Date: Mon, 20 Jul 2009 11:56:44 +0200
From: "Johan Hendriks" <Johan@double-l.nl>
To: "Ruel Luchavez" <ruel.freebsd@gmail.com>
Cc: freebsd-questions@freebsd.org
Subject: RE: {Disarmed} Re: Samba PDC with LDAP backend
Message-ID: <57200BF94E69E54880C9BB1AF714BBCB5DEA73@w2003s01.double-l.local>
References: <ee9dc2b40907171829r5afbc885u1f84b2054ff4f5e5@mail.gmail.com> <ee9dc2b40907172153h674fe2a9ua2a33be3d6054086@mail.gmail.com> <20090719112802.GA77843@ei.bzerk.org> <ee9dc2b40907192237x3c65b9cy11ce9ba5f8687891@mail.gmail.com> <57200BF94E69E54880C9BB1AF714BBCB5DEA71@w2003s01.double-l.local> <ee9dc2b40907200122v62cc58d2jea0e59e9263f23f5@mail.gmail.com> <200907200835.n6K8ZZ7D001753@banyan.cs.ait.ac.th> <ee9dc2b40907200150q3b27bf75g92ab559b20e3e56@mail.gmail.com> <20090720105553.a665479b.freebsd@edvax.de> <ee9dc2b40907200210v6ff60c84va89149072bcef8a4@mail.gmail.com> <ee9dc2b40907200234v450bc3e9w69b949420b653f29@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
There is an improvement... this is my current /etc/rc.conf slapd_enable=3DYES slapd_flags=3D'-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://MailScanner warning: numerical links are often malicious: 127.0.0.1/ <http://127.0.0.1/>; ldap://MailScanner warning: numerical links are often malicious: 192.168.5.200/ <http://192.168.5.200/>; "' slapd_sockets=3D"/var/run/openldap/ldapi" samba_enable=3D"YES" winbindd_enable=3D"YES" cupsd_enable=3D"YES" ######################################################################## ######## and this is the output of ps -aux | grep slap #ps -aux | grep slap ldap 1667 0.0 6.7 345832 7936 ?? Ss 5:24PM 0:01.18 /usr/local/libexec/slapd -h ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://MailScanner warning: numerical links are often malicious: 127.0.0.1/ <http://127.0.0.1/>; ldap://MailScanner warning: numerical links are often malicious: 192.168.5.200/ <http://192.168.5.200/>; -u ld root 1794 0.0 0.2 388 268 p0 R+ 5:32PM 0:00.00 grep slap Well regarding what Oliver said "I see no ldaps:// in the command, but one in the ps, that is strange!" I think it is solve now! Am I right? Then I populate the database, unfortunate there another error and I can't understand the code in smbldap_tools.pm! Her's the output of the box #smbldap-populate -u 10000 -g 10000 -r 10000 Populating LDAP directory for domain MYDOMAIN (S-1-5-21-2772587264-3389604304-3649373591) (using builtin directory structure) adding new entry: dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <DATA> line 466. adding new entry: ou=3DPeople,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 12. adding new entry: ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 17. adding new entry: ou=3DComputers,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 22. adding new entry: ou=3DIdmap,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 27. adding new entry: uid=3Droot,ou=3DPeople,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 58. adding new entry: uid=3Dnobody,ou=3DPeople,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 89. adding new entry: cn=3DDomain = Admins,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 101. adding new entry: cn=3DDomain Users,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 112. adding new entry: cn=3DDomain = Guests,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 123. adding new entry: cn=3DDomain = Computers,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 134. adding new entry: = cn=3DAdministrators,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 179. adding new entry: cn=3DAccount = Operators,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 201. adding new entry: cn=3DPrint = Operators,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 212. adding new entry: cn=3DBackup = Operators,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 223. adding new entry: cn=3DReplicators,ou=3DGroups,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 234. adding new entry: sambaDomainName=3DMYDOMAIN,dc=3Dmydomain,dc=3Dlocal failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-populate line 498, <GEN1> line 242. Please provide a password for the domain root: No such object at /usr/local/lib/perl5/site_perl/5.8.9/smbldap_tools.pm line 406, <DATA> line 466. # return (success, dn ) <<------and this is the line at 466 of smbldap_tools.pm What does it mean?? I can't type the password for the domain root cause it ends up there... You guys are great...FreeBSD Rock Thanks... --=20 rHueL FreeBSD user since 6.0 Happy BSD use... Country:Philippines Zip Code:8000 =20 =20 Ok did you do these steps of my howto. Configuration Prepare the openldap config file (/usr/local/etc/openldap/slapd.conf) First we need to create a password for the openldap server # slappasswd -s very-secure-password=20 {SSHA}2pCGrVMhMh3cC+LakUXApebb9jwICf5e Copy the {SSHA} line to your slapd.conf file ofter the rootpw line ####################################################################### # BDB database definitions ####################################################################### =20 database bdb suffix "dc=3Dsmbdomain,dc=3Dlocal" rootdn "cn=3DManager,dc=3Dsmbdomain,dc=3Dlocal" #rootpw =3D very-secure-password rootpw {SSHA}2pCGrVMhMh3cC+LakUXApebb9jwICf5e =20 directory /usr/local/var/db/openldap-data =20 Also make sure you have that password (plain text very-secure-password) in your /usr/local/etc/smbldap-tools/smbldap_bind.conf file Regards, Johan Hendriks Sylhouette =20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57200BF94E69E54880C9BB1AF714BBCB5DEA73>