2008-09-08 04:45 PM
I *think* this is a supposedly supported and possible configuration, however it does not work in my tests.
Where To: Get a mac client to mount a SAMBA share from a NetApp Filer, which is using LDAP for user authentication
Setup a LDAP server with at least 1 posixAccount user object. -- DONE
Setup the Simulator with LDAP using options.ldap settings and editing /etc/nsswitch.conf -- DONE
Perform cifs setup and configure to use LDAP (#4 in the cifs setup) -- DONE
Verify on the console that LDAP lookups can be performed (using the getXXbyYY getpwbyname_r <username>) command. -- DONE
Verify CIFS authentication from a CIFS client -- NOT DONE. NO WORK.
I am stuck at #5. Even with cifs trace logins on and ldap server logs revved up, when I attempt a CIFS authentication from my mac, nothing happens. No log entries in the LDAP server and no message on the filer console.
Any thoughts ?
2008-09-08 05:25 PM
Just to confirm - What method are you attempting to connect from your mac client?
As a way to test this, I could fire up my filer at home (or my simulator just as well) and connect it to my mbp.
Ideally, I'd like to replicate your scenario as closely as possible in order to watch it fail or succeed respectively.
2008-09-09 06:58 AM
Well..with LDAP authentication, wcc does not put out any output since it is not joined into any domain. There is no windows domain to join.
The qtree security style is mixed. (I even tried ntfs).
2008-09-11 04:02 PM
This appears to be a Apple-NTAP specific issue. Because I got this setup to work with a Windows system.
In Mac OS X case, the LDAP request is never made. The communication breakdown occurs (looks like) between mac os x and NTAP.
(I tested this with the new version of simulator 7.3 and still the same result)
It would be wonderful if some of the CIFS folks can chime in here..
2010-01-29 04:27 AM
I am having trouble implementing the mapping windows user when the storage system is integrated with a UNIX LDAP.
Could you send me your configuration file usermap.cfg?.
Thanks in advance.
2010-02-09 03:40 PM
I am having exactly the same problem stuck at #5, except that I do get a password rejected message on
the filer console:
auth: login from xxxxxxxx is rejected because the filer encountered an error while processing the password provided
by the user: user password rejected.
One other thing I have read is that the filer doesn't support md5 hashing. How can this get disabled in the ldap
Does the command getXXbyYY returns the type of hasing being used in the ldap server?
I mean is if the line pw_passwd returned by the command.