Re: [Samba] smbldap_open: cannot access LDAP when not root..
Thanks Dale, Yes, i tried those things. I now have it working, but the answer was to not use the version of Samba that comes with Fedora 9 (3.2.0pre3, I think) I compiled 3.0.29 myself, then re-installed all the tdbs and LDAP stuff from the old server, then fired up that version, and all was well. BTW - to get 3.0.29 to compile on Fedora 9, I had to comment out some lines starting on line 37 or oplock_linux.c to remove the capget/capset stuff.In case anyone needs it, here's a patch: -8- PUT THIS IN samba-3.0.29/source/smbd, save it as Fedora9-patch1.diff and run 'patch -p0 Fedora9-patch1.diff -8- --- oplock_linux.c-orig 2008-05-27 13:17:16.0 -0400 +++ oplock_linux.c 2008-05-27 13:17:29.0 -0400 @@ -34,11 +34,11 @@ uint32 inheritable; } data; -extern int capget(struct cap_user_header * hdrp, +/* extern int capget(struct cap_user_header * hdrp, struct cap_user_data * datap); extern int capset(struct cap_user_header * hdrp, const struct cap_user_data * datap); - +*/ static SIG_ATOMIC_T signals_received; #define FD_PENDING_SIZE 100 static SIG_ATOMIC_T fd_pending_array[FD_PENDING_SIZE]; -8- -John Dale Schroeder [EMAIL PROTECTED] 05/27/2008 01:10 PM To [EMAIL PROTECTED] cc Subject Re: [Samba] smbldap_open: cannot access LDAP when not root.. John, You may have already done this, but == The only thing I can think of is rerunning smbpasswd -w. There's also mention of file permission changes here: http://www.archivum.info/linux.samba/2006-02/msg00037.html Good luck, Dale [EMAIL PROTECTED] wrote: Greetings list, I just upgraded my main file server, and copied over a dump of my LDAP database, samba conf files, tdbs, etc. Everything fired up OK and runs, except: -Some users (perhaps 5 or 6 out of 125) can't log in, getting the domain unavailable message -I can't rejoin them to the domain - the process appears to succeed, but doesn't -One of the machine accounts that doesn't work is my main print server :( The only log error I get is: [2008/05/27 10:21:43, 0] lib/smbldap.c:smbldap_open(1005) smbldap_open: cannot access LDAP when not root.. This occurs periodically in EVERY log file, even for working workstations. I have re-done granting rights to root/Administrator. I've double-checked everything I can think of, to no avail. Ideas would be greatly appreciated. Thanks, -John -- This e-mail is intended only for the named person or entity to which it is addressed and contains valuable business information that is privileged, confidential and/or otherwise protected from disclosure. Dissemination, distribution or copying of this e-mail or the information herein by anyone other than the intended recipient, or an employee, or agent responsible for delivering the message to the intended recipient, is strictly prohibited. All contents are the copyright property of the sender. If you are not the intended recipient, you are nevertheless bound to respect the sender's worldwide legal rights. We require that unintended recipients delete the e-mail and destroy all electronic copies in their system, retaining no copies in any media. If you have received this e-mail in error, please immediately notify us by calling our Help Desk at (603) 433-1143, or e-mail to [EMAIL PROTECTED] We appreciate your cooperation. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root..
I seem to recall discussion about fixing code in samba-ldap extensions that required execution as uid=root. I'm running on Debian (Etch) with samba 3.0.24 and have been encountering the following messages in my attemps to get pdbedit policies propegated across all DCs through ldap: [2008/03/01 00:56:13, 0] lib/smbldap.c:smbldap_open(1009) smbldap_open: cannot access LDAP when not root.. from smb.conf we have: ldap admin dn = uid=root,xy=blah,yz=blah,yz=blah Has anyone encountered this with 3.0.24 and is it fixed with 3.0.28? TIA --G. Clifford Williams gcw (AT) cashnetusa (dot) com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root..
Dear Help, I currently have a Samba PDC along with multiple BDCs using an eDirectory LDAP backend. While trying to figure out how to get the bad password account lockout feature to work, I managed to somehow mess up the samba PDC. If a user attempts to authenticate against the PDC with the correct password, all is well and works as usual. However, if I use an incorrect password, the Windows login box just kind of hangs. I've discovered that this is because (for some reason now) Samba is unable to update the LDAP server from the PDC (at least this is my theory based on the logs shown below). The interesting part is that if I authenticate against a BDC with an incorrect password, everything functions as normal. So, something I specifically did to the PDC (The only steps I can remember doing since before this problem occurred is replicating the account policies from the local tdb to ldap (using pdbedit) and attempting to rejoin the PDC to its own domain--which I had to delete and recreate the machine trust account again in the process). In any case, I'm currently getting the following error in my logs: [2007/08/09 12:38:24, 3] libsmb/ntlm_check.c:ntlm_password_check(207) ntlm_password_check: Interactive logon: NT password check failed for user testUser3 [2007/08/09 12:38:24, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(65534, 65533) : sec_ctx_stack_ndx = 1 [2007/08/09 12:38:24, 3] smbd/uid.c:push_conn_ctx(393) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2007/08/09 12:38:24, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2007/08/09 12:38:24, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (65534, 65533) - sec_ctx_stack_ndx = 0 [2007/08/09 12:38:24, 0] lib/smbldap.c:smbldap_open(943) smbldap_open: cannot access LDAP when not root.. [2007/08/09 12:38:24, 1] lib/smbldap.c:another_ldap_try(1072) Connection to LDAP server failed for the 1 try! [2007/08/09 12:38:25, 0] lib/smbldap.c:smbldap_open(943) smbldap_open: cannot access LDAP when not root.. [2007/08/09 12:38:25, 1] lib/smbldap.c:another_ldap_try(1072) Connection to LDAP server failed for the 2 try! [2007/08/09 12:38:26, 0] lib/smbldap.c:smbldap_open(943) smbldap_open: cannot access LDAP when not root.. [2007/08/09 12:38:26, 1] lib/smbldap.c:another_ldap_try(1072) Connection to LDAP server failed for the 3 try! [2007/08/09 12:38:27, 0] lib/smbldap.c:smbldap_open(943) ... [2007/08/09 12:38:39, 3] passdb/pdb_ldap.c:ldapsam_get_account_policy_from_ldap(3462) ldapsam_get_account_policy_from_ldap: Could not get account policy for sambaDomainName=PHSDOMAIN,o=PHS, error: Time limit exceeded () I have seen posts regarding this error when joining the domain... and even tried applying those solutions, but it doesn't seem to work. Any insight or help would be greatly appreciated. -Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root..
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eric PEYREMORTE wrote: Hi, I often have theses messages on my two samba 3.0.25a servers. What does it mean ? I need more context. Please file a bug report at attach gzipped level 10 debug logs from smbd illustrating the problem. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGhPqmIR7qMdg1EfYRAugFAJ9fly1vT6OyxbDzt2B7saZPo9QBegCg71Rq lXETTJbIEr06lsCk/hlcXro= =AzoZ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root..
Hi, I often have theses messages on my two samba 3.0.25a servers. What does it mean ? Eric -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root..
Hello, I have some little problems with samba 3.0.23c. A client open a excel file (office 2000), modify it and save it. After the office 2000 have saved the file, he display a message box with the message : file correclty saved but he cannot reopened because the memory is too short. If I look the ACL, the owner of file , the ACL is changed to read only and in samba log file, I can read : [2006/09/08 09:59:23, 0] lib/smbldap.c:smbldap_open(1009) smbldap_open: cannot access LDAP when not root.. If I change the ACL correctly, the user will have no problem. what happening ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root..
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: Hello, I have some little problems with samba 3.0.23c. A client open a excel file (office 2000), modify it and save it. After the office 2000 have saved the file, he display a message box with the message : file correclty saved but he cannot reopened because the memory is too short. If I look the ACL, the owner of file , the ACL is changed to read only and in samba log file, I can read : [2006/09/08 09:59:23, 0] lib/smbldap.c:smbldap_open(1009) smbldap_open: cannot access LDAP when not root.. If I change the ACL correctly, the user will have no problem. I need a level 10 log to track this down. jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFAWM/IR7qMdg1EfYRAs6hAKDZHM8SNplYNZxckIfzhbKbZozyuQCgu8bK hCf+qyuHonZNTqB78VzjLi8= =Isn+ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbldap_open: cannot access LDAP when not root
Hi Andreas, If you are wanting to use srvtools.exe you need to logon to the domain as user root; then you have the permissions to modify. Adrian. From: Andreas Fladischer [EMAIL PROTECTED] To: samba@lists.samba.org Subject: [Samba] smbldap_open: cannot access LDAP when not root Date: Thu, 02 Feb 2006 13:09:37 +0100 hi! my new samba server is running as pdc with samba3.0.21b and ldap.everythink worked well but one thing will not work. i would like to add a group or a user with the windowstool usermanager; if i try to add a new group, it tells me access denied. the logfile show the following: [2006/02/02 12:56:20, 0] lib/smbldap.c:smbldap_open(922) smbldap_open: cannot access LDAP when not root.. i searched a while in the internet but didn't find a solution! i hope someone can help me! thanks in advance andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 adrian sender wrote: Hi Andreas, If you are wanting to use srvtools.exe you need to logon to the domain as user root; then you have the permissions to modify. Better to assign privileges. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD43OqIR7qMdg1EfYRAqHvAJ0fpNj4s8sN1GhhBFGfwPsG4fRtFQCfeCtY spBKg7w73sWTeC87uTmOugo= =cBuV -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root
hi! my new samba server is running as pdc with samba3.0.21b and ldap.everythink worked well but one thing will not work. i would like to add a group or a user with the windowstool usermanager; if i try to add a new group, it tells me access denied. the logfile show the following: [2006/02/02 12:56:20, 0] lib/smbldap.c:smbldap_open(922) smbldap_open: cannot access LDAP when not root.. i searched a while in the internet but didn't find a solution! i hope someone can help me! thanks in advance andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root
I'm using Samba 3.0.14a as a PDC with an LDAP backend. I am having trouble using the Windows User Manager for Domains tool. As an example, I shall be looking at the Domain Users group. Whenever I try modifying anybody's group membership, I get the error message: The following error occurred changing the properties of the global group Domain Users: The group name could not be found. I am running User Manager as a user with Domain Admin privileges. Domain Admins have been granted every available right using the net rpc rights command. Samba is definitely doing an LDAP search for the group and is getting sensible results (logs below). The research I've done suggests this may be a known issue, but generally with older versions of Samba. Samba logs show a point which I'll mention here: [2006/02/01 11:33:46, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. The LDAP entry for the Domain Users group shows: # Domain Users, Group, u4eatech.com dn: cn=Domain Users,ou=Group,dc=u4eatech,dc=com objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 513 cn: Domain Users description: Netbios Domain Users sambaSID: S-1-5-21-2044582568-1589646193-1504741369-513 sambaGroupType: 2 displayName: Domain Users Domain Admin privs: elli ~ # net rpc -U jamesc rights list U4EATECH\Domain Admins Password: SeMachineAccountPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeRemoteShutdownPrivilege SeDiskOperatorPrivilege In the Samba logs, I see the following error: smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:46, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:47, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:48, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:49, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:50, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:51, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:52, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:53, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:54, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:55, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:56, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:57, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:58, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:59, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:34:00, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:34:00, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Timed out) LDAP Logs: Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SRCH base=ou=Group,dc=u4eatech,dc=com scope=2 deref=0 filter=((objectClass=sambaGroupMapping)(|(displayName=domain users)(cn=domain users))) Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 ENTRY dn=cn=Domain Users,ou=Group,dc=u4eatech,dc=com Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SRCH base=ou=Group,dc=u4eatech,dc=com scope=2 deref=0 filter=((objectClass=sambaGroupMapping)(sambaSID=s-1-5-21-2044582568-1589646193-1504741369-513)) Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 ENTRY dn=cn=Domain Users,ou=Group,dc=u4eatech,dc=com Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 1 11:37:30 cygnus_new slapd[26454]: conn=310772 op=2 UNBIND Feb 1 11:37:30 cygnus_new slapd[26454]: conn=310772 fd=30 closed Feb 1 11:37:30 cygnus_new slapd[12571]: conn=310793 fd=30 ACCEPT from IP=172.30.1.22:59861 (IP=0.0.0.0:389) Feb 1 11:37:30 cygnus_new slapd[16367]: conn=310793 op=0 BIND dn=cn=manager,dc=u4eatech,dc=com method=128 Feb 1 11:37:30 cygnus_new slapd[16367]: conn=310793 op=0 BIND dn=cn=manager,dc=u4eatech,dc=com mech=SIMPLE
RE: [Samba] smbldap_open: cannot access LDAP when not root
check the rights on libnss-ldap libpam-ldap set it to 644 Louis -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens James Cort Verzonden: woensdag 1 februari 2006 13:07 Aan: samba@lists.samba.org Onderwerp: [Samba] smbldap_open: cannot access LDAP when not root I'm using Samba 3.0.14a as a PDC with an LDAP backend. I am having trouble using the Windows User Manager for Domains tool. As an example, I shall be looking at the Domain Users group. Whenever I try modifying anybody's group membership, I get the error message: The following error occurred changing the properties of the global group Domain Users: The group name could not be found. I am running User Manager as a user with Domain Admin privileges. Domain Admins have been granted every available right using the net rpc rights command. Samba is definitely doing an LDAP search for the group and is getting sensible results (logs below). The research I've done suggests this may be a known issue, but generally with older versions of Samba. Samba logs show a point which I'll mention here: [2006/02/01 11:33:46, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. The LDAP entry for the Domain Users group shows: # Domain Users, Group, u4eatech.com dn: cn=Domain Users,ou=Group,dc=u4eatech,dc=com objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 513 cn: Domain Users description: Netbios Domain Users sambaSID: S-1-5-21-2044582568-1589646193-1504741369-513 sambaGroupType: 2 displayName: Domain Users Domain Admin privs: elli ~ # net rpc -U jamesc rights list U4EATECH\Domain Admins Password: SeMachineAccountPrivilege SePrintOperatorPrivilege SeAddUsersPrivilege SeRemoteShutdownPrivilege SeDiskOperatorPrivilege In the Samba logs, I see the following error: smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:46, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:47, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:48, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:49, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:50, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:51, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:52, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:53, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:54, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:55, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:56, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:57, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:58, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:33:59, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:34:00, 0] lib/smbldap.c:smbldap_open(882) smbldap_open: cannot access LDAP when not root.. [2006/02/01 11:34:00, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Timed out) LDAP Logs: Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SRCH base=ou=Group,dc=u4eatech,dc=com scope=2 deref=0 filter=((objectClass=sambaGroupMapping)(|(displayName=domain users)(cn=domain users))) Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 ENTRY dn=cn=Domain Users,ou=Group,dc=u4eatech,dc=com Feb 1 11:37:30 cygnus_new slapd[30055]: conn=310691 op=62 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SRCH base=ou=Group,dc=u4eatech,dc=com scope=2 deref=0 filter=((objectClass=sambaGroupMapping)(sambaSID=s-1-5-21-204 4582568-1589646193-1504741369-513)) Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 ENTRY dn=cn=Domain Users,ou=Group,dc=u4eatech,dc=com Feb 1 11:37:30 cygnus_new slapd[8490]: conn=310691 op=63 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 1 11:37:30 cygnus_new slapd[26454]: conn=310772 op=2 UNBIND Feb 1 11:37:30 cygnus_new slapd[26454]: conn=310772 fd=30 closed
[Samba] smbldap_open: cannot access LDAP when not root
check the rights on libnss-ldap libpam-ldap set it to 644 I've checked; they were already fine. The problem I'm having seems to be the same as: https://bugzilla.samba.org/show_bug.cgi?id=3047 I've upgraded the version of Samba to 3.0.20b and confirmed that the new version does indeed have the patch listed in the bug report applied, which it does. Unfortunately the problem persists. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root
check the rights on libnss-ldap libpam-ldap set it to 644 I've upgraded the version of Samba to 3.0.20b and confirmed that the new version does indeed have the patch listed in the bug report applied, which it does. Unfortunately the problem persists. My mistake - While the problem does persist, the error message from User Manager is different. It reads: The following error occurred changing the properties of the global group Domain Users: The user name could not be found. Level 10 log at: http://www.u4eatech.com/samba_log.txt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root ...
On Sun, 2005-02-27 at 14:06 -0300, Mrcio Luciano Donada wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am it has two weeks trying to twirl the PDC with samba + LDAP and ties the moment only migraines. It would like to know which is the problem, now, below described in mine log's? What user are you trying to use to join the domain. It must either be root (Samba 3.0.11) or an user with the SeMachineAccount privilege (Samba = 3.0.11). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root ...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am it has two weeks trying to twirl the PDC with samba + LDAP and ties the moment only migraines. It would like to know which is the problem, now, below described in mine log's? [2005/02/27 12:14:47, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 8 try! [2005/02/27 12:14:48, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:48, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 9 try! [2005/02/27 12:14:49, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:49, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 10 try! [2005/02/27 12:14:50, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:50, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 11 try! [2005/02/27 12:14:51, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:51, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 12 try! [2005/02/27 12:14:52, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:52, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 13 try! [2005/02/27 12:14:53, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:53, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 14 try! [2005/02/27 12:14:54, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:54, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 15 try! [2005/02/27 12:14:55, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:55, 0] lib/smbldap.c:smbldap_search_suffix(1169) ~ smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) [2005/02/27 12:14:55, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2398) ~ could not add user/computer 16178-audit$ to passdb. Check permissions? [2005/02/27 12:14:55, 2] smbd/server.c:exit_server(609) ~ Closing connections []'s - -- Márcio Luciano Donada mdonada at auroraalimentos dot com dot br FreeBSD - The uptime is mesuared in years! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCIf4yyJq2hZEymxcRAqklAJ93A5VdVRx8j4F+ok4i82AL7zRTSQCgp7P1 SJo/w4FHuH4VbD5OktjtPKo= =mKHg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap_open: cannot access LDAP when not root ...
Hello, if you have such in your smb.conf: ldap admin dn = uid=samba,o=company,c=com ldap ssl = no ... you must have an account uid=samba,o=company,c=com with a password in your ldap. You can tell samba this password by smbpasswd -w password. matze Márcio Luciano Donada schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am it has two weeks trying to twirl the PDC with samba + LDAP and ties the moment only migraines. It would like to know which is the problem, now, below described in mine log's? [2005/02/27 12:14:47, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 8 try! [2005/02/27 12:14:48, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:48, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 9 try! [2005/02/27 12:14:49, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:49, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 10 try! [2005/02/27 12:14:50, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:50, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 11 try! [2005/02/27 12:14:51, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:51, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 12 try! [2005/02/27 12:14:52, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:52, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 13 try! [2005/02/27 12:14:53, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:53, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 14 try! [2005/02/27 12:14:54, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:54, 1] lib/smbldap.c:another_ldap_try(1004) ~ Connection to LDAP server failed for the 15 try! [2005/02/27 12:14:55, 0] lib/smbldap.c:smbldap_open(881) ~ smbldap_open: cannot access LDAP when not root.. [2005/02/27 12:14:55, 0] lib/smbldap.c:smbldap_search_suffix(1169) ~ smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) [2005/02/27 12:14:55, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2398) ~ could not add user/computer 16178-audit$ to passdb. Check permissions? [2005/02/27 12:14:55, 2] smbd/server.c:exit_server(609) ~ Closing connections []'s - -- Márcio Luciano Donada mdonada at auroraalimentos dot com dot br FreeBSD - The uptime is mesuared in years! -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCIf4yyJq2hZEymxcRAqklAJ93A5VdVRx8j4F+ok4i82AL7zRTSQCgp7P1 SJo/w4FHuH4VbD5OktjtPKo= =mKHg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root
Hi ! I though I solved my add users to the doman admins group by chmod /usr/local/private/secrets.tdb to 644, but in fact I still have the same problem. For now, I'm concentrating about something that's in my log file: [2003/09/15 17:39:53, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1634) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Insufficient access)smbldap_open: cannot access LDAP when not root.. [2003/09/15 17:39:53, 1] lib/smbldap.c:smbldap_retry_open(888) Connection to LDAP Server failed for the 1 try! [2003/09/15 17:39:53, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1634) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Insufficient access)asteinling (172.16.20.31) connect to service ajacoutot initially as user ajacoutot (uid=1, gid=513) (pid 756) [2003/09/15 17:39:54, 1] smbd/service.c:make_connection_snum(692) asteinling (172.16.20.31) connect to service netlogon initially as user ajacoutot (uid=1, gid=513) (pid 756) [2003/09/15 17:39:55, 0] smbd/nttrans.c:call_nt_transact_ioctl(1831) call_nt_transact_ioctl(0x90028): Currently not implemented. What does this mean ? Domain logons work great, so ldap access does not look like it is a problem. If you have any idea... Antoine -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba