Hello all
First of all Sorry for the long e-mail I am trying to get samba working as a domain member and store the idmap in a ldap database. The join is successful and all commands are working like it should wbinfo –u, wbinfo –g kinit enz But the id administrator command gives me the following # id administrator id: administrator: no such user If I do not use the ldap backend it works well. This is on FreeBSD 7_RELEASE with samba 3.0.32 and openldap 2.3.43 I did do all the things mentioned in chapter 7 of the by example doc. Also the smbpasswd –w 12345 I am working on this for over 3 days now but my ldap understanding is not that much I guess. What am I forgetting or doing wrong. Best regards, Johan Hendriks My slapd.conf file # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/misc.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/openldap.schema include /usr/local/etc/openldap/schema/samba.schema loglevel 256 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "dc=double-l,dc=local" rootdn "cn=Manager,dc=double-l,dc=local" rootpw = 12345 directory /usr/local/var/db/openldap-data # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub my ldap.con and nss_ldap.conf file base dc=double-l,dc=local binddn cn=Manager,dc=double-l,dc=local bindpw 12345 pam_password exop bind_policy soft bind_timelimit 10 host 127.0.0.1 idle_timelimit 3600 ldap_version 3 nss_base_group ou=Groups,dc=double-l,dc=local?one nss_base_passwd ou=People,dc=double-l,dc=local?one nss_base_shadow ou=People,dc=double-l,dc=local?one nss_connect_policy persist nss_paged_results yes pagesize 1000 port 389 timelimit 30 my vi /etc/nsswitch.conf group: files ldap group_compat: nis hosts: files dns networks: files passwd: files ldap passwd_compat: nis shells: files services: compat services_compat: nis protocols: files rpc: files my idmap.ldiff file dn: dc=snowshow,dc=com objectClass: dcObject objectClass: organization dc: snowshow o: The Greatest Snow Show in Singapore. description: Posix and Samba LDAP Identity Database dn: cn=Manager,dc=snowshow,dc=com objectClass: organizationalRole cn: Manager description: Directory Manager dn: ou=Idmap,dc=snowshow,dc=com objectClass: organizationalUnit ou: idmap and finally my smb.conf file [global] workgroup = DOUBLE-L netbios name = BEASTY realm = DOUBLE-L.LOCAL server string = Samba Server security = ADS log level = 1 ads:10 auth:10 sam:10 rpc:10 ldap admin dn = cn=Manager,dc=DOUBLE-L,dc=LOCAL ldap idmap suffix = ou=Idmap ldap suffix = dc=DOUBLE-L,dc=LOCAL idmap backend = ldap:ldap://127.0.0.1 idmap uid = 150000-550000 idmap gid = 150000-550000 template shell = /usr/local/bin/bash winbind use default domain = Yes [share1] comment = Data Directory path = /mnt #write list = @mr70 read only = no create mask = 0777 directory mask = 0777 and my /etc/krb5.conf file [libdefaults] default_realm = DOUBLE-l.LOCAL clockskew = 300 [realms] DOUBLE-l.LOCAL = { kdc = w2003s01.double-l.local } [domain_realm] .double-l.local = DOUBLE-l.LOCAL This is a part of my slapd.log file after a restart of samba and a id administrator command Oct 21 16:47:34 beasty slapd[60723]: conn=7 fd=13 closed (connection lost) Oct 21 16:47:34 beasty slapd[60723]: conn=8 fd=15 closed (connection lost) Oct 21 16:47:34 beasty slapd[60723]: conn=6 fd=12 closed (connection lost) Oct 21 16:47:35 beasty slapd[60723]: conn=13 fd=12 ACCEPT from IP=127.0.0.1:58176 (IP=127.0.0.1:389) Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" method=128 Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" mech=SIMPLE ssf=0 Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=0 RESULT tag=97 err=0 text= Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=1 SRCH base="ou=Groups,dc=double-l,dc=local" scope=1 deref=0 filter="(&(objectClass=posixGroup))" Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=1 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Oct 21 16:47:35 beasty slapd[60723]: conn=13 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text= Oct 21 16:47:35 beasty slapd[60723]: conn=14 fd=13 ACCEPT from IP=127.0.0.1:60398 (IP=127.0.0.1:389) Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=0 BIND dn="cn=Manager,dc=DOUBLE-L,dc=LOCAL" method=128 Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" mech=SIMPLE ssf=0 Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=0 RESULT tag=97 err=0 text= Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=1 SRCH attr=supportedControl Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=2 SRCH base="ou=Idmap,dc=DOUBLE-L,dc=LOCAL" scope=2 deref=0 filter="(objectClass=sambaUnixIdPool)" Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=2 SRCH attr=uidNumber gidNumber objectClass Oct 21 16:47:35 beasty slapd[60723]: conn=14 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Oct 21 16:47:35 beasty slapd[60723]: conn=15 fd=15 ACCEPT from IP=127.0.0.1:60156 (IP=127.0.0.1:389) Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=0 BIND dn="cn=Manager,dc=DOUBLE-L,dc=LOCAL" method=128 Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" mech=SIMPLE ssf=0 Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=0 RESULT tag=97 err=0 text= Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=1 SRCH attr=supportedControl Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=2 SRCH base="ou=Idmap,dc=DOUBLE-L,dc=LOCAL" scope=2 deref=0 filter="(&(objectClass=sambaIdmapEntry)(gidNumber=65534))" Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=2 SRCH attr=sambaSID uidNumber gidNumber objectClass Oct 21 16:47:35 beasty slapd[60723]: conn=15 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Oct 21 16:47:50 beasty slapd[60723]: conn=16 fd=17 ACCEPT from IP=127.0.0.1:50821 (IP=127.0.0.1:389) Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" method=128 Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=0 BIND dn="cn=Manager,dc=double-l,dc=local" mech=SIMPLE ssf=0 Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=0 RESULT tag=97 err=0 text= Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=1 SRCH base="ou=People,dc=double-l,dc=local" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=administrator))" Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass shadowLastChange shadowMax shadowExpire Oct 21 16:47:50 beasty slapd[60723]: conn=16 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text= Oct 21 16:47:50 beasty slapd[60723]: conn=16 fd=17 closed (connection lost) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
