4:09 p.m.
Sir,
Good Day!
Below is my smb.conf and slapd.conf file
################ smb.conf ################################
[global]
workgroup = FCB.NET
realm = FCB.NET
netbios aliases = smbldap.fcb.net
server string = FCB File Sharing
log file = /var/log/samba/log.%m
max log size = 500
log level = 2
encrypt passwords = yes
passwd program = /usr/local/sbin/smbldap-passwd -o %u
socket options = TCP_NODELAY
interfaces = eth0
local master = yes
preferred master = yes
passdb backend = ldapsam
domain logons = yes
keepalive = 10
os level = 64
ldap passwd sync = Yes
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
valid users = isd
add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel -r "%u"
add user to group script = /usr/local/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-groupmod -g "%g"
"%u"
add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add machine script = /usr/local/sbin/smbldap-useradd -w -d /dev/null
-c 'Machine Account' -s /bin/false -g 'Domain Computers' '%u'
passdb backend = ldapsam:ldaps://127.0.0.1/
ldap ssl = on
ldap passwd sync = yes
ldap admin dn = cn=Manager,dc=fcb,dc=net
ldap delete dn = yes
ldap suffix = dc=fcb,dc=net
#ldap machine suffix = ou=Computers
#ldap users suffix = dc=fcb,dc=net
#ldap group suffix = ou=Groups
wins support = yes
dos charset = 850
dns proxy = no
unix charset = ISO8859-1
logon script = %U.bat
[netlogon]
comment = Domain Logon Service
path = /home/netlogon
browseable = No
[ISD]
comment = Information Systems Division
path = /home/isd
valid users = @isd
read only = No
create mask = 0660
directory mask = 0770
[profiles]
path = /home/samba/profiles
valid users = %U, "@Domain Admins"
force user = %U
read only = No
create mask = 0600
directory mask = 0700
guest ok = Yes
profile acls = Yes
browseable = No
csc policy = disable
########################## slapd.conf
##########################################
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
database bdb
directory /var/lib/ldap
suffix "dc=fcb.net,dc=."
rootdn "cn=Manager,dc=fcb.net,dc=."
#inserted at 5pm
#limits dn="cn=Manager,dc=fcb,dc=net"
#size.soft=-1
#size.hard=soft
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName eq,pres,sub
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
rootpw {SSHA}9c6LGBMLZeqDoEQfDT0lBIlvTw0GYu3k
access to
attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange
by dn.children="dc=fcb.net,dc=." write
by self write
by anonymous auth
by * none
access to *
by dn.children="dc=fcb.net,dc=." write
by * read
########## E N D############
Thanks,
Emil Sicad
Buchan Milne wrote:
On Wednesday 26 November 2008 09:31:38 Emil Sicad - ISD wrote:
> Good day to all,
>
> Im new to LDAP, I've been working with SAMBA-LDAP implem.
> and i have these messages logs:
>
>
> Nov 25 17:56:59 smbldap slapd[9974]: sql_select option missing
> Nov 25 17:56:59 smbldap slapd[9974]: auxpropfunc error no mechanism
> available
> Nov 25 17:56:59 smbldap ldap: slapd startup succeededs
> Nov 25 17:57:07 smbldap smbd[9987]: [2008/11/25 17:57:07, 0]
> lib/smbldap.c:smbldap_connect_system(850)
> Nov 25 17:57:07 smbldap smbd[9987]: failed to bind to server with dn=
> cn=Manager,dc=fcb.net,dc=. Error: Can't contact LDAP server
> Nov 25 17:57:07 smbldap smbd[9987]: (unknown)
> Nov 25 17:57:23 smbldap smbd[9987]: [2008/11/25 17:57:23, 0]
> lib/smbldap.c:smbldap_search_suffix(1155)
> Nov 25 17:57:23 smbldap smbd[9987]: smbldap_search_suffix: Problem
> during the LDAP search: (unknown) (Timed out)
>
> Question
> 1) Is my ldap working fine?
>
Can't tell, your ldap logging may not be high enough.
> 2) Why can't samba bind to Ldap?
>
You didn't include any of your samba (ldap-related) configuration, and that
would really be more relevant on a samba list.
Regards,
Buchan