OpenLDAP with Samba Issue
-
I am trying to authenticate OpenLDAP Users with Samba. I thought i had all of the settings correct on my smb.conf, but smb wont start... This is the log error message that i get:
[2017/05/11 15:42:02.337376, 2] ../source3/param/loadparm.c:2685(lp_do_section) Processing section "[Share1]" [2017/05/11 15:42:02.337886, 2] ../source3/lib/interface.c:345(add_interface) added interface eno1 ip=IP bcast=bcast netmask=netmask [2017/05/11 15:42:02.339401, 1] ../source3/profile/profile.c:51(set_profile_level) INFO: Profiling turned OFF from pid 25024 [2017/05/11 15:42:02.340437, 2] ../source3/passdb/pdb_interface.c:161(make_pdb_method_name) No builtin backend found, trying to load plugin [2017/05/11 15:42:02.344946, 2] ../lib/util/modules.c:196(do_smb_load_module) Module 'ldapsam' loaded [2017/05/11 15:42:02.345050, 2] ../source3/passdb/pdb_ldap_util.c:280(smbldap_search_domain_info) smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SERVER))] [2017/05/11 15:42:02.425340, 0] ../source3/lib/smbldap.c:575(smbldap_start_tls) Failed to issue the StartTLS instruction: Operations error [2017/05/11 15:42:02.425432, 1] ../source3/lib/smbldap.c:1206(get_cached_ldap_connect) Connection to LDAP server failed for the 1 try! [2017/05/11 15:42:03.489827, 0] ../source3/lib/smbldap.c:575(smbldap_start_tls) Failed to issue the StartTLS instruction: Operations error [2017/05/11 15:42:03.489891, 1] ../source3/lib/smbldap.c:1206(get_cached_ldap_connect) Connection to LDAP server failed for the 1 try! [2017/05/11 15:42:04.553952, 0] ../source3/lib/smbldap.c:575(smbldap_start_tls) Failed to issue the StartTLS instruction: Operations error [2017/05/11 15:42:04.554018, 1] ../source3/lib/smbldap.c:1206(get_cached_ldap_connect) Connection to LDAP server failed for the 1 try! [2017/05/11 15:42:05.569184, 1] ../source3/passdb/pdb_ldap_util.c:236(add_new_domain_info) add_new_domain_info: failed to add domain dn= sambaDomainName=SERVER,dc=company,dc=com with: Object class violation unknown object class "sambaDomain" [2017/05/11 15:42:05.569233, 0] ../source3/passdb/pdb_ldap_util.c:313(smbldap_search_domain_info) smbldap_search_domain_info: Adding domain info for SERVER failed with NT_STATUS_UNSUCCESSFUL [2017/05/11 15:42:05.569292, 0] ../source3/passdb/pdb_ldap.c:6540(pdb_ldapsam_init_common) pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it. [2017/05/11 15:42:05.569315, 0] ../source3/passdb/pdb_interface.c:180(make_pdb_method_name) pdb backend ldapsam:ldaps://ldapserveraddress did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
Here is my smb.conf if anyone can go through it to figure out what i am doing wrong. Ive checked several places online and none have been helpful so far.
[global] workgroup = SERVER server string = Samba Server on server-name interfaces = eno1 hosts allow = ranges to allow strict locking = no kernel oplocks = no reset on zero vc = yes vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes # --------------------------- Allow LDAP Authentication-------------------- passdb backend = ldapsam:ldaps://ldapserver ldap suffix = dc=company,dc=com ldap admin dn = uid=test # For Security server signing = mandatory smb encrypt = mandatory client min protocol = smb3 client max protocol = smb3 # --------------------------- Logging Options ----------------------------- log level = 2 # log files split per-machine: log file = /var/log/samba/log.%m # 5MB per file before rotation max log size = 5000 idmap config * : backend = tdb # --------------------------- Printing Options ----------------------------- load printers = no
Cross posting this for Alex Duarte who isn't getting a lot of eyes on it.
-
You show your Samba configs, but not your LDAP configs. But it looks like LDAP is the issue.
-
Kindly verify this site .What OS you are trying now ?
https://www.ibm.com/developerworks/linux/tutorials/l-ldapsamba/ -
Why samba instead of sssd?