Ok, that's a posibility, I know very little about the protocol internals. On
the contrary I used to have an old samba server (appart from server A)
authenticating against the Ldap simultaneously with Server A.
That old server is what I'm really trying to duplicate with a new installation
on new hardware.
Thanks, regards,
--
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: [EMAIL PROTECTED]
Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102
Fax: (+5982) 900-2952
Quinn Fissler wrote:
I think that you overlooked the SID
In standalone mode you're not worrying about a domain - the data in LDAP
is for your old server.
The new samba installation has a new SID and it's doing its search in
LDAP for that, finding no users.
I've only used samba and ldap in a domain so don't know much about your
options in standalone mode.
2008/7/2 Ernesto Silva <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>:
Hi,
I've running a samba 3.0.22-13.30 server in standalone mode
(security=user) for quite a while. It's authenticated against an
openLdap and works great, say Server A.
A few days ago I've installed OpenSuSE 11 Beta 2 in another server,
it came with samba 3.2.0-18, so as I'm very lazy I copied the
smb.conf file from the working server to the new one with little
modifications like the netbios name and which shares it serves, say
Server B. I'm connecting to the same Ldap server.
The problem is that I can't reach any share, from the Server B logs...
[2008/07/01 04:54:01, 1]
passdb/pdb_ldap.c:init_sam_from_ldap(567)
init_sam_from_ldap: No uid attribute found for this user!
[2008/07/01 04:54:01, 1]
passdb/pdb_ldap.c:ldapsam_getsampwnam(1531)
ldapsam_getsampwnam: init_sam_from_ldap failed for user
'xxxxx'!
I've been "googleing" for the last 8 hours and I can't fix the
problem, with a more verbose debug level I can see that the Ldap
connection works fine. I've also checked the Ldap logs and
everything is fine.
May be it's a problem with idmap-ing.
Here is my smb.conf file from the Server B, I've placed comments on
lines which differ from the Server A and commented out lines I
believe are not relevant to Server B.
-----------------------------------------------------------------
[global]
passdb expand explicit = no
utmp = Yes
workgroup = CPD
netbios name = OPEN # I've changed the
server string = File Server
passdb backend = ldapsam:ldap://ldapon.my.company
time server = Yes
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
username map = /etc/samba/smbusers
map to guest = Bad User
wins support = no # it's 'Yes' in the old server
local master = no # it's 'Yes' in the old server
domain master = no # it's 'Yes' in the old server
domain logons = no # it's 'Yes' in the old server
security = user
preferred master = no
os level = 64
encrypt passwords = yes
# logon script = test.bat
# logon path = \\%L\profiles\%U
# logon home = \\%L\%U
# logon drive = z:
# add user script = ldapsmb -a -u "%u"
# delete user script = ldapsmb -d -u "%u"
# add machine script = ldapsmb -a -s -wks "%u" -v --logfile
/var/log/samba/ldapsmb.log
# add group script = ldapsmb -a -g "%g"
# delete group script = ldapsmb -d -g "%g"
# add user to group script = ldapsmb -j -u "%u" -g "%g"
# delete user from group script = ldapsmb -j -u "%u" -g "%g"
# set primary group script = ldapsmb -m -u "%u" -gid "%g"
ldap admin dn = cn=Manager,dc=my,dc=company
ldap suffix = dc=my,dc=company
ldap machine suffix = ou=Computers
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap user suffix = ou=People
ldap passwd sync = Yes
log file = /var/log/samba/%m.log
log level = 1
load printers = no
[www2]
comment = webpages
path = /path/to/webpages
public = no
writeable = yes
browseable = yes
valid users = +groupA +groupB
force user = www2
create mask = 0775
dont descend = /bin,/boot,/dev,/etc,/lib,.....
-----------------------------------------------------------------
Please, any ideas?
Best regards,
--
Ing. Ernesto Silva.
Coordinador de Desarrollo Web y Sistemas Abiertos
Centro de Procesamiento de Datos
Universidad ORT Uruguay.
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Tel: (+5982) 903-1995, (+5982) 902-9687 ext. 102 Fax: (+5982) 900-2952
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
