Sir,
Good Day!
Below is my smb.conf and slapd.conf file
################ smb.conf ################################ [global] workgroup = FCB.NET realm = FCB.NET netbios aliases = smbldap.fcb.net server string = FCB File Sharing log file = /var/log/samba/log.%m max log size = 500 log level = 2 encrypt passwords = yes passwd program = /usr/local/sbin/smbldap-passwd -o %u socket options = TCP_NODELAY interfaces = eth0 local master = yes preferred master = yes passdb backend = ldapsam domain logons = yes keepalive = 10 os level = 64 ldap passwd sync = Yes idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 valid users = isd
add user script = /usr/local/sbin/smbldap-useradd -a -m "%u" delete user script = /usr/local/sbin/smbldap-userdel -r "%u" add user to group script = /usr/local/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-groupmod -g "%g" "%u" add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g' add machine script = /usr/local/sbin/smbldap-useradd -w -d /dev/null -c 'Machine Account' -s /bin/false -g 'Domain Computers' '%u'
passdb backend = ldapsam:ldaps://127.0.0.1/ ldap ssl = on ldap passwd sync = yes ldap admin dn = cn=Manager,dc=fcb,dc=net ldap delete dn = yes ldap suffix = dc=fcb,dc=net #ldap machine suffix = ou=Computers #ldap users suffix = dc=fcb,dc=net #ldap group suffix = ou=Groups
wins support = yes dos charset = 850 dns proxy = no unix charset = ISO8859-1 logon script = %U.bat
[netlogon] comment = Domain Logon Service path = /home/netlogon browseable = No
[ISD] comment = Information Systems Division path = /home/isd valid users = @isd read only = No create mask = 0660 directory mask = 0770
[profiles] path = /home/samba/profiles valid users = %U, "@Domain Admins" force user = %U read only = No create mask = 0600 directory mask = 0700 guest ok = Yes profile acls = Yes browseable = No csc policy = disable
########################## slapd.conf ##########################################
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args
database bdb directory /var/lib/ldap
suffix "dc=fcb.net,dc=." rootdn "cn=Manager,dc=fcb.net,dc=."
#inserted at 5pm #limits dn="cn=Manager,dc=fcb,dc=net" #size.soft=-1 #size.hard=soft
index objectClass,uidNumber,gidNumber eq index cn,sn,uid,displayName eq,pres,sub index memberUid,mail,givenname eq,subinitial index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
rootpw {SSHA}9c6LGBMLZeqDoEQfDT0lBIlvTw0GYu3k
access to attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange by dn.children="dc=fcb.net,dc=." write by self write by anonymous auth by * none
access to * by dn.children="dc=fcb.net,dc=." write by * read
########## E N D############
Thanks,
Emil Sicad
Buchan Milne wrote:
On Wednesday 26 November 2008 09:31:38 Emil Sicad - ISD wrote:
Good day to all,
Im new to LDAP, I've been working with SAMBA-LDAP implem. and i have these messages logs:
Nov 25 17:56:59 smbldap slapd[9974]: sql_select option missing Nov 25 17:56:59 smbldap slapd[9974]: auxpropfunc error no mechanism available Nov 25 17:56:59 smbldap ldap: slapd startup succeededs Nov 25 17:57:07 smbldap smbd[9987]: [2008/11/25 17:57:07, 0] lib/smbldap.c:smbldap_connect_system(850) Nov 25 17:57:07 smbldap smbd[9987]: failed to bind to server with dn= cn=Manager,dc=fcb.net,dc=. Error: Can't contact LDAP server Nov 25 17:57:07 smbldap smbd[9987]: (unknown) Nov 25 17:57:23 smbldap smbd[9987]: [2008/11/25 17:57:23, 0] lib/smbldap.c:smbldap_search_suffix(1155) Nov 25 17:57:23 smbldap smbd[9987]: smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out)
Question
- Is my ldap working fine?
Can't tell, your ldap logging may not be high enough.
- Why can't samba bind to Ldap?
You didn't include any of your samba (ldap-related) configuration, and that would really be more relevant on a samba list.
Regards, Buchan