[Samba] slapd index
John H Terpstra
jht at samba.org
Thu Jul 22 02:39:57 GMT 2004
On Wednesday 21 July 2004 18:59, Barry Rumsey wrote:
> hi
> I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2.
> My slapd.conf looks like this:
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/samba.schema
> include /etc/openldap/schema/nis.schema
The NIS schema must be specified BEFORE the samba schema!
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral ldap://root.openldap.org
>
> pidfile /var/run/slapd/run/slapd.pid
> argsfile /var/run/slapd/run/slapd.args
>
> # Load dynamic backend modules:
> modulepath /usr/lib/openldap/modules
> # moduleload back_ldap.la
> # moduleload back_meta.la
> # moduleload back_monitor.la
> # moduleload back_perl.la
>
> # Sample security restrictions
> # Require integrity protection (prevent hijacking)
> # Require 112-bit (3DES or better) encryption for updates
> # Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> # Root DSE: allow anyone to read it
> # Subschema (sub)entry DSE: allow anyone to read it
> # Other DSEs:
> # Allow self write access
> # Allow authenticated users read access
> # Allow anonymous users to authenticate
> # Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> # by self write
> # by users read
> # by anonymous auth
> #
> # if no access controls are present, the default policy
> # allows anyone and everyone to read anything but restricts
> # updates to rootdn. (e.g., "access to * by * read")
> #
> # rootdn can always read and write EVERYTHING!
>
> #######################################################################
> # bdb database definitions
> #######################################################################
>
> database bdb
> checkpoint 1024 5
> cachesize 10000
> suffix "dc=tux,dc=dyndns,dc=org"
> rootdn "cn=Manager,dc=tux,dc=dyndns,dc=org"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid. See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw secret
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory /var/lib/ldap
> # Indices to maintain
> index objectClass eq
> index cn pres,sub,eq
> index sn pres,sub,eq
> index uid pres,sub,eq
> index displayName pres,sub,eq
> index uidNumber eq
> index gidNumber eq
> index memberUid eq
> index sambaSID eq
> index sambaPrimaryGroups eq
> index sambaDomainName eq
> index default sub
>
> When I try to execute the index by doing :
> tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf
>
> I end up with the following error:
> /etc/openldap/schema/samba.schema: line 340: AttributeType not found:
> "gidNumber"
> slapindex: bad configuration file!
>
> I have been follow the exsample from The Official Samba-3 HOWTO and
> Reference Guide.
>
> Can someone help me past this error please
See above.
- John T.
>
> Thanks in advance
> Barry
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.
More information about the samba
mailing list