap query > > ldap log of the join > > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 fd=13 ACCEPT from > IP=172.28.0.46:34015 (IP=0.0.0.0:389) > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SRCH > attr=supportedControl > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(&(uid=administrator)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" > > > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SRCH attr=uid > uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange > sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn > displayName sambaHomeDrive sambaHomePath sambaLogonScript > sambaProfilePath description sambaUserWorkstations sambaSID > sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName > objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount > sambaBadPasswordTime sambaPasswordHistory modifyTimestamp > sambaLogonHours modifyTimestamp > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3335 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:50 vnldap02 slapd[20690]: conn=3336 fd=23 ACCEPT from > IP=172.28.0.46:34016 (IP=0.0.0.0:389) > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=0 BIND dn="" method=128 > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=posixAccount)(uid=administrator))" > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SRCH attr=uid > userPassword uidNumber gidNumber cn homeDirectory loginShell gecos > description objectClass > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=posixAccount)(uid=administrator))" > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=3 SRCH > base="ou=Groups,o=ventusnetworks.com,dc=na" scope=1 deref=0 > filter="(&(objectClass=posixGroup)(|(memberUid=administrator)(uniqueMember=uid=administrator,ou=staff,o=ventusnetworks.com,dc=na)))" > > > Mar 22 10:27:51 vnldap02 slapd[20690]: conn=3336 op=3 SRCH attr=gidNumber > Mar 22 10:27:51 vnldap02 slapd[20690]: <= bdb_equality_candidates: > (uniqueMember) index_param failed (18) > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3336 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3335 op=3 UNBIND > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3335 fd=13 closed > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 fd=13 ACCEPT from > IP=172.28.0.46:34017 (IP=0.0.0.0:389) > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SRCH > attr=supportedControl > Mar 22 10:27:52 vnldap02 slapd[20690]: conn=3337 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:53 vnldap02 slapd[20690]: conn=3337 op=2 SRCH > base="ou=Groups,o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))" > Mar 22 10:27:53 vnldap02 slapd[20690]: conn=3337 op=2 SRCH > attr=gidNumber sambaSID sambaGroupType sambaSIDList description > displayName cn objectClass > Mar 22 10:27:53 vnldap02 slapd[20690]: <= bdb_equality_candidates: > (gidNumber) index_param failed (18) > Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3337 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3337 fd=13 closed > Mar 22 10:27:54 vnldap02 slapd[20690]: conn=3336 fd=23 closed > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 fd=13 ACCEPT from > IP=172.28.0.46:34018 (IP=0.0.0.0:389) > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SRCH > attr=supportedControl > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(&(uid=administrator)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" > > > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SRCH attr=uid > uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange > sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn > displayName sambaHomeDrive sambaHomePath sambaLogonScript > sambaProfilePath description sambaUserWorkstations sambaSID > sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName > objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount > sambaBadPasswordTime sambaPasswordHistory modifyTimestamp > sambaLogonHours modifyTimestamp > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3338 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 fd=23 ACCEPT from > IP=172.28.0.46:34019 (IP=0.0.0.0:389) > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=0 BIND dn="" method=128 > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=posixAccount)(uid=administrator))" > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SRCH attr=uid > userPassword uidNumber gidNumber cn homeDirectory loginShell gecos > description objectClass > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=posixAccount)(uid=administrator))" > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=3 SRCH > base="ou=Groups,o=ventusnetworks.com,dc=na" scope=1 deref=0 > filter="(&(objectClass=posixGroup)(|(memberUid=administrator)(uniqueMember=uid=administrator,ou=staff,o=ventusnetworks.com,dc=na)))" > > > Mar 22 10:27:55 vnldap02 slapd[20690]: conn=3339 op=3 SRCH attr=gidNumber > Mar 22 10:27:55 vnldap02 slapd[20690]: <= bdb_equality_candidates: > (uniqueMember) index_param failed (18) > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3339 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3338 op=3 UNBIND > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3338 fd=13 closed > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 fd=13 ACCEPT from > IP=172.28.0.46:34020 (IP=0.0.0.0:389) > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SRCH > attr=supportedControl > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=2 SRCH > base="ou=Groups,o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))" > Mar 22 10:27:57 vnldap02 slapd[20690]: conn=3340 op=2 SRCH > attr=gidNumber sambaSID sambaGroupType sambaSIDList description > displayName cn objectClass > Mar 22 10:27:57 vnldap02 slapd[20690]: <= bdb_equality_candidates: > (gidNumber) index_param failed (18) > Mar 22 10:27:58 vnldap02 slapd[20690]: conn=3340 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3340 op=3 UNBIND > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3340 fd=13 closed > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 fd=13 ACCEPT from > IP=172.28.0.46:34021 (IP=0.0.0.0:389) > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SRCH > attr=supportedControl > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(&(uid=ibm-zus90725eca$)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" > > > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SRCH attr=uid > uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange > sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn > displayName sambaHomeDrive sambaHomePath sambaLogonScript > sambaProfilePath description sambaUserWorkstations sambaSID > sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName > objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount > sambaBadPasswordTime sambaPasswordHistory modifyTimestamp > sambaLogonHours modifyTimestamp > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 op=3 UNBIND > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3341 fd=13 closed > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 fd=13 ACCEPT from > IP=172.28.0.46:34022 (IP=0.0.0.0:389) > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:27:59 vnldap02 slapd[20690]: conn=3342 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SRCH > attr=supportedControl > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SRCH > base="o=ventusnetworks.com,dc=na" scope=2 deref=0 > filter="(&(&(uid=ibm-zus90725eca$)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount))" > > > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SRCH attr=uid > uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange > sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn > displayName sambaHomeDrive sambaHomePath sambaLogonScript > sambaProfilePath description sambaUserWorkstations sambaSID > sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName > objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount > sambaBadPasswordTime sambaPasswordHistory modifyTimestamp > sambaLogonHours modifyTimestamp > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 op=2 SEARCH RESULT > tag=101 err=0 nentries=1 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 fd=24 ACCEPT from > IP=127.0.0.1:35926 (IP=0.0.0.0:389) > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3342 fd=13 closed > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3339 fd=23 closed > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=1 BIND dn="" method=128 > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SRCH attr=gidNumber > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:28:00 vnldap02 slapd[20690]: conn=3343 fd=24 closed > Mar 22 10:28:59 vnldap02 slapd[20690]: conn=3344 fd=13 ACCEPT from > IP=127.0.0.1:35927 (IP=0.0.0.0:389) > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=1 BIND dn="" method=128 > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SRCH attr=gidNumber > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:29:00 vnldap02 slapd[20690]: conn=3344 fd=13 closed > Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3345 fd=13 ACCEPT from > IP=192.168.1.120:55825 (IP=0.0.0.0:389) > Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 fd=23 ACCEPT from > IP=192.168.1.120:59984 (IP=0.0.0.0:389) > Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3345 fd=13 closed > Mar 22 10:29:30 vnldap02 slapd[20690]: do_search: invalid dn (base) > Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 op=0 SEARCH RESULT > tag=101 err=34 nentries=0 text=invalid DN > Mar 22 10:29:30 vnldap02 slapd[20690]: conn=3346 fd=23 closed > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 fd=13 ACCEPT from > IP=127.0.0.1:35928 (IP=0.0.0.0:389) > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3348 fd=23 ACCEPT from > IP=127.0.0.1:35929 (IP=0.0.0.0:389) > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3349 fd=24 ACCEPT from > IP=127.0.0.1:35930 (IP=0.0.0.0:389) > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3350 fd=25 ACCEPT from > IP=127.0.0.1:35931 (IP=0.0.0.0:389) > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 op=1 BIND dn="" method=128 > Mar 22 10:30:00 vnldap02 slapd[20690]: conn=3347 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=1 BIND dn="" method=128 > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SRCH attr=gidNumber > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=1 BIND dn="" method=128 > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3347 fd=13 closed > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SRCH attr=gidNumber > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3350 op=1 BIND dn="" method=128 > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3350 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3348 fd=23 closed > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:30:01 vnldap02 slapd[20690]: conn=3349 op=3 SRCH attr=gidNumber > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=mailman))" > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3349 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3349 fd=24 closed > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=mailman))" > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SRCH attr=gidNumber > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:30:02 vnldap02 slapd[20690]: conn=3350 fd=25 closed > Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 fd=13 ACCEPT from > IP=127.0.0.1:35932 (IP=0.0.0.0:389) > Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=1 BIND dn="" method=128 > Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=1 RESULT tag=97 > err=0 text= > Mar 22 10:31:00 vnldap02 slapd[20690]: conn=3351 op=2 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixAccount)(uid=root))" > Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=2 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SRCH base="dc=na" > scope=0 deref=0 filter="(&(objectClass=posixGroup)(memberUid=root))" > Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SRCH attr=gidNumber > Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 op=3 SEARCH RESULT > tag=101 err=0 nentries=0 text= > Mar 22 10:31:01 vnldap02 slapd[20690]: conn=3351 fd=13 closed > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 fd=13 ACCEPT from > IP=172.28.0.46:34023 (IP=0.0.0.0:389) > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 BIND > dn="cn=Manager,dc=na" method=128 > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 BIND > dn="cn=Manager,dc=na" mech=SIMPLE ssf=0 > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=0 RESULT tag=97 > err=0 text= > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SRCH base="" > scope=0 deref=0 filter="(objectClass=*)" > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SRCH > attr=supportedControl > Mar 22 10:31:08 vnldap02 slapd[20690]: conn=3352 op=1 SEARCH RESULT > tag=101 err=0 nentries=1 text= ---- besides an exhaustive slapd log - was there a question somewhere - if there was, I missed it.
There is a kiss principle - keep it short and precise Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
