| Anonymous | Login | 2024-11-21 01:50 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0001727 | ClearOS | app-samba - Windows Networking | public | 2014-05-29 16:11 | 2014-07-10 13:20 | ||||
| Reporter | user2 | ||||||||
| Assigned To | user2 | ||||||||
| Priority | normal | Severity | major | Reproducibility | have not tried | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 6.5.0 | ||||||||
| Target Version | 6.6.0 Beta 2 | Fixed in Version | 6.6.0 Beta 2 | ||||||
| Summary | 0001727: Changing directory server base domain breaks relationship between Samba and LDAP | ||||||||
| Description | I changed my Base Domain in the Directory Server part of the webconfig and since then it appears that Samba is no longer able to authenticate with LDAP. Initially in /var/log/samba/log.winbindd-idmp I got: [2014/05/26 17:12:29.450009, 1] winbindd/idmap.c:288(idmap_init_named_domain) no backend defined for idmap config HOME [2014/05/26 17:12:29.450879, 0] lib/smbldap.c:1225(smbldap_connect_system) failed to bind to server ldap://127.0.0.1 [^] with dn="cn=manager,ou=Internal,dc=howitts,dc=lan" Error: Invalid credentials (unknown) then a repeating: [2014/05/26 17:12:29.451119, 1] lib/smbldap.c:1409(another_ldap_try) Connection to LDAP server failed for the 1 try! I then rebooted and now the following message repeats in /var/log/samba/log.winbindd-idmp: [2014/05/27 11:26:24.844569, 0] winbindd/idmap_ldap.c:113(get_credentials) get_credentials: Unable to fetch auth credentials for cn=manager,ou=Internal,dc=howitts,dc=co,dc=uk in * [2014/05/27 11:26:24.844620, 1] winbindd/idmap_ldap.c:501(idmap_ldap_db_init) idmap_ldap_db_init: Failed to get connection credentials (NT_STATUS_ACCESS_DENIED) [2014/05/27 11:26:24.844666, 1] winbindd/idmap.c:249(idmap_init_domain) idmap initialization returned NT_STATUS_ACCESS_DENIED /etc/samba/smb.winbind.conf appears to be set correctly (i.e it is like the old one but dc=lan now reads dc=co,dc=uk which is as I'd expect) 'ldapsearch -D "cn=manager,ou=Internal,dc=howitts,dc=co,dc=uk" -b "" objectclass=* -w PASSWORD' successfully runs. | ||||||||
| Steps To Reproduce | Sorry but I daren't break my system any further! | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
||||||
|
||||||
 Relationships |
|
Notes |
|
|
(0001192) user2 2014-05-30 10:26 |
The LDAP password needs to be refreshed inside Samba with: smbpasswd -w wxyz Where wxyz is the LDAP password in /var/clearos/openldap/config.php Or the "GUI way": reset the Windows Administrator password on the "Server - Windows Networking" page in the web-based administration tool. This action also does an LDAP password refresh. This password refresh is supposed to happen automatically on a domain name change, but it looks like it was missed (?). Still investigating. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2014-05-29 16:11 | user2 | New Issue | |
| 2014-05-29 16:11 | user2 | Issue generated from: 0001719 | |
| 2014-05-29 16:11 | user2 | Relationship added | related to 0001719 |
| 2014-05-29 16:11 | user2 | Status | new => acknowledged |
| 2014-05-29 16:15 | user2 | Summary | Changing Directory Server Base Domain => Changing directory server base domain breaks relationship between Samba and LDAP |
| 2014-05-29 16:16 | user2 | Target Version | => 6.6.0 Beta 2 |
| 2014-05-30 10:26 | user2 | Note Added: 0001192 | |
| 2014-05-30 13:32 | user2 | Status | acknowledged => resolved |
| 2014-05-30 13:32 | user2 | Fixed in Version | => 6.6.0 Beta 2 |
| 2014-05-30 13:32 | user2 | Resolution | open => fixed |
| 2014-05-30 13:32 | user2 | Assigned To | => user2 |
| 2014-07-10 13:20 | user2 | Status | resolved => closed |
|
Issue History |