I followed the How-To just fine, right through to step # 9, where it asks you to reboot your server and confirm you can still login. (http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.10-p2) So, what do you do when you can no longer login? Console login AND SSH login are both just hanging and/or timing out. (root just hangs, user account times out). Short of using a live cd type thing (I'm using a virtual machine) and resetting everything, is there an easy way to fix things? I ran into NO issues at all in the previous steps. Unfortunately I can't post the contents of any file to help - becasue I can't log in. Tips are appreciated.
Got access, so can post any pertinent files/command output. (rebooted, went to the "recovery" kernel from the Grub menu... I'm trying to back out some of the more recent changes... But can still use some help here... Thanks.
Nope. Nothing obvious in any of the log files (messages, syslogd, etc.). I stepped back the last couple of changes and then tried to apply them again, thinking I may have messed up one of these steps. I'm getting the same behavior. Console login with root is hanging. SSH connections are being refused. console login with regular user is timing out/hanging. I'm stumped. One one hand, I don't really need LDAP authentication to the server itself. On the otherhand, if that isn't working, it suggests setting up a workstation to authenticate against it will fail too. So.... Guess I'm off to learn about PAM.
Just for completeness, here's the only thing I'm seeing that could be indicative of issues: [ 52.715964] Failure registering capabilities with primary security module. - in the "dmesg" output. I noticed as well that if I use the recovery kernel, I *can* login just fine without having to override anything. slapd is started. But, I'm not totally clear what the recovery kernel is setting up (yet), so suspect the LDAP authentications are not being used. On a hunch, I checked if Open LDAP is starting when I use the normal kernel - nope. Well thar's the problem... now if I can just figure out why it starts with the recovery kernel, but not the normal kernel... sighs... Found a thread on this - seems to be a bug with Ubuntu Gutsy: https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/155947
No errors starting LDAP. The problem seems to be in the changes to the authentication files (i.e. /etc/pam.d/* and /etc/nsswitch.conf).
Seems as if some other service is already listening on a port that the system is trying to bind to: http://ubuntuforums.org/showthread.php?t=604312
Vista login in domain When i tried to join a Vista PC in domain show the following message: The join operation was not successful. This could be because an existing computer account having name "name_of_machine" was previously created using a different set of credentials. Use a different computer name, or contact your administrator to remove any state conflict account. The error was: Access id Denied Thanks for the help that you can bring me. Edit/Delete Message
Step 11: Configure our primary DNS Zone using WebMin I am trying to do my first installation of an LDAP server according to the 'Howto' at Step 11: Configure our primary DNS Zone using WebMin and when I get to that part of the instructions Click "Apply Changes" button, I get an error message as shown in the attached image. I have followed the instructions but made the following changes : - The server installation (as assumed on page 1) was done in accordance with the The Perfect Server - Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server) I used 8.04 (Hardy Heron) instead of using 7.10 (Gutsy Gibbon) I used webmin_1.420_all.deb instead of webmin_1.380_all.deb I thought I was doing so well and I did not receive any error messages before that stage. Can anyone assist? Hello, I entered the following commands and my problem was solved : - /etc/init.d/bind9 stop /etc/init.d/sysklogd restart /etc/init.d/bind9 start I got to the next stage. Thanks!
Step 14: Configure your Windows XP Professional Client Now I'm getting this error message when I try to add a computer to the Domain as per Step 14: Configure your Windows XP Professional Client when it should say "Welcome to the example domain." : -
RE: Step 14: Configure your Windows XP Professional Client the answer for your question: Step 14: Configure your Windows XP Professional Client Now I'm getting this error message when I try to add a computer to the Domain as per Step 14: Configure your Windows XP Professional Client when it should say "Welcome to the example domain." : - 14th June 2008 05:42 In the smb.conf you must change the vales: workgroup = EXAMPLE # Begin: Custom LDAP Entries # ldap admin dn = cn=admin,dc=example,dc=local ldap suffix = dc=example, dc=local to your names domain.
Step 8: Add an LDAP user to the system I decided to start again! This time I got to Step 8: Add an LDAP user to the system! I got the below error message : - Code: root@server1:/etc/smbldap-tools# smbldap-useradd -a -m -M ricky -c "Richard M" ricky Could not find base dn, to get next uidNumber at /usr/share/perl5/smbldap_tools.pm line 1073. What went wrong this time?? It will suffice to say the installation has stopped (well I've decided not to go any further) until I have obtained a solution. On this occasion I decided to install with no 'previous' server installations. I followed the installation instructions but used Ubuntu 8.04 (Hardy Heron). Thanks in advance.
Re Step 8: Add an LDAP user to the system In the example above I have edited the smbldap.conf file as follows : - Code: # Where to store next uidNumber and gidNumber available for new users and groups # If not defined, entries are stored in sambaDomainName object. # Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}" # Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}" sambaUnixIdPooldn="[B][I]sambaDomainName=EXAMPLE,${suffix}[/I][/B]" When I edit it as below : - Code: # Where to store next uidNumber and gidNumber available for new users and groups # If not defined, entries are stored in sambaDomainName object. # Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}" # Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}" sambaUnixIdPooldn="[B][I]sambaDomainName=[COLOR="Red"]$[/COLOR]EXAMPLE,${suffix}[/I][/B]" I got this error message : - Code: root@niro1:/etc/smbldap-tools# smbldap-useradd -a -m -M ricky -c "Richard M" ricky Error looking for next uid in sambaDomainName=$EXAMPLE,dc=EXAMPLE,dc=local:No such object at /usr/share/perl5/smbldap_tools.pm line 1071. So I'm getting an error message with or without the $. There is no $ in the 'Howto' but the smbldap.conf file defaults to a $ before the Domain prior to editing it.
i too have the same problem once in a while and usually cant find out what caused the problem. i use fedora and FDS, and have sucessfully installed a complete pdc and gotten passed this step, but cant for the life of me find a solid answer. sometimes defining the indexes uidNumber and gidNumber in the database will work, but if they have been defined already i get stuck
i ended up switching to centos and using centos-ds (which is basically the same thing as fedora-ds) and it works alot better. i also do the following Import NextFreeUserId ldif dn: cn=NextFreeUnixId,dc=example,dc=com objectClass: inetOrgPerson objectClass: sambaUnixIdPool uidNumber: 1000 gidNumber: 1000 cn: NextFreeUnixId sn: NextFreeUnixId ldapadd -x -c -D 'cn=Directory Manager' -W -f /tmp/nextusrid.ldif Enter LDAP Password: and no longer have the described problem anymore
Trouble with getting XP to join Domain.. I've been trying to follow this http://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.10-p Tutorial on and off for the past 2 months. I work in a school and as we have run out of CAL's for the Windows 2003 SBS I would rather replace the domain controller with something free as we can't afford to buy the CAL's... Anyway I've reached the point where I get the XP machine to join the domain. I type "root" as the username and "12345" as the password and I get.. The following error occurred attempting to join the domain "example": The user name could not be found. I've tried using sysadmin for the user. and it also doesn't work... Any ideas?