Web lists-archives.com

Re: [Samba] samba4 auth (ldap) starnge problem




On Fri, 20 Apr 2018 10:23:37 +0200
"Dr. Peer-Joachim Koch via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> Hi,
> 
> we have updated our samba4 AD a few weeks ago from 4.4.latest -> 
> 4.5.latest using the sernet packages.

You do realise that the 4.5.x series is now EOL as far as Samba is
concerned.

> 
> We are using open-xchange(OX) as web-mail. The ox is using ldap to 
> authenticate the users.
> 
> It is still working, but only for users created BEFORE we did the 
> update. All new users can not login!
> 
>  From the log file we only get an:
> 
>      ERROR: No user found with sAMAccountName=USERNAME
> 
> but ldapsearch is working for sAMAccountName=USERNAME.
> 
> It might be more an open-xchange issue, but may be someone had a
> similar problem.
> 

This is very probably an OX problem, probably the search is relying on
an attribute or objectclass that it shouldn't.

> 
> Can I use tcpdump between the OX-Server and our SAMBA4 server to see
> the difference between an old and a new user ?

Probably, but wouldn't it be easier to just dump the AD object of a
user that works and the AD object of one that doesn't and then compare
them ?

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba