Hi Adam, nscd wasn't running on my machine. After setting the option ldapsam:trusted = yes smbd doesn"t start any longer I get the following error in /var/log/smbd.log:
[2009/03/09 22:01:31, 0] smbd/server.c:main(1063) ERROR: failed to setup guest info. I did add a nobody account & group to my LDAP database with the following DN's: cn: nobody uid: nobody uidNumber: 999 gidNumber: 65533 homeDirectory: /dev/null loginShell: /bin/false gecos: samba guest domain account description: samba guest domain account objectClass: posixAccount objectClass: sambaSamAccount objectClass: inetOrgPerson objectClass: shadowAccount objectClass: organizationalPerson objectClass: top objectClass: person sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 sambaAcctFlags: [NU ] sambaPrimaryGroupSID: S-1-0-0 sn: nobody sambaSID: S-1-5-21-2084689211-3812089025-2812341184-501 sambaDomainName: DOMAIN.TLD objectClass: posixGroup objectClass: sambaGroupMapping cn: nobody sambaGroupType: 2 displayName: nobody gidNumber: 65533 sambaSID: S-1-0-0 memberUid: nobody description: Domain Unix group What am I doing wrong? Thanks, Arthur 2009/3/9 Adam Tauno Williams <[email protected]> > On Mon, 2009-03-09 at 19:32 +0100, Arthur Odekerken wrote: > > I have succesfully setup a Samba server with OpenLDAP authentication. > > I also managed to authenticate against groups in my LDAP tree, so far so > > good. > > The only problem is that whenever I add or remove an entry from the LDAP > > group, samba doesn't see that immediately. When I restart the samba > daemon, > > it does pick up the change in the LDAP group. > > Can anybody tell me how I can refresh the authentication, without > restarting > > the daemon? > > I am using samba version 3.0.28-1.el5_2.1 on CentOS release 5.2 (Final) > and > > OpenLDAP version 2.3.27. > > > Try - > (a) enable ldapsam trusted = yes if you meet the requirements [see > documentation] > (b) disable the nscd service > -- > OpenGroupware developer: [email protected] > <http://whitemiceconsulting.blogspot.com/> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
