problem with ldap password backend

B

belcayre

Hi all,
I try to migate my old pdc (samba + openldap server + smbldap tools) to a new pdc (last stable version of FreeBSD 9, samba 3.6, openldap server 24 + smbldap tools).

Code: 
# On utilise LDAP comme backend
passdb backend = ldapsam:ldap://127.0.0.1/
ldap suffix = dc=iutge1,dc=ujf-grenoble,dc=fr
ldap admin dn = "cn=samba,ou=DSA,dc=iutge1,dc=ujf-grenoble,dc=fr"
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap passwd sync = yes
ldap delete dn = no

So I have save the ldap base on my old pdc and restore on my new pdc with slapcat and slapadd. And after I make a slapindex, then a smbldap-populate. And I define passwd with smb-passwd -w.

I see all my accounts with ldapsearch and smbldap-userlist and all my groups with smbldap-grouplist.

I can join pc to the domain with root account, but other accounts don't work.

# pdbedit -L
show user search failed and with net rpc info I have my 8 groups but 0 users

Please someone can help me, or give me clues because I don't find solution.

Thanks for learning.
 
I forget to say smbd an nmdb is running like slapd. And ldapsearch return that at the end of the command:
Code: 
# search result
search: 2
[B]result: 4 Size limit exceeded[/B]

# numResponses: 501
# numEntries: 500
but I don't know why
 
belcayre said:
Code: 
# search result
search: 2
[B]result: 4 Size limit exceeded[/B]

# numResponses: 501
# numEntries: 500
but I don't know why
Click to expand...

This is because your slapd.conf has an entry (or default value) of 500 with respect to the result-set size. You can edit it by setting:
Code: 
sizelimit=1000
on your slapd.conf, or whatever value suits you. As far as for your initial problem is concerned, are you sure that nothing has changed to your OpenLDAP acls configuration? Have you double-checked that the ou=Users,dc=iutge1,dc=ujf-grenoble,dc=fr is accessible from your samba-ldap user and returns your users list?
 
Hello, sory for the late of my answer
thanks for reply, this the solution i have found and now it work perfectly.

thanks for help
 
By curiosity on my old pdc I have the following problem
Code: 
root@iutge1-pdc: ~ net rpc info
Enter root's password:
Could not connect to server IUTGE1-PDC
Connection failed: NT_STATUS_BAD_NETWORK_NAME

testparm is ok, I can mount cifs shares but I can't join computer to the domain, any idea?

I look permissions on my samba/home and there is no problem, I don't find any information in log files.
 
Such errors are usually occurring when hostname resolution does not work properly. Check your server's name in /etc/hosts, bind or nmbd to see if it is resolved correctly on the machine you're trying to connect from. Incorrect name resolution is one of the most common sources of troubles in samba.
 
You must log in or register to reply here.
Back
Top