Samba PDC with LDAP backend

Ruel Luchavez ruel.freebsd at gmail.com
Mon Jul 20 09:34:36 UTC 2009 

On Mon, Jul 20, 2009 at 5:10 PM, Ruel Luchavez <ruel.freebsd at gmail.com>wrote:

>
>
> On Mon, Jul 20, 2009 at 4:55 PM, Polytropon <freebsd at edvax.de> wrote:
>
>> On Mon, 20 Jul 2009 16:50:48 +0800, Ruel Luchavez <ruel.freebsd at gmail.com>
>> wrote:
>> > On Mon, Jul 20, 2009 at 4:35 PM, Olivier Nicole <on at cs.ait.ac.th>
>> wrote:
>> > > > I know this is running
>> > > >  >>slapd_flags='-h \"ldapi://%2fvar%2frun%2fopenldap%2fldapi/
>> > > > ldap://0.0.0.0/ ldap://127.0.0.1/\"'
>> > > >
>> > > > as is issue a command ps -aux | grep slap, hers whats the box give
>> to me
>> > > > #ps -aux | grep slap
>> > > > ldap   1273  0.0  6.6 341992  7816  ??  Is    4:17PM   0:00.14
>> > > > /usr/local/libexec/slapd -h ldapi://%2fvar%2frun%2fopenldap%2fldapi/
>> > > > ldaps://127.0.0.1/ ldap://192.168.5.200/ -u l
>> > >
>> > > I see no ldaps:// in the command, but one in the ps, that is strange!
>> > >
>> > > Olivier
>> > >
>> >
>> > Hey....
>> > What do you mean you dont see no ldaps://
>>
>>
>> slapd_flags:
>>        f1 = ldapi://%2fvar%2frun%2fopenldap%2fldapi/
>>        f2 = ldap://0.0.0.0/
>>        f3 = ldap://127.0.0.1/
>>
>> ps output:
>>        p1 = ldapi://%2fvar%2frun%2fopenldap%2fldapi/
>>        p2 = ldaps://127.0.0.1/
>>        p3 = ldap://192.168.5.200/
>>
>> Compage f3 to p2: ldap://127.0.0.1/ vs. ldaps://127.0.0.1/
>>
>>
>> --
>> Polytropon
>> From Magdeburg, Germany
>> Happy FreeBSD user since 4.0
>> Andra moi ennepe, Mousa, ...
>>
>
> Thanks Polytropon
>
> I get the point..
>
> Hmmmm...where did i mess up...
> I'll try to triple check all the config..
>
>
>
>
> --
> rHueL
> FreeBSD user since 6.0
> Happy BSD use...
> Country:Philippines
> Zip Code:8000
>

Hey guys...

There is an improvement...
this is my current /etc/rc.conf

slapd_enable=YES
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/
ldap://127.0.0.1/ldap://
192.168.5.200/"'
slapd_sockets="/var/run/openldap/ldapi"

samba_enable="YES"
winbindd_enable="YES"
cupsd_enable="YES"
################################################################################

and this is the output of ps -aux | grep slap

#ps -aux | grep slap
ldap   1667  0.0  6.7 345832  7936  ??  Ss    5:24PM   0:01.18
/usr/local/libexec/slapd -h ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://
127.0.0.1/ ldap://192.168.5.200/ -u ld

root   1794  0.0  0.2   388   268  p0  R+    5:32PM   0:00.00 grep slap

Well regarding what Oliver said "I see no ldaps:// in the command, but one
in the ps, that is strange!"
I think it is solve now! Am I right?

Then I populate the database, unfortunate there another error and I can't
understand the code in smbldap_tools.pm! Her's the output of the box

#smbldap-populate -u 10000 -g 10000 -r 10000
Populating LDAP directory for domain MYDOMAIN
(S-1-5-21-2772587264-3389604304-3649373591)
(using builtin directory structure)

adding new entry: dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <DATA> line 466.
adding new entry: ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 12.
adding new entry: ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 17.
adding new entry: ou=Computers,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 22.
adding new entry: ou=Idmap,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 27.
adding new entry: uid=root,ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 58.
adding new entry: uid=nobody,ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 89.
adding new entry: cn=Domain Admins,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 101.
adding new entry: cn=Domain Users,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 112.
adding new entry: cn=Domain Guests,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 123.
adding new entry: cn=Domain Computers,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 134.
adding new entry: cn=Administrators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 179.
adding new entry: cn=Account Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 201.
adding new entry: cn=Print Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 212.
adding new entry: cn=Backup Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 223.
adding new entry: cn=Replicators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 234.
adding new entry: sambaDomainName=MYDOMAIN,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 242.

Please provide a password for the domain root:
No such object at /usr/local/lib/perl5/site_perl/5.8.9/smbldap_tools.pm line
406, <DATA> line 466.

# return (success, dn ) <<------and this is the line at 466 of
smbldap_tools.pm

What does it mean??
I can't type the password for the domain root cause it ends up there...

You guys are great...FreeBSD Rock

Thanks...
-- 
rHueL
FreeBSD user since 6.0
Happy BSD use...
Country:Philippines
Zip Code:8000

More information about the freebsd-questions mailing list