[Obm] Help with LDAP & OBM-Samba please...

Martin Gautier martin.gautier at myrnham.co.uk
Fri Aug 5 18:54:36 CEST 2011 

Hi

I'm trying to get the OBM-Samba system working and am having a little 
trouble.

I have OBM-LDAP installed and running correctly.

I have Samba installed and setup as below. The samba/LDAP authentication 
bits I have gleaned from various OBM webpages and /usr/share/doc/obm-samba.

On restarting all the services, I get a valid response from

# smbclient -L myserver

But if I try

smbclient -u admin -L myserver

I get

Enter admin's password:
session setup failed: NT_STATUS_LOGON_FAILURE

The corresponding Samba log entry is

[2011/08/05 17:36:18,  2] lib/smbldap.c:890(smbldap_open_connection)
   smbldap_open_connection: connection opened
[2011/08/05 17:36:18,  2] passdb/pdb_ldap.c:571(init_sam_from_ldap)
   init_sam_from_ldap: Entry found for user: admin
[2011/08/05 17:36:18,  0] passdb/pdb_get_set.c:211(pdb_get_group_sid)
   pdb_get_group_sid: Failed to find Unix account for admin
[2011/08/05 17:36:18,  1] auth/auth_util.c:577(make_server_info_sam)
   User admin in passdb, but getpwnam() fails!
[2011/08/05 17:36:18,  0] auth/auth_sam.c:355(check_sam_security)
   check_sam_security: make_server_info_sam() failed with 
'NT_STATUS_NO_SUCH_USER'
[2011/08/05 17:36:18,  2] auth/auth.c:320(check_ntlm_password)
   check_ntlm_password:  Authentication for user [admin] -> [admin] 
FAILED with error NT_STATUS_NO_SUCH_USER

Now "admin" is a valid user, I can see it in the LDAP tree as can smbd. 
It just fails to authenticate.

I have _not_ done anything with smbpasswd or pdbedit. Do I need to? 
Should I be able to set the password in OBM-UI and then expect to be 
able to access the Samba shares?

Basically, I've done the Samba, OBM-LDAP & OBM-Samba installs. I have 
configured smb.conf. What do I need to do next?

Regs
Martin

smb.conf
-------------
[global]
workgroup = WORKGROUP
netbios name = MYSERVER
server string = %h server
domain master = yes
domain logons = yes
preferred master = yes
os level = 255
local master = yes
wins support = yes
name resolve order = hosts wins bcast
dns proxy = no
log file = /var/log/samba/log.%m
log level = 2
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
null passwords = no
passdb backend = ldapsam:ldap://127.0.0.1/
ldap passwd sync = no
ldap suffix = dc=local
ldap machine suffix = ou=hosts
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = "uid=samba,ou=sysusers,dc=local"
ldap ssl = no
obey pam restrictions = yes
unix password sync = yes
pam password change = no
passwd program = /usr/share/obm/www/auto/changePasswd.pl --login %u 
--interactiv --unix --sql --no-old --domain-id 2
passwd chat = *new\spassword:* %n\n *new\spassword:* %n\n 
*Password\supdate\ssuccess*
passwd chat debug = no
logon home =
load printers = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
usershare allow guests = yes
[public]
    comment = Public Area
    read only = no
    writeable = yes
    locking = no
    public = yes
    browseable = yes
    path = /var/lib/samba/public
    guest ok = no



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.obm.org/pipermail/obm/attachments/20110805/796c6310/attachment.htm

More information about the Obm mailing list