| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
11-09-2009, 11:52 AM
| | |
Well the problem has to be in the zimbra user ssh'ing to the server to run the script as root then...
From the errors in the log it looks to me like it might be trying to find the zimbra user in an LDAP authentication source, is this server setup to get it's users from an LDAP server? If so do you have it configured to fallback to local files? |
11-09-2009, 12:02 PM
| | |
Hmmm.... well if you followed this section properly then that shouldn't be your issue. (I'm assuming that your samba server and Zimbra server are the same box if you did that step on the Zimbra server).
Try looking over the changes in that section again and verifying that it has the nsswitch changes? |
11-09-2009, 12:06 PM
| | | 
Well...because I use centos/Redhat...I didn't have to do that section, correct?
I did this instead: Quote:
Configuring on RHEL5/CentOS5/Fedora7 using authconfig
As root run authconfig --test. It will display current settings for both nss_ldap and pam_ldap. In most cases the following command will do the job (although some manual editing will still be needed):
authconfig --enableldap --enableldapauth --disablenis --enablecache \
--ldapserver=gregzimbra1.zimbra.com --ldapbasedn=dc=gregzimbra1,dc=zimbra,dc=com \
--updateall
The last parameter will update /etc/ldap.conf, /etc/nsswitch.conf and /etc/pam.d/system-auth configuration files. The only file which requires manual editing is /etc/ldap.conf.
The base line should be already there. It is inserted by authconfig. You should also see a uri line with the address of your ldap server. The host, binddn, bindpw, rootbinddn lines should be added as explained above and /etc/ldap.secret file should exist and contain a password.
The issue with a single /etc/ldap.conf configuration file for both nss_ldap and pam_ldap is that host and uri can work together in Zimbra-specific configuration only if we also add bind_policy soft option. The modified /etc/ldap.conf should look like this:
base dc=gregzimbra1,dc=zimbra,dc=com
host gregzimbra1.zimbra.com
# binddn uid=zimbra,cn=admins,cn=zimbra (pre 5.x)
binddn cn=config
bindpw test123
rootbinddn uid=zimbra,cn=admins,cn=zimbra
uri ldap://gregzimbra1.zimbra.com
bind_policy soft
nss_base_passwd ou=people,dc=gregzimbra1,dc=zimbra,dc=com?one
nss_base_shadow ou=people,dc=gregzimbra1,dc=zimbra,dc=com?one
# Replace the lines above with
# nss_base_passwd dc=gregzimbra1,dc=zimbra,dc=com?sub
# nss_base_shadow dc=gregzimbra1,dc=zimbra,dc=com?sub
# if you want to store windows computers account in LDAP
nss_base_group ou=groups,dc=gregzimbra1,dc=zimbra,dc=com?one
nss_base_hosts ou=machines,dc=gregzimbra1,dc=zimbra,dc=com?one
|  |
11-09-2009, 12:09 PM
| | |
Well not being on one of those OS'es I completely ignored that part 
That section should have caused your files to roughly match up to the changes listed above that in the manual section... what do the contents of those files look like? |
11-09-2009, 12:16 PM
| | |
Hmmm...ok...
I re-ran: Quote:
authconfig --enableldap --enableldapauth --disablenis --enablecache \
--ldapserver=gregzimbra1.zimbra.com --ldapbasedn=dc=gregzimbra1,dc=zimbra,dc=com \
--updateall
| updated /etc/ldap.conf
ran: smbpasswd -w password
restarted samba
and well...IT WORKED!
Sheeesh...I dunno what changed in any of those files...but I'm just happy it works now
Thanks a bunch! |
11-09-2009, 12:18 PM
| | |
I suspect that somehow it had stopped looking in the local files, no idea how that happened though.
Glad it's working again | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
