samba - smbclient unable to connect to localhost

Hello.

I have some problem, with a new configuration on a new PC.
I want to setup a SAMBA PDC using an HOWTO.
The configuration was working on 10.0 and I use the updated howto for 10.3 on a X64 processor.

kernel 2.6.22.18-0.2
Opensuse 10.3
Samba-3.0.26a-3.7

smbd daemon die shortly after starting.
( see in this forum : “Samba - Unable to connect - port 139 is not open” )

After uninstalling Samba and Ldap, I re-install last version and I delete all samba and ldap 32 bit libraries and softwares.

Now config is :

kernel 2.6.22.18-0.2 ( same )
samba-3.2.0-24
openldap2-2.3.41-1.1

Now samba is running.

LINUX-SRV: # chkconfig --list | egrep ‘(smb|nmb)’
nmb 0 off 1 off 2 off 3 on 4 off 5 on 6 off
smb 0 off 1 off 2 off 3 on 4 off 5 on 6 off
smbfs 0 off 1 off 2 off 3 on 4 off 5 on 6 off
LINUX-SRV: #

LINUX-SRV: # netstat -tdlupn |egrep ‘(137|138|139|445)’
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 3278/smbd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 3278/smbd
udp 0 0 192.168.169.200:137 0.0.0.0:* 2668/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 2668/nmbd
udp 0 0 192.168.169.200:138 0.0.0.0:* 2668/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 2668/nmbd
LINUX-SRV: #

LINUX-SRV: # nmap -p 1-65535 localhost
Starting Nmap 4.20 Nmap Free Security Scanner, Tools & Hacking resources at 2008-07-20 19:15 CEST
Interesting ports on localhost (127.0.0.1):
Not shown: 65526 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
901/tcp open samba-swat
Nmap finished: 1 IP address (1 host up) scanned in 4.679 seconds
LINUX-SRV: #

LINUX-SRV: # echo “bonjour” | telnet localhost 139
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
Connection closed by foreign host.
LINUX-SRV: #

But when I try to connect with smbclient, I get :

LINUX-SRV:~/bin # smbclient -L localhost -N
Receiving SMB: Server stopped responding
session setup failed: Call timed out: server did not respond after 20000 milliseconds
LINUX-SRV:~/bin # smbclient -L localhost -N

When I comment out this line in smb.conf :

passdb backend = ldapsam:ldap://127.0.0.1

I get :

LINUX-SRV:~/bin # smbclient -L localhost -N
Anonymous login successful
Domain=[HATHOR.NWK] OS=[Unix] Server=[Samba 3.2.0-24.1.123-1844-SUSE-SL10.3]

    Sharename       Type      Comment
    ---------       ----      -------
    print$          Disk      Printer Drivers
    publique        Disk      Répertoire publique de partage
    users           Disk      Repertoire Privé à chaque utilisateur
    groups          Disk      All groups
    echange         Disk      echange (Répertoire systeme partagé)
    make_cd         Disk      make cd  (Répertoire systeme partagé)
    photo           Disk      photo  (Répertoire systeme partagé)
    archive         Disk      archive  (Répertoire systeme partagé)
    backup          Disk      backup  (Répertoire systeme partagé)
    dos_data1       Disk      dos_echange  (Répertoire systeme partagé)
    dos_data2       Disk      data1  (Répertoire systeme partagé)
    IPC$            IPC       IPC Service (HATHOR Samba-LDAP PDC Server)
    LINUX-HL1250    Printer   HL1250 sur print-server netgear
    HL1250-DIRECT   Printer   HL1250 sur print server netgear

Connection to localhost failed (Error NT_STATUS_ACCESS_DENIED)
NetBIOS over TCP disabled – no workgroup available
LINUX-SRV:~/bin #

and smbd died.

Any help please.

Well that is not surprising, you don’t have a ldap server running.

Is there a reason you want to use ldap as the password database? Ldap is much more complicated to set up. If you only have a few users, it would be simpler to stick to the default smbpasswd text file database.

and smbd died.

Did you check the validity of your smb.conf file with testparm?

Hi.

Many times I used to follow an howto which use ldap in a SAMBA PDC config. I was using Suse 10.0 and never ran into problems.

Now for your first remark

Well that is not surprising, you don’t have a ldap server running.

Following the samba documentation, if the samba server is running, you should connect anonymously and localy.

This morning, as I was writing this, I make a new test and the good news is that it is working with no change since yesterday.

LINUX-SRV: # smbclient -L localhost -N
Anonymous login successful
Domain=[HATHOR.NWK] OS=[Unix] Server=[Samba 3.2.0-24.1.123-1844-SUSE-SL10.3]

    Sharename       Type      Comment
    ---------       ----      -------
    IPC$            IPC       IPC Service (HATHOR Samba-LDAP PDC Server)
    dos_data2       Disk      data1  (Répertoire systeme partagé)
    dos_data1       Disk      dos_echange  (Répertoire systeme partagé)
    backup          Disk      backup  (Répertoire systeme partagé)
    archive         Disk      archive  (Répertoire systeme partagé)
    photo           Disk      photo  (Répertoire systeme partagé)
    make_cd         Disk      make cd  (Répertoire systeme partagé)
    echange         Disk      echange (Répertoire systeme partagé)
    groups          Disk      All groups
    users           Disk      Repertoire Privé à chaque utilisateur
    publique        Disk      Répertoire publique de partage
    print$          Disk      Printer Drivers
    LINUX-HL1250    Printer   HL1250 sur print-server netgear
    HL1250-DIRECT   Printer   HL1250 sur print server netgear

Anonymous login successful
Domain=[HATHOR.NWK] OS=[Unix] Server=[Samba 3.2.0-24.1.123-1844-SUSE-SL10.3]

    Server               Comment
    ---------            -------
    LINUX-SRV            HATHOR Samba-LDAP PDC Server

    Workgroup            Master
    ---------            -------
    WORKGROUP            PC-JC
    HATHOR.NWK           LINUX-SRV

LINUX-SRV: #

Thank you for your time.

This post should be closed.

But you had specified LDAP as the passdb backend in smb.conf, and your netstat showed nothing listening on port 389 (LDAP) or port 636 (LDAPS). Which is why when you commented out that line you reverted to smbpasswd file backend.

You do know that a LDAP server is a different service from a Samba server?

This morning, as I was writing this, I make a new test and the good news is that it is working with no change since yesterday.

Well that’s not surprising either, since you are using smbpasswd file backend now.

To have authenticated logins, you need to run the smbpasswd program to set some passwords. The account names have to be the same as Linux accounts, but the password can be different.

Hi.

You are wright.
It is still not working with passdb backend set.

I don’t understand :
1°) It seems to be working with 10.1.

I am sure I make this test before ldap was running as specified in the HOWTO.

( see Howto setup SUSE 10.1 as Samba PDC - openSUSE )

2°) What does mean anonymous connexion
if “smbclient -L localhost -N” does not work

See SAMBA documentation :

You can force it to list the shares without a password by adding the option -N to the command line

In Chapter 1. How to Install and Test SAMBA

Does it mean just put a simplified smb.conf and test it ?

Well I can’t help you much with the LDAP for Samba side, I’ve only set up PDCs with smbpasswd backend. But since your LDAP server (slapd) is not running, perhaps you need to attend to that first.

Hi.

Unbelievable.

You can log anonymously only if ldap is configured and running.

Thank you for your help.