Results 1 to 6 of 6

Thread: Zimbra + Samba

  1. #1
    alapierre is offline Active Member
    Join Date
    Oct 2009
    Posts
    29
    Rep Power
    5

    Default Zimbra + Samba

    I've gone through Greg's HOW-TO on getting Samba to authenticate with Zimbra LDAP, and have hit a wall. I've exhausted my searches and don't know how to troubleshoot this any further.

    I have it to the point where I can create new users and when I issue the "smbclient -U newuser //samba.domain.com/newuser" it asks for the password and connects fine. However, I can't get it to authenticate with pre-existing users. I've modified the schema for the existing user, verified that they are being added in the Samba server with "getent passwd" but I can't login with that user. It just says "NT_STATUS_LOGON_FAILURE"

    Also, I can't login via the console with either a newly created user or a pre-existing user. Should I be able to do this? It doesn't seem to make sense why I would be able to authenticate a new user, but not an old one when it should be looking at the same LDAP server. Where can I look to see what I am missing? Thanks for your help!

    edit:

    Also, I just noticed that the sambaNTPassword field under the Samba Account tab is blank for the pre-existing user, but it is not blank for the newly created users.
    Last edited by alapierre; 02-16-2010 at 03:59 PM.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,495
    Rep Power
    56

    Default

    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    alapierre is offline Active Member
    Join Date
    Oct 2009
    Posts
    29
    Rep Power
    5

    Default

    I had already Googled this to death, but I did find one new thread via that Yahoo search. Thanks for that.

    What it sounds like is for any user that existed, I need to reset their passwords using smbpasswd -a user? I was hoping to avoid having to do that by setting this up...does it mention anything about that in the How-to? I didn't see it anywhere. I'd rather not have to go around to 500+ users and say "I need your password" In my mind, I thought this would make Samba simply authenticate with LDAP...where the password is already stored. Am I understanding something wrong? Is there something else I can do? Thanks for your help
    Last edited by alapierre; 02-17-2010 at 09:44 AM.

  4. #4
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    The samba password is actually separate from the POSIX/"LDAP"/Zimbra password. The admin extensions make it so that when you change the password in the admin interface it updates the Samba password. It looks like if a user changes their password you still need zimbraSambaPassword Extension to have it automatically change the samba password as well.

    The problem is that Samba uses the "sambaNTPassword" LDAP attribute to store it's password while everything else uses "userPassword", unfortunately samba doesn't support the hash methods used for everything else or you could just map the attributes together.

  5. #5
    alapierre is offline Active Member
    Join Date
    Oct 2009
    Posts
    29
    Rep Power
    5

    Default

    Bummer. Samba needs to get their act together then and support SHA! :-) Guess I will have to do this the hard way. Thanks for the info

  6. #6
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Well I'm sure Samba itself could easily support it, I was referring more to the SMB/CIFS protocol in that statement

    If you were bored, here is the authentication method/hash used in SMB: NTLM - Wikipedia, the free encyclopedia

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Important Mta Issue!!!!!!!!
    By borngunners in forum Migration
    Replies: 2
    Last Post: 01-05-2010, 06:44 AM
  2. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  3. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 05:43 AM
  4. Major Issue - 5.0RC2 NE to 5.0GA NE failed
    By DougWare in forum Installation
    Replies: 7
    Last Post: 01-06-2008, 09:56 PM
  5. dspam logrotate errors
    By michaeln in forum Users
    Replies: 7
    Last Post: 02-19-2007, 12:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •