Pascal den Bekker wrote:
Hello,
I want to use openldap as a backend for Samba4. I set up the openldap with a different port, because samba4 has an own "ldap" server running on port 389. I set up the standard config for samba4 like this:
As far as I know, the last time this was anywhere close to working was in 2010 and since then the Samba Team ripped out a lot of the OpenLDAP support. We (Symas) have recently hired a former Samba Team engineer to get this code back into working order but it's been off to a very slow start. I expect it will be several months before we have anything back in usable state, based on the current rate of progress.
passdb backend = ldapsam:ldap://ldap.example.com:3389 ldap suffix = dc=ldap,dc=example,dc=com ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap idmap suffix = ou=Idmap ldap delete dn = no ldap admin dn = cn=admin,dc=ldap,dc=example,dc=com ldap ssl = no ldap passwd sync = yes idmap_ldb:use rfc2307 = Yes invalid users = rootCreated also the ou's in openldap, added a couple of users in openldap. Also set the smbpasswd, but everytime when I try to ask the openldap through samba. Im getting:
smbldap_search_domain_info: Adding domain info for OPENCHANGE failed with NT_STATUS_UNSUCCESSFUL
Do I still need to load the samba.schema in openldap ? And when yes.. How do I do that??
Before taking any guesses at what actions you could take, first you need to see what the actual underlying error messages were. "NT_STATUS_UNSUCCESSFUL" is a generic Windows error code, and doesn't tell anything about what happened at the LDAP layer. What errors are in the slapd log?
openldap: 2.4.31 samba: 4.0.1 OS: Debian Wheezy
2.4.31 is relatively old, you should use the current release (2.4.36).
Cheers,