[Samba] smbd: nss_ldap: could not search LDAP server - Can't contact LDAP server and Samba shares are dropped
List, I am encountering some really strange behaviour with Samba 3.0.20 and OpenLDAP 2.2.28. Everything in terms of PAM and NSS has been working correctly for a long time and have not been changed in months. This week it has started playing up, with NT_STATUS_LOGON_FAILURE type errors. The local ldap server is replicated from a master. In syslog, I see things like Jun 16 16:06:14 s-sophia smbd: nss_ldap: could not search LDAP server - Can't contact LDAP server At this point, the samba shares are no longer available, but LDAP is not down: I can do a search: s-sophia:~# ldapsearch -b ou=People,dc=bpinet,dc=com -xh localhost '(uid=xxx)' # extended LDIF # # LDAPv3 # base ou=People,dc=bpinet,dc=com with scope sub # filter: (uid=xxx) # requesting: ALL # # xxx, Sophia Antipolis, People, bpinet.com dn: uid=xxx,ou=Sophia Antipolis,ou=People,dc=bpinet,dc=com cn: xxx description: xxx displayName: xxx gecos: xxx gidNumber: 513 homeDirectory: /home/xxx loginShell: /bin/false sambaHomeDrive: H: [...stuff deleted...] # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 ## Also, while Samba is out to lunch, I can also see the account via pdbedit: s-sophia:~# pdbedit -vu xxx Unix username:xxx NT username: xxx Account Flags:[U ] User SID: S-1-5-21-1150874807-1180408084-429402335-13524 Primary Group SID:S-1-5-21-1150874807-1180408084-429402335-513 [...etc etc...] ## Things run fine for a number of minutes (never the same duration) and then samba sessions begin to be refused. I've cranked up the openldap logs, and see that queries continue to be sent and answered: Jun 16 14:14:33 s-sophia slapd[7077]: conn=37 op=13 SRCH base=ou=People,dc=bpinet,dc=com scope=2 deref=0 filter=((objectClass=posixAccount)(uidNumber=6739)) Jun 16 14:14:33 s-sophia slapd[7077]: conn=37 op=13 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Jun 16 14:14:33 s-sophia slapd[7077]: conn=37 op=13 SEARCH RESULT tag=101 err=0 nentries=1 text= If I stop samba and slapd and restart slapd and samba (in that order), things start working again. No db_recover, no nothing else. I don't know what else to look at. Any ideas on how I can zero in on the underlying cause? Thanks, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd: nss_ldap: could not search LDAP server - Can't contact LDAP server and Samba shares are dropped
Hi, I Believe that this could be a corrupted secrets.tdb file that may be losing your ldap password. Please note that this is only a guess. I really can't offer you too much in the way of help. Your logs show a search of ldap for a lot of posix account information. I don't know if that is normal or not, but if it isn't, then maybe winbind is causing some trouble cause that might be why the search chases after those attributes. If I'm off track, sorry about that. You could also have one of the two of them causing some locking. How are you doing for space, as in hard drive space? I really hope someone else is much more helpful than I am. Good luck!!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd: nss_ldap: could not search LDAP server - Can't contact LDAP server and Samba shares are dropped
On 6/19/06, Michael Cassaniti [EMAIL PROTECTED] wrote: Hi, I Believe that this could be a corrupted secrets.tdb file that may be losing your ldap password. Please note that this is only a guess. I really can't offer you too much in the way of help. If that were the case, then once it was corrupted, it wouldn't work after a shutdown and restart, wouldn't it? Your logs show a search of ldap for a lot of posix account information. I don't know if that is normal or not, but if it isn't, then maybe winbind is causing some trouble cause that might be why the search chases after those attributes. If I'm off track, sorry about that. I'm not running winbind. Í'm using NSS to obtain account information. You could also have one of the two of them causing some locking. How are you doing for space, as in hard drive space? No problem with respect to space. How would I see if locking was occurring? I really hope someone else is much more helpful than I am. So do I :) But thank-you for taking the time to respond Good luck!!! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
