{Disarmed} Re: Samba PDC with LDAP backend
Johan Hendriks
Johan at double-l.nl
Mon Jul 20 09:56:51 UTC 2009
There is an improvement...
this is my current /etc/rc.conf
slapd_enable=YES
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/
ldap://MailScanner warning: numerical links are often malicious:
127.0.0.1/ <http://127.0.0.1/> ldap://MailScanner warning: numerical
links are often malicious: 192.168.5.200/ <http://192.168.5.200/> "'
slapd_sockets="/var/run/openldap/ldapi"
samba_enable="YES"
winbindd_enable="YES"
cupsd_enable="YES"
########################################################################
########
and this is the output of ps -aux | grep slap
#ps -aux | grep slap
ldap 1667 0.0 6.7 345832 7936 ?? Ss 5:24PM 0:01.18
/usr/local/libexec/slapd -h ldapi://%2fvar%2frun%2fopenldap%2fldapi/
ldap://MailScanner warning: numerical links are often malicious:
127.0.0.1/ <http://127.0.0.1/> ldap://MailScanner warning: numerical
links are often malicious: 192.168.5.200/ <http://192.168.5.200/> -u ld
root 1794 0.0 0.2 388 268 p0 R+ 5:32PM 0:00.00 grep slap
Well regarding what Oliver said "I see no ldaps:// in the command, but
one in the ps, that is strange!"
I think it is solve now! Am I right?
Then I populate the database, unfortunate there another error and I
can't understand the code in smbldap_tools.pm! Her's the output of the
box
#smbldap-populate -u 10000 -g 10000 -r 10000
Populating LDAP directory for domain MYDOMAIN
(S-1-5-21-2772587264-3389604304-3649373591)
(using builtin directory structure)
adding new entry: dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <DATA> line 466.
adding new entry: ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 12.
adding new entry: ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 17.
adding new entry: ou=Computers,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 22.
adding new entry: ou=Idmap,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 27.
adding new entry: uid=root,ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 58.
adding new entry: uid=nobody,ou=People,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 89.
adding new entry: cn=Domain Admins,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 101.
adding new entry: cn=Domain Users,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 112.
adding new entry: cn=Domain Guests,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 123.
adding new entry: cn=Domain Computers,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 134.
adding new entry: cn=Administrators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 179.
adding new entry: cn=Account Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 201.
adding new entry: cn=Print Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 212.
adding new entry: cn=Backup Operators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 223.
adding new entry: cn=Replicators,ou=Groups,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 234.
adding new entry: sambaDomainName=MYDOMAIN,dc=mydomain,dc=local
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate line 498, <GEN1> line 242.
Please provide a password for the domain root:
No such object at /usr/local/lib/perl5/site_perl/5.8.9/smbldap_tools.pm
line 406, <DATA> line 466.
# return (success, dn ) <<------and this is the line at 466 of
smbldap_tools.pm
What does it mean??
I can't type the password for the domain root cause it ends up there...
You guys are great...FreeBSD Rock
Thanks...
--
rHueL
FreeBSD user since 6.0
Happy BSD use...
Country:Philippines
Zip Code:8000
Ok did you do these steps of my howto.
Configuration
Prepare the openldap config file (/usr/local/etc/openldap/slapd.conf)
First we need to create a password for the openldap server
# slappasswd -s very-secure-password
{SSHA}2pCGrVMhMh3cC+LakUXApebb9jwICf5e
Copy the {SSHA} line to your slapd.conf file ofter the rootpw line
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=smbdomain,dc=local"
rootdn "cn=Manager,dc=smbdomain,dc=local"
#rootpw = very-secure-password
rootpw {SSHA}2pCGrVMhMh3cC+LakUXApebb9jwICf5e
directory /usr/local/var/db/openldap-data
Also make sure you have that password (plain text very-secure-password)
in your /usr/local/etc/smbldap-tools/smbldap_bind.conf file
Regards,
Johan Hendriks
Sylhouette
More information about the freebsd-questions
mailing list