Ldap + samba 10 x 0 estou jogado a toalha.
Amigos decidi apelar para vc´s estou tomando uma surra muito grande para fazer funcionar o Ldap + Samba PDC já tentei no Ubuntu-Server 8.04 TLS, Ubuntu-Server 9.04 e Debian 5 em todos eu morro na praia, quando chega na hora de popular sempre acotece erros por exemplo:
server01:/usr/share/doc/smbldap-tools/examples# smbldap-populate
Populating LDAP directory for domain ccbsist.net (S-1-5-21-15483983-150619718-2040496312)
(using builtin directory structure)
adding new entry: dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 7.
adding new entry: ou=Usuarios,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 12.
adding new entry: ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 17.
adding new entry: ou=Computadores,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 22.
adding new entry: ou=Idmap,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 27.
adding new entry: uid=root,ou=Usuarios,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 58.
adding new entry: uid=nobody,ou=Usuarios,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 89.
adding new entry: cn=Domain Admins,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 101.
adding new entry: cn=Domain Users,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 112.
adding new entry: cn=Domain Guests,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 123.
adding new entry: cn=Domain Computers,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 134.
adding new entry: cn=Administrators,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 179.
adding new entry: cn=Account Operators,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 201.
adding new entry: cn=Print Operators,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 212.
adding new entry: cn=Backup Operators,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 223.
adding new entry: cn=Replicators,ou=Grupos,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 234.
adding new entry: cn=NextFreeUnixId,dc=ccbsist,dc=net
failed to add entry: modifications require authentication at /usr/sbin/smbldap-populate line 499, <GEN1> line 241.
Please provide a password for the domain root:
No such object at /usr/share/perl5/smbldap_tools.pm line 353.
server01:/usr/share/doc/smbldap-tools/examples#
Já peguei varios tutoriais a respeito e não consigo ganhar do ldap, alguémque tenha conheceimento poderis por favor ajudar-me.
Tutoriais que já tentei usa-los
Samba com LDAP
InstalacaoLdapSamba < GrupoLinux < TWiki
Conto com a colaboração de todos.
Abraço
Valdir
msn [email protected]
Re: Ldap + samba 10 x 0 estou jogado a toalha.
vamo devagar o erro e pq ele esta exigindo autenticação.
passa pra nos a configuração do slapd.conf e o ldap.conf
outro detalhe vc fez alterações no smbldap.conf ???
Re: Ldap + samba 10 x 0 estou jogado a toalha.
Citação:
Postado originalmente por
noir
vamo devagar o erro e pq ele esta exigindo autenticação.
passa pra nos a configuração do slapd.conf e o ldap.conf
outro detalhe vc fez alterações no smbldap.conf ???
blz amigo,comop vc mesmo disse, vamos por parte, segue abaixo as configurações dos arquivos:
/etc/ldap/slapd.conf
# Allow LDAPv2 binds
allow bind_v2
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd/slapd.args
# Read slapd.conf(5) for possible values
loglevel 256
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_bdb
# The maximum number of entries that is returned for a search operation
sizelimit 500
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
#######################################################################
# Specific Backend Directives for bdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend bdb
database bdb
suffix "dc=ccbsist,dc=net"
rootdn "cn=admin,dc=ccbsist,dc=net"
rootpw "{SSHA}MhedEvUWLHiBVuC0HakWhN/bDl1P+hSB"
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index objectClass eq
index uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
lastmod on
checkpoint 512 30
access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
by dn="cn=admin,dc=ccbsist,dc=net" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=ccbsist,dc=net" write
by * read
Segue os demais a baixo:
Abraços
Re: Ldap + samba 10 x 0 estou jogado a toalha.
/etc/ldap/ldap.conf
host 127.0.0.1
# The distinguished name of the search base.
base dc=ccbsist,dc=net
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/
#uri ldapi://%2fvar%2frun%2fldapi_sock/
ldap_version 3
#binddn cn=proxyuser,dc=padl,dc=com
#bindpw secret
#rootbinddn cn=admin,dc=ccbsist,dc=net
#port 389
#scope sub
#scope one
#scope base
#timelimit 30
#bind_timelimit 30
#bind_policy hard
#idle_timelimit 3600
#pam_filter objectclass=account
#pam_login_attribute uid
#pam_lookup_policy yes
#pam_check_host_attr yes
#pam_check_service_attr yes
#pam_groupdn cn=PAM,ou=Groups,dc=ccbsist,dc=net
#pam_member_attribute uniquemember
#pam_min_uid 0
#pam_max_uid 0
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody
#pam_password clear
#pam_password crypt
#pam_password clear_remove_old
#pam_password nds
#pam_password racf
#pam_password ad
#pam_password exop
#pam_password_prohibit_message Please visit http://internal to change your password.
# nss_base_passwd ou=People,
# to append the default base DN but this
#nss_base_passwd ou=People,dc=ccbsist,dc=net?one
#nss_base_shadow ou=People,dc=ccbsit,dc=net?one
#nss_base_group ou=Group,dc=ccbsit,dc=net?one
#nss_base_hosts ou=Hosts,dc=ccbsist,dc=net?one
#nss_base_services ou=Services,dc=ccbsist,dc=net?one
#nss_base_networks ou=Networks,dc=ccbsist,dc=net?one
#nss_base_protocols ou=Protocols,dc=ccbsist,dc=net?one
#nss_base_rpc ou=Rpc,dc=ccbsist,dc=net?one
#nss_base_ethers ou=Ethers,dc=ccbsist,dc=net?one
#nss_base_netmasks ou=Networks,dc=ccbsist,dc=net?ne
#nss_base_bootparams ou=Ethers,dc=ccbsist,dc=net?one
#nss_base_aliases ou=Aliases,dc=ccbsist,dc=net?one
#nss_base_netgroup ou=Netgroup,dc=ccbsist,dc=net?one
#nss_map_attribute rfc2307attribute mapped_attribute
#nss_map_objectclass rfc2307objectclass mapped_objectclass
#nss_map_attribute uniqueMember member
# Services for UNIX 3.5 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount User
#nss_map_attribute uid msSFU30Name
#nss_map_attribute uniqueMember msSFU30PosixMember
#nss_map_attribute userPassword msSFU30Password
#nss_map_attribute homeDirectory msSFU30HomeDirectory
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_objectclass posixGroup Group
#pam_login_attribute msSFU30Name
#pam_filter objectclass=User
#pam_password ad
# configure --enable-mssfu-schema is no longer supported.
# Services for UNIX 2.0 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid msSFUName
#nss_map_attribute uniqueMember posixMember
#nss_map_attribute userPassword msSFUPassword
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup Group
#nss_map_attribute cn msSFUName
#pam_login_attribute msSFUName
#pam_filter objectclass=User
#pam_password ad
# RFC 2307 (AD) mappings
#nss_map_objectclass posixAccount user
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid sAMAccountName
#nss_map_attribute homeDirectory unixHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup group
#nss_map_attribute uniqueMember member
#pam_login_attribute sAMAccountName
#pam_filter objectclass=User
#pam_password ad
#nss_map_attribute userPassword authPassword
# AIX SecureWay mappings
#nss_map_objectclass posixAccount aixAccount
#nss_base_passwd ou=aixaccount,?one
#nss_map_attribute uid userName
#nss_map_attribute gidNumber gid
#nss_map_attribute uidNumber uid
#nss_map_attribute userPassword passwordChar
#nss_map_objectclass posixGroup aixAccessGroup
#nss_base_group ou=aixgroup,?one
#nss_map_attribute cn groupName
#nss_map_attribute uniqueMember member
#pam_login_attribute userName
#pam_filter objectclass=aixAccount
#pam_password clear
#ssl on
#sslpath /etc/ssl/certs
#ssl start_tls
#ssl on
#tls_checkpeer yes
#tls_cacertfile /etc/ssl/ca.cert
#tls_cacertdir /etc/ssl/certs
#tls_randfile /var/run/egd-pool
#tls_ciphers TLSv1
#tls_cert
#tls_key
#sasl_secprops maxssf=0
#krb5_ccname FILE:/etc/.ldapcache
#pam_sasl_mech DIGEST-MD5
Segue o ultimo arquivo.
Re: Ldap + samba 10 x 0 estou jogado a toalha.
/etc/smbldap-tools/smbldap.conf
##############################################################################
#
# General Configuration
#
##############################################################################
SID="S-1-5-21-15483983-150619718-2040496312"
sambaDomain="ccbsist.net"
##############################################################################
#
# LDAP Configuration
#
##############################################################################
slaveLDAP="127.0.0.1"
slavePort="389"
masterLDAP="127.0.0.1"
masterPort="389"
ldapTLS="0"
verify=""
cafile=""
clientcert=""
clientkey=""
suffix="dc=ccbsist,dc=net"
usersdn="ou=Usuarios,${suffix}"
computersdn="ou=Computadores,${suffix}"
groupsdn="ou=Grupos,${suffix}"
idmapdn="ou=Idmap,${suffix}"
sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format=""
##############################################################################
#
# Unix Accounts Configuration
#
##############################################################################
userLoginShell="/bin/bash"
userHome="/home/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="45"
##############################################################################
#
# SAMBA Configuration
#
##############################################################################
userSmbHome="\\server01\%U"
userProfile="\\server01\%U"
userHomeDrive="H:"
#userScript="script.bat"
#mailDomain="idealx.com"
##############################################################################
#
# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
##############################################################################
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
# no_banner="1"
Fim dos arquivos.