Web lists-archives.com

Re: [Samba] samba4 auth (ldap) starnge problem




On 20.04.2018 11:26, Rowland Penny via samba wrote:
On Fri, 20 Apr 2018 10:23:37 +0200
"Dr. Peer-Joachim Koch via samba" <samba@xxxxxxxxxxxxxxx> wrote:

Hi,

we have updated our samba4 AD a few weeks ago from 4.4.latest ->
4.5.latest using the sernet packages.
You do realise that the 4.5.x series is now EOL as far as Samba is
concerned.

We are using open-xchange(OX) as web-mail. The ox is using ldap to
authenticate the users.

It is still working, but only for users created BEFORE we did the
update. All new users can not login!

  From the log file we only get an:

      ERROR: No user found with sAMAccountName=USERNAME

but ldapsearch is working for sAMAccountName=USERNAME.

It might be more an open-xchange issue, but may be someone had a
similar problem.

This is very probably an OX problem, probably the search is relying on
an attribute or objectclass that it shouldn't.

Can I use tcpdump between the OX-Server and our SAMBA4 server to see
the difference between an old and a new user ?
Probably, but wouldn't it be easier to just dump the AD object of a
user that works and the AD object of one that doesn't and then compare
them ?
How can I compare it ?
ldapsearch for both accounts does not show any differences (for me) ...

Bye, Peer
Rowland




--
Mit freundlichen Grüßen,
    Peer-Joachim Koch
________________________________________________________

Max-Planck-Institut für Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10            Telefon: ++49 3641 57-6705
D-07745 Jena                 Telefax: ++49 3641 57-7705


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba