OpenLDAP + Samba Domain on Ubuntu 7.10

[ca_grover]

I followed the How-To just fine, right through to step # 9, where it asks you to reboot your server and confirm you can still login. (http://www.howtoforge.com/openldap-s...-ubuntu7.10-p2)

So, what do you do when you can no longer login? Console login AND SSH login are both just hanging and/or timing out. (root just hangs, user account times out).

Short of using a live cd type thing (I'm using a virtual machine) and resetting everything, is there an easy way to fix things? I ran into NO issues at all in the previous steps.

Unfortunately I can't post the contents of any file to help - becasue I can't log in.

Tips are appreciated.

[ca_grover]

Got access, so can post any pertinent files/command output. (rebooted, went to the "recovery" kernel from the Grub menu... I'm trying to back out some of the more recent changes... But can still use some help here... Thanks.

[falko]

Quote:

Originally Posted by ca_grover

Got access, so can post any pertinent files/command output.

Are there any errors in your log files?

[ca_grover]

Nope. Nothing obvious in any of the log files (messages, syslogd, etc.).

I stepped back the last couple of changes and then tried to apply them again, thinking I may have messed up one of these steps. I'm getting the same behavior. Console login with root is hanging. SSH connections are being refused. console login with regular user is timing out/hanging.

I'm stumped. One one hand, I don't really need LDAP authentication to the server itself. On the otherhand, if that isn't working, it suggests setting up a workstation to authenticate against it will fail too. So.... Guess I'm off to learn about PAM.

[ca_grover]

Just for completeness, here's the only thing I'm seeing that could be indicative of issues:

[ 52.715964] Failure registering capabilities with primary security module.

- in the "dmesg" output.

I noticed as well that if I use the recovery kernel, I *can* login just fine without having to override anything. slapd is started. But, I'm not totally clear what the recovery kernel is setting up (yet), so suspect the LDAP authentications are not being used.

On a hunch, I checked if Open LDAP is starting when I use the normal kernel - nope. Well thar's the problem... now if I can just figure out why it starts with the recovery kernel, but not the normal kernel... sighs...

Found a thread on this - seems to be a bug with Ubuntu Gutsy:
https://bugs.launchpad.net/ubuntu/+s...ap/+bug/155947

[falko]

Quote:

Originally Posted by ca_grover

On a hunch, I checked if Open LDAP is starting when I use the normal kernel - nope. Well thar's the problem... now if I can just figure out why it starts with the recovery kernel, but not the normal kernel... sighs...

Do you get any errors when you start OpenLDAP manually?

[ca_grover]

No errors starting LDAP. The problem seems to be in the changes to the authentication files (i.e. /etc/pam.d/* and /etc/nsswitch.conf).

[falko]

Quote:

Originally Posted by ca_grover

Just for completeness, here's the only thing I'm seeing that could be indicative of issues:

[ 52.715964] Failure registering capabilities with primary security module.

- in the "dmesg" output.

Seems as if some other service is already listening on a port that the system is trying to bind to: http://ubuntuforums.org/showthread.php?t=604312

[alshira]

When i tried to join a Vista PC in domain show the following message:
The join operation was not successful. This could be because an existing computer account having name "name_of_machine" was previously created using a different set of credentials. Use a different computer name, or contact your administrator to remove any state conflict account. The error was: Access id Denied

Thanks for the help that you can bring me.
Edit/Delete Message

[alshira]

The problem was i didn't comment the line:
invalid users = root

in the /etc/samba/smb.conf