Same problem of the second example of bug:2509 that is marked as fixed. I'm using Samba 3.0.21b ,usrmgr.exe on a win 2k pro ,smbldaptools ,using "enable privileges" and have the same errors on logs (smbldap_open: cannot access LDAP when not root) trying to add an user to a group using usmgr . See bug 2509 for more info .
Please attached a compressed level 10 debug log from smbd illustrating the error.
Created attachment 1764 [details] samba log during the "add user to group" operation The log is taken during an operation from the usrmgr : - open usrmgr - double click on any group - try to ad a new user to that group. to note that selecting a new group from the user's properties works : - open usrmgr - double click on any user - select the "Groups" botton - add new groups to which the user belong - new membership effective
I had the same problem. I solved it by changing the user account accessing my OpenLDAP tree. I used to use a special samba account, which apparently 'lost' it's credential (maybe I need to change some 'access to attr' in my slapd.conf). When I changed to the Manager account all these errors dissapeared. Here is a snip of my smb.conf: #ldap admin dn = cn=samba,ou=DSA,dc=brenntag,dc=com (had the error mentioned here) ldap admin dn = cn=Manager,dc=brenntag,dc=com (works) I discoverd the problem when a normal user tried to change his password. Hope this helps out a bit :-)
Looks like the same error appears if a user tries to change his password via net command or from windows (ctrl+alt+del) on samba 3.0.21b or 3.0.21c
Setting target milestone to ensure that this gets reviewed before 3.0.23-final
please retest against 3.0.23pre1. I cannot reproduce any failures. Also, the posted log file does not continue the full conversation.