Pascal den Bekker wrote:

Hello,

I want to use openldap as a backend for Samba4. I set up the openldap with a different port, because samba4 has an own "ldap" server running on port 389. I set up the standard config for samba4 like this:

As far as I know, the last time this was anywhere close to working was in 2010 and since then the Samba Team ripped out a lot of the OpenLDAP support. We (Symas) have recently hired a former Samba Team engineer to get this code back into working order but it's been off to a very slow start. I expect it will be several months before we have anything back in usable state, based on the current rate of progress.

  passdb backend = ldapsam:ldap://ldap.example.com:3389
  ldap suffix = dc=ldap,dc=example,dc=com
  ldap user suffix = ou=users
  ldap group suffix = ou=groups
  ldap machine suffix = ou=computers
  ldap idmap suffix = ou=Idmap
  ldap delete dn = no
  ldap admin dn = cn=admin,dc=ldap,dc=example,dc=com
  ldap ssl = no
  ldap passwd sync = yes
  idmap_ldb:use rfc2307 = Yes
  invalid users = root

Created also the ou's in openldap, added a couple of users in openldap. Also set the smbpasswd, but everytime when I try to ask the openldap through samba. Im getting:

smbldap_search_domain_info: Adding domain info for OPENCHANGE failed with NT_STATUS_UNSUCCESSFUL

Do I still need to load the samba.schema in openldap ? And when yes.. How do I do that??

Before taking any guesses at what actions you could take, first you need to see what the actual underlying error messages were. "NT_STATUS_UNSUCCESSFUL" is a generic Windows error code, and doesn't tell anything about what happened at the LDAP layer. What errors are in the slapd log?

openldap: 2.4.31 samba: 4.0.1 OS: Debian Wheezy

2.4.31 is relatively old, you should use the current release (2.4.36).

Cheers,