Steps to reproduce $ cd samba-3.0.25b/source $ LDFLAGS="-L/usr/lib/" CFLAGS="-I/usr/include -L/usr/lib" ./configure --enable-developer --enable-debug --with-syslog --prefix=/usr/local --enable-socket-wrapper --with-pam_smbpass -with-acl-support --with-winbind --with-pam --with-ldap --with-configdir=/usr/local/etc/samba --mandir=/usr/local/man --with-pammodulesdir=/usr/lib/security $ make pam_smbpass $ ldd bin/pam_smbpass.so | grep ldap libldap.so.5 => /usr/lib/libldap.so.5 <------- Solaris ldap Lib $ make test_pam_modules dlopen() of "./bin/pam_smbpass.so" failed: ld.so.1: dlopen: fatal: relocation error: file ././bin/pam_smbpass.so: symbol ldap_start_tls_s: referenced symbol not found I think I located the line at lib/smbldap.c:526 if ((rc = ldap_start_tls_s (ldap_struct, NULL, NULL)) != LDAP_SUCCESS) { but I have noidea how to fix it ;) This is a Solaris 10 box. Whole reason for linking to the Solaris LDAP libs instead of the OpenLDAP libs is because passwd is linked to the Solaris Libs when when it calls pam_smbpass it segfaults because its mixing OpenLDAP and Solaris LDAP libs.
You must have ldap ssl = on in the smb.conf too, or ldaps://
this is a known thing that ssl is not working with the solaris ldap libs. the solaris libs do ssl differently from openldap and no one adopted the code for solaris yet. If you use ldap ssl = off, does that work?
Yeah the solaris ldap libs work fine as long as ldap ssl = off.
actually a dup where we have a proposed patch... *** This bug has been marked as a duplicate of 3504 ***