Anonymous | Login | 2024-12-03 10:13 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0001727 | ClearOS | app-samba - Windows Networking | public | 2014-05-29 16:11 | 2014-07-10 13:20 | ||||
Reporter | user2 | ||||||||
Assigned To | user2 | ||||||||
Priority | normal | Severity | major | Reproducibility | have not tried | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 6.5.0 | ||||||||
Target Version | 6.6.0 Beta 2 | Fixed in Version | 6.6.0 Beta 2 | ||||||
Summary | 0001727: Changing directory server base domain breaks relationship between Samba and LDAP | ||||||||
Description | I changed my Base Domain in the Directory Server part of the webconfig and since then it appears that Samba is no longer able to authenticate with LDAP. Initially in /var/log/samba/log.winbindd-idmp I got: [2014/05/26 17:12:29.450009, 1] winbindd/idmap.c:288(idmap_init_named_domain) no backend defined for idmap config HOME [2014/05/26 17:12:29.450879, 0] lib/smbldap.c:1225(smbldap_connect_system) failed to bind to server ldap://127.0.0.1 [^] with dn="cn=manager,ou=Internal,dc=howitts,dc=lan" Error: Invalid credentials (unknown) then a repeating: [2014/05/26 17:12:29.451119, 1] lib/smbldap.c:1409(another_ldap_try) Connection to LDAP server failed for the 1 try! I then rebooted and now the following message repeats in /var/log/samba/log.winbindd-idmp: [2014/05/27 11:26:24.844569, 0] winbindd/idmap_ldap.c:113(get_credentials) get_credentials: Unable to fetch auth credentials for cn=manager,ou=Internal,dc=howitts,dc=co,dc=uk in * [2014/05/27 11:26:24.844620, 1] winbindd/idmap_ldap.c:501(idmap_ldap_db_init) idmap_ldap_db_init: Failed to get connection credentials (NT_STATUS_ACCESS_DENIED) [2014/05/27 11:26:24.844666, 1] winbindd/idmap.c:249(idmap_init_domain) idmap initialization returned NT_STATUS_ACCESS_DENIED /etc/samba/smb.winbind.conf appears to be set correctly (i.e it is like the old one but dc=lan now reads dc=co,dc=uk which is as I'd expect) 'ldapsearch -D "cn=manager,ou=Internal,dc=howitts,dc=co,dc=uk" -b "" objectclass=* -w PASSWORD' successfully runs. | ||||||||
Steps To Reproduce | Sorry but I daren't break my system any further! | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Relationships | ||||||
|
Notes | |
(0001192) user2 2014-05-30 10:26 |
The LDAP password needs to be refreshed inside Samba with: smbpasswd -w wxyz Where wxyz is the LDAP password in /var/clearos/openldap/config.php Or the "GUI way": reset the Windows Administrator password on the "Server - Windows Networking" page in the web-based administration tool. This action also does an LDAP password refresh. This password refresh is supposed to happen automatically on a domain name change, but it looks like it was missed (?). Still investigating. |