Is possible to use samba4 and openldap without ldapi?
in [Samba]
|
From: Andrew Bartlett on 27 Jul 2010 05:30 On Tue, 2010-07-27 at 09:58 +0200, Michael Wood wrote: > Hi > > On 27 July 2010 08:22, Alejandro Escanero Blanco > <alejandro.escanero.ext(a)juntadeandalucia.es> wrote: > > I want to use samba4 in a openldap multimaster enviroment, but my tests are > > going bad, this are the problems: > > You might have more luck with your Samba4+OpenLDAP questions on the > samba-technical list. > > > - Provision is broken for openldap: NotImplementedError: <bound method > > OpenLDAPBackend.post_setup of <samba.provisionbackend.OpenLDAPBackend object > > at 0xb626194c> For various reasons, the OpenLDAP backend for Samba4 is not functional at this time. A fix for this particular error is in my git repo, in the openldap-config branch, but this isn't enough, we have a serious issue with the dereference control that I have not yet debugged. http://gitweb.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/openldap-config (if someone wants to push those patches I'm fine with that, but we still have a long way to go to resolve the other issues) Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc.
From: Alejandro on 7 Aug 2010 13:00 Thanks for the patch, i test it and no more "Not Implemented" problem. But i have now another problem when a try to authenticate: smbclient -L localhost -Uadministrator%A123456a Failed to connect to ncacn_np:localhost - NT_STATUS_INTERNAL_DB_CORRUPTION In OpenLDAP the error is: conn=1000 op=8 SRCH base="dc=ceic,dc=junta-andalucia,dc=com" scope=2 deref=0 filter="(&(!(isDeleted=TRUE))(&(sAMAccountName=administrator)(objectClass=user)))" conn=1000 op=8 SRCH attr=isDeleted sAMAccountName objectClass objectClass sAMAccountName userPrincipalName servicePrincipalName replPropertyMetaData msDS-SupportedEncryptionTypes supplementalCredentials dBCSPwd unicodePwd userAccountControl objectSid pwdLastSet accountExpires logonHours userWorkstations displayName scriptPath profilePath homeDirectory homeDrive lastLogon lastLogoff accountExpires badPwdCount logonCount primaryGroupID memberOf entryUUID slap_global_control: unrecognized control: 1.2.840.113556.1.4.529 I check the controls with: ldapsearch -H "ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi" -x -b "" -s base supportedControl dn: supportedControl: 1.3.6.1.4.1.4203.666.5.14 supportedControl: 1.3.6.1.4.1.4203.1.9.1.1 supportedControl: 1.3.6.1.4.1.4203.666.11.9.5.1 supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1 supportedControl: 1.3.6.1.4.1.4203.666.5.16 supportedControl: 1.3.6.1.4.1.4203.666.5.17 supportedControl: 1.3.6.1.4.1.21008.108.63.1 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.666.11.7.2 supportedControl: 1.3.6.1.4.1.4203.666.5.12 supportedControl: 1.3.6.1.4.1.4203.666.5.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.1340 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.3.6.1.4.1.4203.666.5.15 supportedControl: 1.2.840.113556.1.4.1339 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 I don't find the extended dn control (1.2.840.113556.1.4.529), but appear in ldap.h: include/ldap.h:#define LDAP_CONTROL_X_EXTENDED_DN "1.2.840.113556.1.4.529" Which is the overlay to use the extended dn control? Thanks. 2010/7/27 Andrew Bartlett <abartlet(a)samba.org> > On Tue, 2010-07-27 at 09:58 +0200, Michael Wood wrote: > > Hi > > > > On 27 July 2010 08:22, Alejandro Escanero Blanco > > <alejandro.escanero.ext(a)juntadeandalucia.es> wrote: > > > I want to use samba4 in a openldap multimaster enviroment, but my tests > are > > > going bad, this are the problems: > > > > You might have more luck with your Samba4+OpenLDAP questions on the > > samba-technical list. > > > > > - Provision is broken for openldap: NotImplementedError: <bound method > > > OpenLDAPBackend.post_setup of <samba.provisionbackend.OpenLDAPBackend > object > > > at 0xb626194c> > > For various reasons, the OpenLDAP backend for Samba4 is not functional > at this time. A fix for this particular error is in my git repo, in the > openldap-config branch, but this isn't enough, we have a serious issue > with the dereference control that I have not yet debugged. > > > http://gitweb.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/openldap-config > (if someone wants to push those patches I'm fine with that, but we still > have a long way to go to resolve the other issues) > > Andrew Bartlett > > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Cisco Inc. > -- Alejandro Escanero Blanco Administrador de Sistemas GNU/Linux Desarrollador de GOsa (http://www.gosa-project.org) Blog: http://www.mylifebetweencomputers.com Jabber: blainett(a)jabberes.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
|
Pages: 1 Prev: %a variable and Windows 7 Next: [Samba] Samba 3.3.8/LDAP/Hide unreadable |