Re: [Samba] Cisco ISE unable to retrieve AD group list from samba 4 server
Am 02.10.2013 21:53, schrieb Jeremy Allison: On Wed, Oct 02, 2013 at 11:38:21AM +0200, Andreas Oster wrote: Hi all, I have run into a problem with our samba4 setup. I have successfully joined a Cisco ISE v1.1.4 (Identity Service Engine) test machine to the samba4 AD. User authentication does work but unfortunately the ISE is unable to fetch the AD groups from the domain controller. In the samba logs I get the following error message when initiating the group fetch: [2013/10/02 10:21:37.605554, 0] ../source4/cldap_server/cldap_server.c:54(cldapd_request_handler) Invalid CLDAP request type 16 from ipv4:10.250.12.218:51136 LDAP request type 16 == LDAP_TAG_AbandonRequest which we don't handle in the cldap request handler. That's why you're getting the error. Jeremy. Hello Jeremy, thank you very much for your fast response. Any chance that this request type will be added ? Thanks Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cisco ISE unable to retrieve AD group list from samba 4 server
On Thu, Oct 03, 2013 at 08:53:19AM +0200, Andreas Oster wrote: Am 02.10.2013 21:53, schrieb Jeremy Allison: On Wed, Oct 02, 2013 at 11:38:21AM +0200, Andreas Oster wrote: Hi all, I have run into a problem with our samba4 setup. I have successfully joined a Cisco ISE v1.1.4 (Identity Service Engine) test machine to the samba4 AD. User authentication does work but unfortunately the ISE is unable to fetch the AD groups from the domain controller. In the samba logs I get the following error message when initiating the group fetch: [2013/10/02 10:21:37.605554, 0] ../source4/cldap_server/cldap_server.c:54(cldapd_request_handler) Invalid CLDAP request type 16 from ipv4:10.250.12.218:51136 LDAP request type 16 == LDAP_TAG_AbandonRequest which we don't handle in the cldap request handler. That's why you're getting the error. Jeremy. Hello Jeremy, thank you very much for your fast response. Any chance that this request type will be added ? I don't know what the CLDAP request is supposted to do (although I could look this up) - I'll let LDAP experts reply first. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cisco ISE unable to retrieve AD group list from samba 4 server
On Wed, Oct 02, 2013 at 11:38:21AM +0200, Andreas Oster wrote: Hi all, I have run into a problem with our samba4 setup. I have successfully joined a Cisco ISE v1.1.4 (Identity Service Engine) test machine to the samba4 AD. User authentication does work but unfortunately the ISE is unable to fetch the AD groups from the domain controller. In the samba logs I get the following error message when initiating the group fetch: [2013/10/02 10:21:37.605554, 0] ../source4/cldap_server/cldap_server.c:54(cldapd_request_handler) Invalid CLDAP request type 16 from ipv4:10.250.12.218:51136 Can you log a bug and attach to it a wireshark trace of this operation failing ? That will help track this down and fix it. Cheers, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Cisco ISE unable to retrieve AD group list from samba 4 server
On Wed, Oct 02, 2013 at 11:38:21AM +0200, Andreas Oster wrote: Hi all, I have run into a problem with our samba4 setup. I have successfully joined a Cisco ISE v1.1.4 (Identity Service Engine) test machine to the samba4 AD. User authentication does work but unfortunately the ISE is unable to fetch the AD groups from the domain controller. In the samba logs I get the following error message when initiating the group fetch: [2013/10/02 10:21:37.605554, 0] ../source4/cldap_server/cldap_server.c:54(cldapd_request_handler) Invalid CLDAP request type 16 from ipv4:10.250.12.218:51136 LDAP request type 16 == LDAP_TAG_AbandonRequest which we don't handle in the cldap request handler. That's why you're getting the error. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba