Samba Vs LDAP – Can I See LDAP Logs, Please?

Home » CentOS » Samba Vs LDAP – Can I See LDAP Logs, Please?
CentOS 5 Comments

Hi,

I’m setting up Samba to authenticate against an LDAP Server. I have the basic setup running but authentication fails. I’m 95% sure that the LDAP
config is still wrong but the guy I’m setting this up for doesn’t really come up with the proper info.

I have set log level = 5 and get tons of irrelevant info. What I’d like to see is the LDAP queries that the samba server issues. But I have no idea which magic switch will make this happen.

My google-fu seems to be bad today, too as I cannot find any relevant info either.

Help!

-dirk

5 thoughts on - Samba Vs LDAP – Can I See LDAP Logs, Please?

  • Thanks for your help. Unfortunately, the LDAP server does not run on the same machine – hence no slapd debugging as described in the blog post :-(

    Since samba issues LDAP queries itself I was hoping to make samba itself log those queries …

    -dirk

  • can you ask the LDAP server admin if they will kick on some detail logging while you’re testing, and forward you the filtered logs ?

    or, albeit a bit more work, use Wireshark to sniff the LDAP protocol and analyze it. this will require you to learn something about how LDAP
    works at the lowest level, but should be about as enlightening as it gets :)

  • Hello,

    what kind of LDAP server (389-DS, openLDAP)? Few months ago I tried to configure Samba to authenticate against 389-DS. I found out, that Samba does not read the ‘password’ value, but ‘sambaNTPassword’.

    It was Samba 3, maybe it’s changed in Samba 4.

    Regards,

  • its certainly true that Windows passwords are hashed completely differently than most sha5 /etc/shadow sort of passwords, such that you couldn’t use one for the other, you had to set them both.