[Samba] sambaldap tools

Schabel Markus markus.schabel at tgm.ac.at
Sun Sep 8 18:52:00 GMT 2002 

Axel Machens wrote:

>Hi samba admins,
>
>I don´t know is this the right place for my question,
>but I can´t find a list for my problem.
>  
>
I guess samba at idealx.org would be another place for this question, but 
I've posted a patch there and got no response since, possibly nobody 
checks this account...

>I have some trobble to configure the smbldap-tools.
>I have download and copy the scripts to /usr/local/sbin.
>But a /usr/local/sbin/smbldap-useradd.pl testuser breaks
>  
>
>with this error message:
>
>get_user_dn2: error in ldapsearch :
>/usr/bin/ldapsearch -x -h _SLAVELDAP_ -D '_BINDDN_' -w '_BINDPW_' -b
>'_SUFFIX_' -s 'sub' '(&(objectclass=posixAccount)(uid=axel))'
>/usr/local/sbin/smbldap-useradd.pl: error in get_user_dn2
>ldap_bind: Can't contact LDAP server
>
This message seems like the script is using the default smbldap_conf.pm, 
and not your modified. Look if you have another somewhere....

>Hmm, I can´t understand this, my ldap server runs and works fine.
>Have I a mistake in my smbldap_conf.pm ?
>I can´t find something !!
>
>All the services samba - alpha  and ldap runs on the same machine with IP
>192.168.1.2
>on port 389.
>
>
>Thanks a lot
>
>Axel Machens
>
>----------------------------------------------------------------------------
>
>#!/usr/bin/perl
>use strict;
>package smbldap_conf;
># $Id: smbldap_conf.pm,v 1.14 2002/06/01 04:30:48 olem Exp $
>#
># smbldap-tools.conf : Q & D configuration file for smbldap-tools
># This code was developped by IDEALX (http://IDEALX.org/) and
># contributors (their names can be found in the CONTRIBUTORS file).
>#
># Copyright (C) 2001-2002 IDEALX
>#
># This program is free software; you can redistribute it and/or
># modify it under the terms of the GNU General Public License
># as published by the Free Software Foundation; either version 2
># of the License, or (at your option) any later version.
>#
># This program is distributed in the hope that it will be useful,
># but WITHOUT ANY WARRANTY; without even the implied warranty of
># MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
># GNU General Public License for more details.
>#
># You should have received a copy of the GNU General Public License
># along with this program; if not, write to the Free Software
># Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
># USA.
># Purpose :
># . be the configuration file for all smbldap-tools scripts
>use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS
>$UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP
>$with_smbpasswd $mk_ntpasswd
>$ldap_path $ldap_opts $ldapsearch $ldapsearchnobind
>$ldapmodify $ldappasswd $ldapadd $ldapdelete $ldapmodrdn
>$suffix $usersdn $computersdn
>$groupsdn $scope $binddn $bindpasswd
>$slaveDN $slavePw $masterDN $masterPw
>$_userLoginShell $_userHomePrefix $_userGecos
>$_defaultUserGid $_defaultComputerGid
>$_skeletonDir $_userSmbHome
>$_userProfile $_userHomeDrive
>$_userScript $usersou $computersou $groupsou
>);
>use Exporter;
>$VERSION = 1.00;
>@ISA = qw(Exporter);
>@EXPORT = qw(
>$UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP
>$with_smbpasswd $mk_ntpasswd
>$ldap_path $ldap_opts $ldapsearch $ldapsearchnobind $ldapmodify $ldappasswd
>$ldapadd $ldapdelete $ldapmodrdn $suffix $usersdn
>$computersdn $groupsdn $scope $binddn $bindpasswd
>$slaveDN $slavePw $masterDN $masterPw
>$_userLoginShell $_userHomePrefix $_userGecos
>$_defaultUserGid $_defaultComputerGid $_skeletonDir
>$_userSmbHome $_userProfile $_userHomeDrive $_userScript
>$usersou $computersou $groupsou
>);
>
>############################################################################
>##
>#
># General Configuration
>#
>############################################################################
>##
>#
># UID and GID starting at...
>#
>$UID_START = 1000;
>$GID_START = 1000;
>############################################################################
>##
>#
># LDAP Configuration
>#
>############################################################################
>##
># Notes: to use to dual ldap servers backend for Samba, you must patch
># Samba with the dual-head patch from IDEALX. If not using this patch
># just use the same server for slaveLDAP and masterLDAP.
>#
># Slave LDAP : needed for read operations
>#
># Ex: $slaveLDAP = "127.0.0.1";
>$slaveLDAP = "192.168.1.2";
>#
># Master LDAP : needed for write operations
>#
># Ex: $masterLDAP = "127.0.0.1";
>$masterLDAP = "192.168.1.2";
>#
># LDAP Suffix
>#
># Ex: $suffix = "dc=IDEALX,dc=ORG";
>$suffix = "o=INTERN,c=DE";
>#
># Where are stored Users
>#
># Ex: $usersdn = "ou=Users,$suffix"; for ou=Users,dc=IDEALX,dc=ORG
>$usersou = q(ou=User,$suffix);
>$usersdn = "ou=$usersou,$suffix";
>#
># Where are stored Computers
>#
># Ex: $computersdn = "ou=Computers,$suffix"; for
>ou=Computers,dc=IDEALX,dc=ORG
>$computersou = q(ou=Computer,$suffix);
>$computersdn = "ou=$computersou,$suffix";
>#
># Where are stored Groups
>#
># Ex $groupsdn = "ou=Groups,$suffix"; for ou=Groups,dc=IDEALX,dc=ORG
># $groupsou = q(_GROUPS_);
># $groupsdn = "ou=$groupsou,$suffix";
>#
># Default scope Used
>#
>$scope = "sub";
>#
># Credential Configuration
>#
># Bind DN used
># Ex: $binddn = "cn=Manager,$suffix"; for cn=Manager,dc=IDEALX,dc=org
>$binddn = "cn=admin,$suffix";
>#
># Bind DN passwd used
># Ex: $bindpasswd = 'secret'; for 'secret'
>$bindpasswd = "geheim";
>#
># Notes: if using dual ldap patch, you can specify to different
>configuration
># By default, we will use the same DN (so it will work for standard Samba
># release)
>#
>$slaveDN = $binddn;
>$slavePw = $bindpasswd;
>$masterDN = $binddn;
>$masterPw = $bindpasswd;
>############################################################################
>##
>#
># Unix Accounts Configuration
>#
>############################################################################
>##
># Login defs
>#
># Default Login Shell
>#
># Ex: $_userLoginShell = q(/bin/bash);
>$_userLoginShell = q(/bin/bash);
>#
># Home directory prefix (without username)
>#
>#Ex: $_userHomePrefix = q(/home/);
>$_userHomePrefix = q(/home/);
>#
># Gecos
>#
>$_userGecos = q(System User);
>#
># Default User (POSIX and Samba) GID
>#
>$_defaultUserGid = 100;
>#
># Default Computer (Samba) GID
>#
>$_defaultComputerGid = 553;
>#
># Skel dir
>#
>$_skeletonDir = q(/etc/skel);
>############################################################################
>##
>#
># SAMBA Configuration
>#
>############################################################################
>##
>#
># The UNC path to home drives location without the username last extension
># (will be dynamically prepended)
># Ex: q(\\\\My-PDC-netbios-name\\homes) for \\My-PDC-netbios-name\homes
>$_userSmbHome = q(\\\\neptun\\homes);
>#
># The UNC path to profiles locations without the username last extension
># (will be dynamically prepended)
># Ex: q(\\\\My-PDC-netbios-name\\profiles) for
>\\My-PDC-netbios-name\profiles
>$_userProfile = q(\\\\neptun\\profiles\\);
>#
># The default Home Drive Letter mapping
># (will be automatically mapped at logon time if home directory exist)
># Ex: q(U:) for U:
>$_userHomeDrive = q(U:);
>#
># The default user netlogon script name
># if not used, will be automatically username.cmd
>#
>#$_userScript = q(startup.cmd); # make sure script file is edited under dos
>
>############################################################################
>##
>#
># SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
>#
>############################################################################
>##
># Allows not to use smbpasswd (if $with_smbpasswd == 0 in smbldap_conf.pm)
>but
># prefer mkntpwd... most of the time, it's a wise choice :-)
>$with_smbpasswd = 0;
>$smbpasswd = "/usr/bin/smbpasswd";
>$mk_ntpasswd = "/usr/local/sbin/mkntpwd";
>$ldap_path = "/usr/bin";
>$ldap_opts = "-x";
>$ldapsearch = "$ldap_path/ldapsearch $ldap_opts -h $slaveLDAP -D
>'$slaveDN' -w '$slavePw'";
>$ldapsearchnobind = "$ldap_path/ldapsearch $ldap_opts -h $slaveLDAP";
>$ldapmodify = "$ldap_path/ldapmodify $ldap_opts -h $masterLDAP -D
>'$masterDN' -w '$masterPw'";
>$ldappasswd = "$ldap_path/ldappasswd $ldap_opts -h $masterLDAP -D
>'$masterDN' -w '$masterPw'";
>$ldapadd = "$ldap_path/ldapadd $ldap_opts -h $masterLDAP -D '$masterDN' -w
>'$masterPw'";
>$ldapdelete = "$ldap_path/ldapdelete $ldap_opts -h $masterLDAP -D
>'$masterDN' -w '$masterPw'";
>$ldapmodrdn = "$ldap_path/ldapmodrdn $ldap_opts -h $masterLDAP -D
>'$masterDN' -w '$masterPw'";
>
>
>1;
># - The End
>
>  
>

More information about the samba mailing list