LDAP: can't get it work / smb error

  • Hi,


    today I tried without success to enable the ldap plugin. I'm on OMV 4.1.25 / LDAP 4.0.6.1.


    I entered the LDAP details (incl. the correct password, TLS on, and tried with and without PAM). After "apply" the system shows the error:


    Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; systemctl start 'smbd' 2>&1' with exit code '1': Job for smbd.service failed because the control process exited with error code. See "systemctl status smbd.service" and "journalctl -xe" for details.


    With SMB/CIFS disabled the LDAP can be enabled. But not SMB - same error. However I neither see users nor groups in the OMV account management from my ldap directory nor can I log-on with a user from the directory. So it looks like I can store the config but it does not work.


    I checked with a the softerra LDAP administrator from my windows machine if the ldap directory on my server is configured correctly. I can read but not change user data.


    Then I connected with ssh to my OMV server, installed the ldap-utils and tried the same with ldapsearch. I could see all the useres from my director. So the OMV also has acces to my server.


    No idea where to search nor what could be the error. Has someone got the ldap plugin to work?


    Thanks for any hints


    Thomas

    Stoneburner 2.1 in HyperV virtual machine on Hp Microserver Gen8 (i3-3220T 16GB)

  • I have this problem too, from console


    Error: Can't contact LDAP server
    Mar 07 08:27:26 tank smbd[13672]: Error in the pull function.


    Mar 07 08:27:42 tank smbd[13672]: [2020/03/07 08:27:42.332696, 0] ../so
    urce3/passdb/pdb_ldap.c:6540(pdb_ldapsam_init_common)
    Mar 07 08:27:42 tank smbd[13672]: pdb_init_ldapsam: WARNING: Could not
    get domain info, nor add one to the domain. We cannot work reliably without it.


    Mar 07 08:27:42 tank smbd[13672]: [2020/03/07 08:27:42.332801, 0] ../so
    urce3/passdb/pdb_interface.c:180(make_pdb_method_name)
    Mar 07 08:27:42 tank smbd[13672]: pdb backend ldapsam:ldaps://192.168.
    0.250:389 did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)

    • Offizieller Beitrag

    The ldap plugin is very old and not well maintained any more. Many of us gave up on it years ago. There are many threads about it. For some reason searching for ldap does not return anything. "Active directory" same thing. Maybe try google instead. Look at these to get some ideas.


    Active Directory / LDAP Revisited


    <a href="https://forum.openmediavault.org/index.php/Thread/23465-Guide-to-OMV-4-Active-Directory-Integration/?postID=230683#post230683">Guide to OMV 4 Active Directory Integration</a>

    If you make it idiot proof, somebody will build a better idiot.

    Einmal editiert, zuletzt von donh ()

  • I tried several times too and digged further into it with ldapsearch. I think the plugin does not work since the fields creacted in ldap.conf are not complete nor correct in particular when trying to bind to a TLS enabled ldap service. I can get some information when I use as root in shell ldapsearch but only if I bind as anonymous. However it does not solve my issues in my configuration since I need TLS to connect to the ldap server on another VM for autentication.


    There is atleast one thing missing in the plug-in front-end: the ability to select a certificate (similar like in the ftp plugin). This would allow to link the ldap pulgin to the imported certificate which is used by the LDAP server.


    Hope this feature request / bug will get some attention.


    A full OpenLdap Server plugin would be a great add-on for OMV (may be something on the list for OMV5)

    Stoneburner 2.1 in HyperV virtual machine on Hp Microserver Gen8 (i3-3220T 16GB)

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!