Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page Zimbra Pam/Samba trouble

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 08-16-2007, 08:54 AM
Active Member
  
Posts: 29
Default Zimbra Pam/Samba trouble
Im following gregs howto() but I'm running into some issues.
I noticed a few things.


1. I can bind to ldap from my zimbra server using the following query:
Code:
ldapsearch -H ldap://zimbra.domain.tld/ -v -x -W -D 'uid=myadmin,ou=people,dc=zimbra,dc=domain,dc=tld' -s sub '(objectclass=*)' -LL
If I run this query from another host on the same lan i get the following output:
Code:
ldap_initialize( ldap://zimbra.domain.tld/ )
Enter LDAP Password:
filter: (objectclass=*)
requesting: ALL
version: 1

No such object (32)
Matched DN: dc=tld
needless to say, samba and pam are not working

I don't see posixAccount anywhere in my ldapsearch.
Reply With Quote
  #2 (permalink)  
Old 08-18-2007, 07:51 PM
Zimbra Employee
  
Posts: 127
Default
OK, here's some troubleshooting/research to do:
- check your slapd.conf and see if the nis.schema and samba.schema are there in the includes (note: you should not have been editing slapd.conf, because it gets overwritten every time ZCS starts)
- check your LDAP log to see if it throws any errors when it loads
- when you are trying to bind log in to the system that is configured to use pam_ldap, pam should make an LDAP query - look into sys log for the query, 1 - see if pam makes the query 2 - what LDAP have to say about it
__________________
Bugzilla - Wiki - Downloads - Before posting... Search!
P.S.: don't forget to vote on this bug
add Samba LDAP entries to Exchange Migration Tool
Reply With Quote
  #3 (permalink)  
Old 08-18-2007, 07:52 PM
Zimbra Employee
  
Posts: 127
Default
Quote:
Originally Posted by artimus View Post
1. I can bind to ldap from my zimbra server using the following query:
Code:
ldapsearch -H ldap://zimbra.domain.tld/ -v -x -W -D 'uid=myadmin,ou=people,dc=zimbra,dc=domain,dc=tld' -s sub '(objectclass=*)' -LL
What do you get when you run this query form the same host where LDAP is running?
__________________
Bugzilla - Wiki - Downloads - Before posting... Search!
P.S.: don't forget to vote on this bug
add Samba LDAP entries to Exchange Migration Tool
Reply With Quote
  #4 (permalink)  
Old 08-20-2007, 07:03 AM
Active Member
  
Posts: 29
Default
On the zimbra server I would get nice chunk of ldif from ldap.

From the other box I was succesfully able to bind using uid=zimbra,cn=admins,cn=zimbra.


Unfortunately I need to get this mail server up and running sooner then expected. I have already removed all my samba/posix settings, and will save that for a future project when I have time to test.

It is a little awkward, but It does work. I left off at a point where user and groups were working for a linux box, and users could log into samba from windows and see there home directory.

Another thing that threw me off for a while was that I am using a subdomain for testing. I could see users in posix but not groups. The problem turned out that I had my groups bound to dc=domain,dc=tld, while my users were bound to dc=zimbra,dc=domain,dc=tld. While simple and obvious, it's amazing how many times I can look over that same line I not notice what I did.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.