Alex,
Hi there. This is our PDC & main file server. I started from scratch
with this one. New Centos 5 install then I copied the old printer .tdb
files as a "short cut" but samba was dumping core until I got rid of
them. So effectively I've blown it all away. LDAP manager secret has
been redone and I had the server rejoin the domain.
It's not like it isn't working, it is, but there are slowdowns and
delays and the "cannot access LDAP when not root.." error messages in
all users log files are the only things I've got to go on. Very
frustrating for the users.
i.e. 10-20 seconds for a directory to come up in Windows Explorer
initially, then it seems ok for a (very) short while, then it bogs down
again.
The LDAP server is remote but there doesn't seem to be much traffic and
there is negligible load on the LDAP server box.
I'm wondering if it's something in my LDAP. slapd.conf is largely
unchanged from before except for adding an index or 3 and removing
transport encryption. I've updated the samba schema because of the
changes in 3.0.23, reloaded the data and reindexed. No errors but no
improvement. Running the LDAP server locally doesn't seem to make a
difference.
ldapsearch -x -b "dc=yourbase,dc=net" "(ObjectClass=*)" as suggested by
Justin on the mailing list works fine from any number of places.
It really is very frustrating.
Bradley
Alex Crow wrote:
Bradley,
I see you are on the samba list too :-).
Is this an LDAP server running on the local box or elsewhere? I vaguely
remember something like this but I think I solved it by re-adding the
"manager" stuff in slapd.conf and making sure I'd stored the secret in
samba's tdb's with smbpasswd -W and then restarting smbd.
We've had .24 running OK on Suse 9.2 through 10.1. If you want to send
me your samba and openldap configs and I'll compare them to ours.
I've also had issues in the past with copying configs, especially .tdb
files. I usually find it's best to just blow them away and run the
relevant stuff again. I avoid the printer related stuff if you're
running a print server but everything else I've blasted, just set the
ldap manager secret, rejoined the domain (even if it's a DC, I hear you
should join it to its own domain) and all has been OK.
Cheers
Alex
On Tue, 2007-05-22 at 00:07 +1000, Bradley Tate wrote:
Hi
I was happy enough running SuSE 9.3 and samba 3.0.20 with openldap but
hardware problems forced me to move. I tried openSuSe 10.2 with samba
3.0.23 and 3.0.24 but kept getting strange interactions with openldap
and Internal Errors from samba, I realise now possibly due to copying
.dat files from the old setup.
I've now moved to something I know a bit better, which is a more redhat
like Centos 5 and have virtually installed from scratch except for the
LDAP directory and the smb.conf. I'm now getting heaps of the same
errors in the user logs.
Typically a fragment is:
[2007/05/21 23:45:18, 5] lib/smbldap.c:smbldap_search_ext(1179)
smbldap_search_ext: base => [ou=Groups,dc=objectmastery,dc=com],
filter => [(&(objectClass=sambaGroupMapping)(gidNumber=10
0))], scope => [2]
[2007/05/21 23:45:18, 0] lib/smbldap.c:smbldap_open(1009)
smbldap_open: cannot access LDAP when not root..
Any clues on how to get rid of the problem would be helpful, even if
it's to tell me more information is needed or where I should start
looking. Rollback is not an option.
Thanks,
Bradley
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
