Page 6 of 11 FirstFirst ... 45678 ... LastLast
Results 51 to 60 of 103

Thread: Zimbra Integration With Samba - Ubuntu Based

  1. #51
    alekseyn is offline Junior Member
    Join Date
    Apr 2010
    Posts
    9
    Rep Power
    5

    Default Really struggling here....

    Hello guys.

    Zimbra is just the best solution for people like me who need an alternative to win server and AD....

    So here I am trying to install everything following this guide - UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0

    I run Ubuntu 8.04 LTS server and trying to install the latest Zimbra Collaboration Suite (exact version in header of my post)

    I am trying to install everything on one ubuntu box.

    has quite a few problems during the installation... and quite honestly I have lost a track of things I did or did not do...

    My problem at the moment is - I can not get the Samba domain to show up i the admin console...

    I will post my smb.conf at the end of my post... but I have setup samba domains before and honestly do not see an issue with it...

    what could be a problem? how can I test if the zimbra ldap is working?

    I really do not want to (and can not) reinstall everything from scratch... Please help!!

    Also guys, should I even bother installing this kind of system.. I have quite a few users with Win 7... would they be able to join the domain with Ubuntu's 3.0.28a Samba that gets installed using "apt-get install samba"... or should I somehow install the latest samba from samba.com???


    smb.conf
    Code:
    [global]
      workgroup = NRG-GLOBAL.COM
      netbios name = SERVER
      os level = 33
      preferred master = yes
      enable privileges = yes
      server string = %h server (Samba, Ubuntu)
      wins support =yes 
      dns proxy = no
      name resolve order = wins bcast hosts
      log file = /var/log/samba/log.%m
      log level = 3
      max log size = 1000
      syslog only = no
      syslog = 0
      panic action = /usr/share/samba/panic-action %d
      security = user
      encrypt passwords = true
      ldap passwd sync = yes
      passdb backend = ldapsam:ldap://192.168.1.3/
      ldap admin dn = "uid=zmposixroot,cn=appaccts,cn=zimbra"
      ldap suffix = dc=nrg-global,dc=com
      ldap group suffix = ou=groups
      ldap user suffix = ou=people
      ldap machine suffix = ou=machines
      obey pam restrictions = no
      passwd program = /usr/bin/passwd %u
      passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
      domain logons = yes
      ;logon path = \\server\%U\profile
      ;logon home = \\server\%U
      ;logon script = logon.cmd
     
      logon path =
      logon home = 
      logon script =   
    
      add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
      add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --quiet --gecos "machine account" --force-badname %u
      socket options = TCP_NODELAY
      domain master = yes
      local master = yes
    [homes]
      comment = Home Directories
      browseable =yes 
      read only = No
      valid users = %S
    [netlogon]
      comment = Network Logon Service
      path = /var/lib/samba/netlogon
      guest ok = yes
      locking = no
    [profiles]
      comment = Users profiles
      path = /var/lib/samba/profiles
      read only = No
    [profdata]
      comment = Profile Data Share
      path = /var/lib/samba/profdata
      read only = No
      profile acls = Yes
    [printers]
      comment = All Printers
      browseable = no
      path = /tmp
      printable = yes
      public = no
      writable = no
      create mode = 0700
    [print$]
      comment = Printer Drivers
      path = /var/lib/samba/printers
      browseable = yes
      read only = yes
      guest ok = no
    /etc/ldap.conf
    Code:
    ###DEBCONF###
    #host server.nrg-global.com
    base dc=nrg-global,dc=com
    rootbinddn uid=zmposixroot,cn=appaccts,cn=zimbra
    port 389
    bind_policy soft
    nss_reconnect_tries 2
    uri ldap://192.168.1.3/
    ssl start_tls
    tls_cacertdir /opt/zimbra/conf/ca
    # tell to not check the server certificate
    tls_checkpeer no
    # optional
    pam_password md5
    # where nss find the information
    nss_base_passwd         ou=people,dc=nrg-global,dc=com?one
    nss_base_shadow         ou=people,dc=nrg-global,dc=com?one
    nss_base_group          ou=groups,dc=nrg-global,dc=com?one
    nss_base_hosts          ou=machines,dc=nrg-global,dc=com?one
    
    ldap_version 3
    nss_initgroups_ignoreusers backup,bin,bind,daemon,dhcp,fetchmail,games,gnats,haldaemon,irc,klog,libuuid,list,lp,mail,man,messagebus,mysql,news,ntp,openldap,polkituser,proxy,root,saned,sshd,sync,sys,syslog,uucp,www-data

    UPDATE:

    upgraded to the latest samba (built from source) and reran some of the steps in the how-to...

    samba appears OK and everything operates normally, but can not join the machines into the domain...
    any help whatsoever would be really appreciated.
    Last edited by alekseyn; 04-04-2010 at 06:14 AM.

  2. #52
    alekseyn is offline Junior Member
    Join Date
    Apr 2010
    Posts
    9
    Rep Power
    5

    Default

    Hi and thanks for your reply!

    I am trying to join XP and win 7 with no luck.

    with XP and Win 7 the message is - Acces is denied...

    going out of my mind to find out why...
    any pointers to where I could maybe check the logs would be appreciated!

  3. #53
    alekseyn is offline Junior Member
    Join Date
    Apr 2010
    Posts
    9
    Rep Power
    5

    Default

    Quote Originally Posted by vavai View Post
    Please check (or paste the appropriate part of) your log on the following file :

    /var/log/samba/log.smbd
    /var/log/samba/log.nmbd
    /opt/zimbra/log/mailbox.log and
    /var/log/zimbra.log
    well, here is an experiment: I have emptied out all those logs and tried to join a win 7 machine again with the same result. And all of those logs were empty.

    But the one with the machine name on it (/var/log/samba/log.{machine name} was full of stuff. I have raised the detail level to 5 trying to pinpoint the problem.

    Maybe you could get something useful from the attached...
    Attached Files Attached Files

  4. #54
    alekseyn is offline Junior Member
    Join Date
    Apr 2010
    Posts
    9
    Rep Power
    5

    Default

    Quote Originally Posted by vavai View Post
    1. Did your XP/Win 7 client find your domain controller successfully?
    2. Did the join domain Admin password came up and ask for user & password?
    3. What is the admin user you used to join to the domain?
    4. Do you have added your admin user (or the user you used for join) as domain admins group?
    1. Yes
    2. Yes
    3. "aleksey" is the user name as you could see in the logs
    4. Yes, user "aleksey" is added to the "Domain Admins" group in Zimbra Admin UI

  5. #55
    p_nyet is offline Loyal Member
    Join Date
    May 2009
    Location
    Jakarta
    Posts
    86
    Rep Power
    6

    Default

    A few weeks I had same problem, but my PDC running on OpenLDAP and Samba 3.2.15. And after change the profile permission, my problem has gone..

    # ls -la /data/profiles
    drwxrwxrwx 32 root root 4096 Apr 12 10:34 profiles

    in smb.conf

    [Profiles]
    path = /data/profiles
    force user = %U
    read only = No
    create mask = 0777
    directory mask = 0777
    guest ok = yes
    browseable = No
    profile acls = yes
    csc policy = disable

  6. #56
    fruitloaf's Avatar
    fruitloaf is offline Active Member
    Join Date
    Apr 2008
    Location
    Glasgow
    Posts
    36
    Rep Power
    7

    Default

    I'm trying to integrate a new Zimbra server with samba but I'm having some troubles.

    Using gregs guide on the wiki I have no problem setting up Ubuntu 8.04 with ZCS 6.06 on two seperate servers (zimbra + samba) using the samba package from the repositories. However I'd like to have the option of having Windows 7 clients join so I tried to build samba from sources. However using the same working smb.conf and ldap.conf from the repository version I'm getting authorisation errors in my samba logs and the domain is never added to the Zimbra admin console.

    This is the start of my samba log which shows the errors I'm getting. These repeat as samba tries to connect over and over.

    Code:
    [2010/04/25 13:52:56,  2] lib/smbldap_util.c:277(smbldap_search_domain_info)
      smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDo
    mainName=FRANCHISEROUTE))]
    [2010/04/25 13:52:56,  0] lib/smbldap.c:656(smb_ldap_start_tls)
      Failed to issue the StartTLS instruction: Connect error
    [2010/04/25 13:52:56,  1] lib/smbldap.c:1231(another_ldap_try)
      Connection to LDAP server failed for the 1 try!
    [2010/04/25 13:52:57,  3] lib/smbldap_util.c:302(smbldap_search_domain_info)
      smbldap_search_domain_info: Got no domain info entries for domain
    [2010/04/25 13:52:57,  0] lib/smbldap.c:656(smb_ldap_start_tls)
      Failed to issue the StartTLS instruction: Connect error
    [2010/04/25 13:52:57,  1] lib/smbldap.c:1231(another_ldap_try)
      Connection to LDAP server failed for the 1 try!
    [2010/04/25 13:52:58,  3] lib/smbldap_util.c:163(add_new_domain_info)
      add_new_domain_info: Adding new domain
    [2010/04/25 13:52:58,  0] lib/smbldap.c:656(smb_ldap_start_tls)
      Failed to issue the StartTLS instruction: Connect error
    [2010/04/25 13:52:58,  1] lib/smbldap.c:1231(another_ldap_try)
      Connection to LDAP server failed for the 1 try!
    [2010/04/25 13:52:59,  1] lib/smbldap_util.c:233(add_new_domain_info)
      add_new_domain_info: failed to add domain dn= sambaDomainName=FRANCHISEROUTE,d
    c=scotland,dc=franchiseroute,dc=net with: Strong(er) authentication required
            modifications require authentication
    [2010/04/25 13:52:59,  0] lib/smbldap_util.c:310(smbldap_search_domain_info)
      smbldap_search_domain_info: Adding domain info for FRANCHISEROUTE failed with
    NT_STATUS_UNSUCCESSFUL
    Any ideas or has anyone sucessfully managed to use a newer version of samba and have Win 7 clients join the domain?

  7. #57
    rmanni is offline Junior Member
    Join Date
    Mar 2010
    Posts
    5
    Rep Power
    5

    Default

    Hi all,

    I'm following the steps listed here Installing_custom_ldap_schema_6.0 and after the first step (setting up nis.ldif) I can no longer start ldap.

    Here is the error I get:

    Code:
    $ ldap start
    Failed to start slapd.  Attempting debug start to determine error.
    config error processing cn=nis,cn=schema,cn=config,cn=config:
    Any help will be appreciated.

    Resolved:

    Found cn=schema={10}nis.ldif in ....data/ldap/config/cn=config and made the same changes as needed for cn={10}nis.ldif in the cn=schema directory

    not sure if this was caused by me or if the file exists in two locations, but I was able to get ldap running again.
    Last edited by rmanni; 06-29-2010 at 11:23 AM. Reason: SOLVED

  8. #58
    rmanni is offline Junior Member
    Join Date
    Mar 2010
    Posts
    5
    Rep Power
    5

    Default

    New problem, trying to run the following file acl.ldif with this command: ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W


    Code:
    dn: olcDatabase={2}hdb,cn=config
    changetype:modify
    delete: olcAccess
    olcAccess: {9}
    -
    add: olcAccess
    olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by * read
    
    dn: olcDatabase={2}hdb,cn=config
    changetype:modify
    add: olcAccess
    olcAccess: {10}to dn.subtree="dc=zimbra,dc=saintsmed,dc=org"  by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
    olcAccess: {11}to dn.subtree="ou=machines,dc=zimbra,dc=saintsmed,dc=org"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
    olcAccess: {12}to dn.subtree="ou=groups,dc=zimbra,dc=saintsmed,dc=org"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
    olcAccess: {13}to dn.subtree="ou=people,dc=zimbra,dc=saintsmed,dc=org"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
    and I get this error: ldapmodify: invalid format (line 13) entry: "olcDatabase={2}hdb,cn=config"

    I have been able to add the changes from the first half of acl.ldif, but there is something in the second half that is causing the error. I cannot seem to figure out what. This is a single server Zimbra setup so it is the ldap master, etc.

  9. #59
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    6

    Default credentials problem

    Hello,
    Small problem occurred while trying to authenticate users via Zimbra’s ldap server. I have 15 thinclient workstations which are used by students. I would like to configure those thinclients to authenticate student through their zimbra accounts.

    On my ltsp-ubuntu 10.4 server I installed libpam-ldap and configured it like this:

    Ldap.conf:
    base dc=student,dc=my,dc=domain,dc=com
    uri ldap://192.168.10.15/
    ldap_version 3
    binddn cn=config
    bindpw myPasswd
    rootbinddn uid=zimbra,cn=admins,cn=zimbra
    #ldap.secret file contains password
    bind_policy soft
    pam_password md5
    nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,couchdb,daemon,dhcpd,games,gdm, gnats,haldaemon,hplip,irc,kernoops,libuuid,list,lp ,mail,man,messagebus,nbd,news,proxy,pulse,root,rtk it,saned,speech-dispatcher,sshd,sync,sys,syslog,tftp,usbmux,uucp,w ww-data

    common-acount:
    account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
    account [success=1 default=ignore] pam_ldap.so
    account requisite pam_deny.so
    account required pam_permit.so

    common-auth:
    auth [success=2 default=ignore] pam_unix.so nullok_secure
    auth [success=1 default=ignore] pam_ldap.so use_first_pass
    auth requisite pam_deny.so
    auth required pam_permit.so

    common-password:
    password [success=2 default=ignore] pam_unix.so obscure sha512
    password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass
    password requisite pam_deny.so
    password required pam_permit.so

    common-session:
    session [default=1] pam_permit.so
    session requisite pam_deny.so
    session sufficient pam_unix.so
    session optional pam_ck_connector.so nox11

    nsswitch.conf
    passwd: files ldap
    group: files ldap
    shadow: compat
    hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
    networks: files
    protocols: db files
    services: db files
    ethers: db files
    rpc: db files
    netgroup: nis

    When I try to login with credentials which are stored in ldap server I got a response saying permission denied, wrong password.
    thinserver's auth.log:
    pam_ldap: error trying to bind as user “uid=student01, ou=people, dc=student,dc=my,dc=domain,dc=com” (invalid credentials)

    On zimbra side, I included nis.schema in slapd.conf file but didn't add posix Admin extension.

    Any ideas??? Thanks...
    Kostres

  10. #60
    bjor is offline Junior Member
    Join Date
    Aug 2010
    Posts
    6
    Rep Power
    5

    Default

    I have the exact same issue Kostres, did you solve your issue? please let us know how you did!

Page 6 of 11 FirstFirst ... 45678 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. /tmp filling
    By Nutz in forum Administrators
    Replies: 8
    Last Post: 02-22-2008, 02:00 AM
  2. Major Issue - 5.0RC2 NE to 5.0GA NE failed
    By DougWare in forum Installation
    Replies: 7
    Last Post: 01-06-2008, 09:56 PM
  3. Replies: 22
    Last Post: 12-02-2007, 05:05 PM
  4. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM
  5. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 10:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •