Hi Guys, I got to this step, and now I'm really stuck, what did I miss, or what did I do wrong, please help me, I'm a linux n00b, and I'm very thankful that I found an LDAP solution, just need some help here is what I'm inputing, and the error I'm getting :~# smbldap-useradd -a -m -M test -c "TEST MAN" test Error looking for next uid at /usr/share/perl5/smbldap_tools.pm line 1044.
Super n00b at this I read it, but I dont kow how to fix it, I'm a huge n00b, can you plez give some more guidence
Hi, please give me some information about your smbldap-tools configuration. cat /etc/smbldap-tools/smbldap_bind.conf and cat /etc/smbldap-tools/smbldap.conf Be sure that you put the samba.schema in the right place and configured the slapd.conf & smb.conf properly. Best regards, Olli
The configurations I'm using the configurations from the this link: http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.10 and this is what I'm stuck on the 8th step, which is on the second page of the guid: http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.10 I have followed the guid to the dot. So what I'm I doing wrong.....
Please paste the output of cat /etc/smbldap-tools/smbldap.conf here. I think there's an error in your configuration or it's not complete. Best regards, Olli
Hi oalkatib, I found some errors in your configuration. Please use the following configuration. Replace %your_sid% with the SID from your system (getlocalsid) and %samba_netbios_name% with the netbios name that you configured in samba configuration file (/etc/samba/smb.conf): Code: SID="%your_sid%" sambaDomain="EXAMPLE" ldapTLS="0" suffix="dc=example,dc=local" usersdn="ou=Users,${suffix}" computersdn="ou=Computers,${suffix}" groupsdn="ou=Groups,${suffix}" idmapdn="ou=Idmap,${suffix}" sambaUnixIdPooldn="sambaDomainName=EXAMPLE,${suffix}" scope="sub" hash_encrypt="SSHA" userLoginShell="/bin/bash" userHome="/home/%U" userHomeDirectoryMode="700" userGecos="System User" defaultUserGid="513" defaultComputerGid="515" skeletonDir="/etc/skel" defaultMaxPasswordAge="45" userSmbHome="\\%samba_netbios_name%\%U" userProfile="\\%samba_netbios_name%\profiles\%U" userHomeDrive="H:" userScript="logon.bat" mailDomain="example.local" smbpasswd="/usr/bin/smbpasswd" slappasswd="/usr/sbin/slappasswd"
Ok so, just completly replace the cfg file, with the one you pased, awsome. THANK YOU!!, I'm going to try it once I get back home
Step 13: Add a workstation account to LDAP Hi Fellows: I follow every step from this howto: OpenLDAP + Samba Domain Controller On Ubuntu 7.10 My work stations is configured just like said the howto, its have the ldap-server IP for DNS. But when i try to connect a workstation to the server, its doesn't work I got this message: DNS query refused: And domain server can't found it. Any Help !!! thanks in advance
netbios name I cant seem to find the netbios name in the samba.cfg file, here is what I have in the file:
Oalkatib, add the following line to the section [global]: Code: netbiosname = PDC-SRV-EXAMPLE Btw, most parts of your smb.conf are misconfigured - please follow the steps in the howto exact. I haven't tested the howto - so I hope the author did a good job The best solution would be to to start at the scratch on a fresh system. Best regards, Olli
yes, thats what I have done is followed the guid, and did start from scratch, the guide doesnt give you the complet cfg files, it only tells you to change some lines in the file
There are again errors in your smbldap.conf - have a look at "userSmbHome" and "userProfile". Re-populate your LDAP directory with the new configuration before you try to add a user - otherwise it won't work. Because the usage of the smbldap-tools goes hand in hand with the samba schema and the LDAP server configuration there can be additionally errors - please paste the output of the following commands: Code: ls /etc/ldap/schema/ Code: cat /etc/ldap/slapd.conf | grep ^include Code: cat /etc/ldap/slapd.conf | grep ^root Code: cat /etc/ldap/slapd.conf | grep ^index Code: cat /etc/ldap/slapd.conf | grep ^access Best regards, Olli
i had the exact problem sudo smbldap-populate -u 30000 -g 30000 produces some out put with alternating "adding..." then "failed to add..." and ending with: "Please provide a password for the domain root: /usr/sbin/smbldap-passwd: user root doesn't exist" "ls /etc/ldap/schema" produces: corba.schema cosine.schema java.schema openldap.ldif README core.ldif dyngroup.schema misc.schema openldap.schema samba.schema core.schema inetorgperson.schema nis.schema ppolicy.schema "sudo cat /etc/ldap/slapd.conf | grep ^include" produces: include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema include /etc/ldap/schema/misc.schema "sudo cat /etc/ldap/slapd.conf | grep ^root" produces: no result/nothing "sudo cat /etc/ldap/slapd.conf | grep ^index" produces: index objectClass eq "sudo cat /etc/ldap/slapd.conf | grep ^access" produces: access to atts=userPassword,sambaNTPassword,sambaLMPassword,shadowLastChane access to dn.base="" by * read access to *
Hi nyasaland, please use the configuration for the smbldap-tools (smbldap.conf) that I posted further up. After that open the slapd.conf - search for this line, comment it out and edit it that it fits to your domain: Code: # rootdn "cn=admin,dc=example,dc=com" Insert the following line straight below (you have to insert your encrypted LDAP admin password - inclusive the leading {SSH2}): Code: rootpw %encrypted_ldap_admin_password% Note: slappasswd -s %ldap_admin_password% will return the password in encrypted form (SSH2). Now search the following line: Code: # Indexing options for database #1 Remove the line straight below ... Code: index objectClass eq ... and insert the following lines: Code: index objectClass,uidNumber,gidNumber eq index cn,sn,uid,displayName pres,sub,eq index memberUid,mail,givenname eq,subinitial index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq index zoneName,relativeDomainName eq index dhcpHWAddress,dhcpClassData eq Now search the line that begins with "access to attrs" - in your case: Code: access to atts=userPassword,sambaNTPassword,sambaLMPassword, shadowLastChane Replace the line with: Code: access to attrs=userPassword,sambaLMPassword,sambaNTPassword Now restart the LDAP server... /etc/init.d/slapd restart ... and populate your LDAP directory. smbldap-populate -m512 -a administrator Note: This will also create an account for the domain-administrator with the username "administrator". Best regards, Olli
Thanks alot for the quick responses Olli, I got swamped with other projects, and skool, and I wasnt able to resume work on LDAP until now, i'm still stuck at the same point, please guide, I tried to provide the output for each othe commands you provided Thanks!
Hi oalkatib, sorry, but I have not the time to test this setup. Please have a look at my MDS-howto -> http://www.howtoforge.com/mandriva-directory-server-on-debian-etch. It works well - if you follow the howto line by line you won't get problems. Best regards, Olli