Re: [Samba] Samba and LDAP Server
Thanks, I got it! Samba is guided through the SRV records in DNS On 22/12/2011 19:15, David Roid wrote: Hello Lantukh, Domain controller, LDAP server and kdc can be found by DNS, Samba consults DNS server to find them. Therefore DNS server itself can be a single-point. I'm guessing your myserver1 is used as the DNS server in this case and when it's down you are in trouble. Cheers -David 2011/12/23 Lantukh Sergey sergey.lant...@docpath.com mailto:sergey.lant...@docpath.com Good day I could not find an answer to my problem/question, can you help me here... I have SAMBA 3.2.5 on Linux\Debian 5 I using Winbind for connect to MS Active Directory Windows 2003 and get a list of all users. /etc/samba/smb.conf [global] realm = MYDOMAIN.LOCAL Security = ADS /etc/krb5.con [realms] MYDOMAIN.LOCAL = { kdc = myserver1.mydomain.local: 88 kdc = myserver2.mydomain.local: 88 admin_server = myserver1.mydomain.local: 464 default_domain = DOCPATH.ES http://DOCPATH.ES [domain_realm] . mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL My question is: When I give the command: # net ads info I have: LDAP server: 192.168.1.10 LDAP server name: myserver1.mydomain.local Realm: MYDOMAIN.local Bind Path: dc = MYDOMAIN, dc = LOCAL LDAP port: 389 Server time: Thu, 22 Dec 2011 17:52:38 CET KDC server: 192.168.1.10 Server time offset: 2 192.168.1.10 this is myserver1.mydomain.local Where SAMBA knows about my LDAP server? I have 2 Domain Controllers and SAMBA is always connected to the first. When the first server is not available SAMBA can not get a list of users via winbind. How can I get SAMBA to connect to a second domain controller? How can I change the LDAP server for samba? Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba and LDAP Server
Good day I could not find an answer to my problem/question, can you help me here... I have SAMBA 3.2.5 on Linux\Debian 5 I using Winbind for connect to MS Active Directory Windows 2003 and get a list of all users. /etc/samba/smb.conf [global] realm = MYDOMAIN.LOCAL Security = ADS /etc/krb5.con [realms] MYDOMAIN.LOCAL = { kdc = myserver1.mydomain.local: 88 kdc = myserver2.mydomain.local: 88 admin_server = myserver1.mydomain.local: 464 default_domain = DOCPATH.ES [domain_realm] . mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL My question is: When I give the command: # net ads info I have: LDAP server: 192.168.1.10 LDAP server name: myserver1.mydomain.local Realm: MYDOMAIN.local Bind Path: dc = MYDOMAIN, dc = LOCAL LDAP port: 389 Server time: Thu, 22 Dec 2011 17:52:38 CET KDC server: 192.168.1.10 Server time offset: 2 192.168.1.10 this is myserver1.mydomain.local Where SAMBA knows about my LDAP server? I have 2 Domain Controllers and SAMBA is always connected to the first. When the first server is not available SAMBA can not get a list of users via winbind. How can I get SAMBA to connect to a second domain controller? How can I change the LDAP server for samba? Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba and LDAP Server
Hello Lantukh, Domain controller, LDAP server and kdc can be found by DNS, Samba consults DNS server to find them. Therefore DNS server itself can be a single-point. I'm guessing your myserver1 is used as the DNS server in this case and when it's down you are in trouble. Cheers -David 2011/12/23 Lantukh Sergey sergey.lant...@docpath.com Good day I could not find an answer to my problem/question, can you help me here... I have SAMBA 3.2.5 on Linux\Debian 5 I using Winbind for connect to MS Active Directory Windows 2003 and get a list of all users. /etc/samba/smb.conf [global] realm = MYDOMAIN.LOCAL Security = ADS /etc/krb5.con [realms] MYDOMAIN.LOCAL = { kdc = myserver1.mydomain.local: 88 kdc = myserver2.mydomain.local: 88 admin_server = myserver1.mydomain.local: 464 default_domain = DOCPATH.ES [domain_realm] . mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL My question is: When I give the command: # net ads info I have: LDAP server: 192.168.1.10 LDAP server name: myserver1.mydomain.local Realm: MYDOMAIN.local Bind Path: dc = MYDOMAIN, dc = LOCAL LDAP port: 389 Server time: Thu, 22 Dec 2011 17:52:38 CET KDC server: 192.168.1.10 Server time offset: 2 192.168.1.10 this is myserver1.mydomain.local Where SAMBA knows about my LDAP server? I have 2 Domain Controllers and SAMBA is always connected to the first. When the first server is not available SAMBA can not get a list of users via winbind. How can I get SAMBA to connect to a second domain controller? How can I change the LDAP server for samba? Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba + OpenLDAP: LDAP server is running but could not respond to a search request
Hi, all. I am trying to set up SAMBA PDC with OpenLDAP using smbldap-tools from IDEALX. This is on a SLES 9 and I had run the latest online update as well as SP1 and SP2 for it. At this point smb is off and ldap is running. I have gotten up to where I needed to test for: ldapsearch -x -b dc=sample,dc=com (ObjectClass=*) # extended LDIF # # LDAPv3 # base dc=sample,dc=com with scope sub # filter: (objectClass=*) # requesting: ALL # # search result search: 2 result: 0 Success # numResponses: 1 Here is the log for this request from /var/log/ldaplogs Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 fd=18 ACCEPT from IP= 127.0.0.1:1510 http://127.0.0.1:1510 (IP=0.0.0.0:389 http://0.0.0.0:389) Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 op=0 BIND dn= method=128 Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 op=0 RESULT tag=97 err=0 text= Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 op=1 SRCH base=dc=nanostellar,dc=com scope=2 deref=0 filter=(objectClass=*) Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 op=2 UNBIND Sep 9 04:32:51 Ns02 slapd[10449]: conn=52 fd=18 closed If you looked at the log, the second line where BIND dn=, I don't know if this is correct or an indication that something is missing. slapcat getent password getent group smbldap-useradd -m -a testuser smbldap-passwd testuser id testuser pdbedit -Lv testuser all of these tests work fine. However, net groupmap list [2005/09/09 04:39:30, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2763) ldapsam_setsamgrent: LDAP search failed: No such object [2005/09/09 04:39:30, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2828) ldapsam_enum_group_mapping: Unable to open passdb Here is the log for this command: Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 fd=18 ACCEPT from IP= 127.0.0.1:1519 http://127.0.0.1:1519 (IP=0.0.0.0:389 http://0.0.0.0:389) Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=0 BIND dn=cn=Admin,dc=sample,dc=com method=128 Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=0 BIND dn=cn=Admin,dc=sample,dc=com mech=SIMPLE ssf=0 Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=0 RESULT tag=97 err=0 text= Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=1 SRCH base= scope=0 deref=0 filter=(objectClass=*) Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=1 SRCH attr=supportedControl Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=2 SRCH base=dc=sample,dc=com scope=2 deref=0 filter=((objectClass=sambaDomain)(sambaDomainName=sample)) Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=2 SRCH attr=sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid sambaSID sambaAlgorithmicRidBase objectClass Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=3 SRCH base=ou=Goups,dc=sample,dc=com scope=2 deref=0 filter=(objectClass=sambaGroupMapping) Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=3 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 op=3 SEARCH RESULT tag=101 err=32 nentries=0 text= Sep 9 04:39:52 Ns02 slapd[10449]: conn=61 fd=18 close Please help me as I am struggling with this for more than a week already and still do not advance any further. Thank you very much for your help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + OpenLDAP: LDAP server is running but could not respond to a search request
Steven Truong wrote: If you looked at the log, the second line where BIND dn=, I don't know if this is correct or an indication that something is missing. It means bind anonymously, make sure you give suficient raed access for anon user. What ldap * suffix in smb.conf? try searching from there, ie. ldapsearch -xLLL -b dc=sample,dc=com uid=testuser However, net groupmap list [2005/09/09 04:39:30, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2763) ldapsam_setsamgrent: LDAP search failed: No such object [2005/09/09 04:39:30, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2828) ldapsam_enum_group_mapping: Unable to open passdb Did you already run net groupmap add? http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html -- --beast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba