[gentoo-user] OT? Samba/LDAP Hell

[gentoo-user] OT? Samba/LDAP Hell

[gentuxx]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

This is slightly off topic for this list, but I thought I might get
some response from the "braintrust".  ;-)

A while back I started to configure samba to work with LDAP.  I got as
far as configuring slapd.conf and entering a "tickler" user.  Now, I
can't connect to any of my samba shares.  Looking in the samba logs,
when the daemon starts, it's still trying to connect to the ldap
server to get the security.tbd.  I've verified /etc/samba/smb.conf,
/etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference
to ldap.  But something is obviously still telling samba to use ldap.

In an effort to get things working, I started with a *very* basic
smb.conf, but still no joy.  Here's the global section:

[global]
        log file = /var/log/samba/%m.log
        workgroup = HOME
        debug level = 10
        server string = gentoo


Any advice as to where else to look to disable ldap would be appreciated.

TIA

- --
gentux
echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0 39E2
18D3 4A9E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFEzE4tTPA54hjTSp4RAoIhAJ98CY031ZxTeQ0X02qDZEkPEGlwcwCglXnv
n6h7spKdruLi5xRbxy1x1Ik=
=KJvr
-----END PGP SIGNATURE-----

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] OT? Samba/LDAP Hell

[Michael W. Holdeman]

On Sunday 30 July 2006 02:14, gentuxx wrote:
> Hi all,
>
> This is slightly off topic for this list, but I thought I might get
> some response from the "braintrust".  ;-)
>
> A while back I started to configure samba to work with LDAP.  I got as
> far as configuring slapd.conf and entering a "tickler" user.  Now, I
> can't connect to any of my samba shares.  Looking in the samba logs,
> when the daemon starts, it's still trying to connect to the ldap
> server to get the security.tbd.  I've verified /etc/samba/smb.conf,
> /etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference
> to ldap.  But something is obviously still telling samba to use ldap.
>
> In an effort to get things working, I started with a *very* basic
> smb.conf, but still no joy.  Here's the global section:
>
> [global]
>         log file = /var/log/samba/%m.log
>         workgroup = HOME
>         debug level = 10
>         server string = gentoo
>
What version of samba? I am having fits with 3.0.23a, and authentication. I 
can't get any shares to authenticate except [public]. Nothing in the logs 
really giving a hint either, and not using ldap. I wonder if there is a 
problem we have made in gentoo? somewhere, PAM?....

Mike

-- 
 
Michael W. Holdeman


________________________________________
Powered by Gentoo Linux www.gentoo.org  |
Kernel 2.6.15-ck2                       |
VMWare Workstation 5.5.1 vmware.com     |
Win4LinPro 6.1.1-03 win4lin.com         |
________________________________________|
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] OT? Samba/LDAP Hell

[gentuxx]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael W. Holdeman wrote:
> On Sunday 30 July 2006 02:14, gentuxx wrote:
>> Hi all,
>>
>> This is slightly off topic for this list, but I thought I might get
>> some response from the "braintrust".  ;-)
>>
>> A while back I started to configure samba to work with LDAP.  I got as
>> far as configuring slapd.conf and entering a "tickler" user.  Now, I
>> can't connect to any of my samba shares.  Looking in the samba logs,
>> when the daemon starts, it's still trying to connect to the ldap
>> server to get the security.tbd.  I've verified /etc/samba/smb.conf,
>> /etc/conf.d/samba, and /etc/pam.d/samba and none contain any reference
>> to ldap.  But something is obviously still telling samba to use ldap.
>>
>> In an effort to get things working, I started with a *very* basic
>> smb.conf, but still no joy.  Here's the global section:
>>
>> [global]
>>         log file = /var/log/samba/%m.log
>>         workgroup = HOME
>>         debug level = 10
>>         server string = gentoo
>>
> What version of samba? I am having fits with 3.0.23a, and
authentication. I
> can't get any shares to authenticate except [public]. Nothing in the logs
> really giving a hint either, and not using ldap. I wonder if there is a
> problem we have made in gentoo? somewhere, PAM?....
>

I'm using 3.0.22-r3.  I tend to use stable for the most part, except a
few packages here and there.

Anyway, here are some errors that I get in /var/log/samba/smbd.log
when the service is (re)started:

  Connection to LDAP server failed for the 14 try!
[2006/07/29 19:31:46, 0] passdb/secrets.c:fetch_ldap_pw(629)
  fetch_ldap_pw: neither ldap secret retrieved!
[2006/07/29 19:31:46, 0] lib/smbldap.c:smbldap_connect_system(851)
  ldap_connect_system: Failed to retrieve password from secrets.tdb
[2006/07/29 19:31:46, 1] lib/smbldap.c:another_ldap_try(1051)
  Connection to LDAP server failed for the 15 try!
[2006/07/29 19:31:47, 0] passdb/secrets.c:fetch_ldap_pw(629)
  fetch_ldap_pw: neither ldap secret retrieved!
[2006/07/29 19:31:47, 0] lib/smbldap.c:smbldap_connect_system(851)
  ldap_connect_system: Failed to retrieve password from secrets.tdb
[2006/07/29 19:31:47, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2170)
  ldapsam_search_one_group: Problem during the LDAP search: LDAP
error: (unknown) (Time limit exceeded)


...So this is how I know samba is looking for an LDAP server (which I
don't want it to do).


- --
gentux
echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0 39E2
18D3 4A9E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFEzQQdTPA54hjTSp4RAlDEAJ44HjHcMEhxAya1KhnA9wLrE437BgCePplG
XRQe44dNQ7trps/KWK+nq/s=
=+KaU
-----END PGP SIGNATURE-----

-- 
gentoo-user@gentoo.org mailing list