[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP Samba4

To: Pascal den Bekker <pascal_den.bekker@affinitas.de>, openldap-technical@openldap.org
Subject: Re: OpenLDAP Samba4
From: Howard Chu <hyc@symas.com>
Date: Wed, 28 Aug 2013 06:18:25 -0700
In-reply-to: <521DC7D4.50203@affinitas.de>
References: <521DC7D4.50203@affinitas.de>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 SeaMonkey/2.22a1

Pascal den Bekker wrote:

Hello,

I want to use openldap as a backend for Samba4. I set up the openldap
with a different port, because samba4 has an own "ldap" server running
on port 389.
I set up the standard config for samba4 like this:

As far as I know, the last time this was anywhere close to working was in 2010and since then the Samba Team ripped out a lot of the OpenLDAP support. We(Symas) have recently hired a former Samba Team engineer to get this code backinto working order but it's been off to a very slow start. I expect it will beseveral months before we have anything back in usable state, based on thecurrent rate of progress.


      passdb backend = ldapsam:ldap://ldap.example.com:3389
      ldap suffix = dc=ldap,dc=example,dc=com
      ldap user suffix = ou=users
      ldap group suffix = ou=groups
      ldap machine suffix = ou=computers
      ldap idmap suffix = ou=Idmap
      ldap delete dn = no
      ldap admin dn = cn=admin,dc=ldap,dc=example,dc=com
      ldap ssl = no
      ldap passwd sync = yes
      idmap_ldb:use rfc2307 = Yes
      invalid users = root

Created also the ou's in openldap, added a couple of users in openldap.
Also set the smbpasswd, but everytime when I try to ask the openldap
through samba. Im getting:

smbldap_search_domain_info: Adding domain info for OPENCHANGE failed
with NT_STATUS_UNSUCCESSFUL

Do I still need to load the samba.schema in openldap ? And when yes..
How do I do that??

Before taking any guesses at what actions you could take, first you need tosee what the actual underlying error messages were. "NT_STATUS_UNSUCCESSFUL"is a generic Windows error code, and doesn't tell anything about what happenedat the LDAP layer. What errors are in the slapd log?


openldap: 2.4.31
samba:     4.0.1
OS:           Debian Wheezy


2.4.31 is relatively old, you should use the current release (2.4.36).

Cheers,



--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- OpenLDAP Samba4
  - From: Pascal den Bekker <pascal_den.bekker@affinitas.de>

Prev by Date: Object not found
Next by Date: Re: Object not found
Index(es):
- Chronological
- Thread