OpenLDAP + Samba Domain on Ubuntu 7.10

[ca_grover]

I followed the How-To just fine, right through to step # 9, where it asks you to reboot your server and confirm you can still login. (http://www.howtoforge.com/openldap-s...-ubuntu7.10-p2)

So, what do you do when you can no longer login? Console login AND SSH login are both just hanging and/or timing out. (root just hangs, user account times out).

Short of using a live cd type thing (I'm using a virtual machine) and resetting everything, is there an easy way to fix things? I ran into NO issues at all in the previous steps.

Unfortunately I can't post the contents of any file to help - becasue I can't log in.

Tips are appreciated.

[ca_grover]

Got access, so can post any pertinent files/command output. (rebooted, went to the "recovery" kernel from the Grub menu... I'm trying to back out some of the more recent changes... But can still use some help here... Thanks.

[falko]

Quote:

Originally Posted by ca_grover

Got access, so can post any pertinent files/command output.

Are there any errors in your log files?

[ca_grover]

Nope. Nothing obvious in any of the log files (messages, syslogd, etc.).

I stepped back the last couple of changes and then tried to apply them again, thinking I may have messed up one of these steps. I'm getting the same behavior. Console login with root is hanging. SSH connections are being refused. console login with regular user is timing out/hanging.

I'm stumped. One one hand, I don't really need LDAP authentication to the server itself. On the otherhand, if that isn't working, it suggests setting up a workstation to authenticate against it will fail too. So.... Guess I'm off to learn about PAM.

[ca_grover]

Just for completeness, here's the only thing I'm seeing that could be indicative of issues:

[ 52.715964] Failure registering capabilities with primary security module.

- in the "dmesg" output.

I noticed as well that if I use the recovery kernel, I *can* login just fine without having to override anything. slapd is started. But, I'm not totally clear what the recovery kernel is setting up (yet), so suspect the LDAP authentications are not being used.

On a hunch, I checked if Open LDAP is starting when I use the normal kernel - nope. Well thar's the problem... now if I can just figure out why it starts with the recovery kernel, but not the normal kernel... sighs...

Found a thread on this - seems to be a bug with Ubuntu Gutsy:
https://bugs.launchpad.net/ubuntu/+s...ap/+bug/155947

[falko]

Quote:

Originally Posted by ca_grover

On a hunch, I checked if Open LDAP is starting when I use the normal kernel - nope. Well thar's the problem... now if I can just figure out why it starts with the recovery kernel, but not the normal kernel... sighs...

Do you get any errors when you start OpenLDAP manually?

[falko]

Quote:

Originally Posted by ca_grover

Just for completeness, here's the only thing I'm seeing that could be indicative of issues:

[ 52.715964] Failure registering capabilities with primary security module.

- in the "dmesg" output.

Seems as if some other service is already listening on a port that the system is trying to bind to: http://ubuntuforums.org/showthread.php?t=604312

[mperreault]

I found version 2 of this same tutorial over on ubuntu forums... It seems to have solved the majority of my problems!

http://ubuntuforums.org/showthread.php?t=640760

it is also available on the authors personal site

http://www.rrcomputerconsulting.com/...p?article_id=3

Thanks Ricky!

[mperreault]

When I log onto the XP machine I ALWAYS get 2 errors with regards to roaming profiles... The XP machine then creates a new temporary profile each time the user logs in. Which is slow...

Error Message 1

Quote:

Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator.

DETAIL - The network name cannot be found.

The part about the network name cannot be found is concerning... So I pinged dc01-ubuntu and it worked however when I ping dc01-ubuntu.example.local it doesn't work...

Error Message 2

Quote:

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

The allusers.bat script seems to run however I had to change any instances of \\dc01-ubuntu.example.local to \\dc01-ubuntu.

I don't want roaming profiles, but I also don't want error messages each time I log in. And I need those scripts to run.. Any suggestions?

I'm following this updated tutorial..
http://ubuntuforums.org/showthread.php?t=640760

Here is a link to the Virtual Machine I've created to try to get this working.. You might have to change the static IP address etc to make this work for you? Let me know if you've solved my problem and how. I created this using VMWare Fusion for Mac but I assume it should run in the VMWare player for any other OS..
http://webcitr.us/ubuntu7.10_SAMBA_OPENLDAP.rar

[mperreault]

I've solved the problem! In the samba.conf file i had

"login path =" instead of "logon path ="

No more errors while logging into windows! Now I'm going to figure out how to write a login script to do exactly what I need!