[Samba] slapd index

Barry Rumsey basza at woosh.co.nz
Thu Jul 22 02:27:30 GMT 2004


Thanks, It worked

On Thursday 22 July 2004 15:24, John H Terpstra wrote:
> On Wednesday 21 July 2004 18:59, Barry Rumsey wrote:
> > hi
> > I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2.
> > My slapd.conf looks like this:
> > #
> > # See slapd.conf(5) for details on configuration options.
> > # This file should NOT be world readable.
> > #
> > include		/etc/openldap/schema/core.schema
> > include		/etc/openldap/schema/cosine.schema
> > include		/etc/openldap/schema/inetorgperson.schema
> > include		/etc/openldap/schema/samba.schema
> > include		/etc/openldap/schema/nis.schema
>
> The NIS schema must be specified BEFORE the samba schema!
>
> > # Define global ACLs to disable default read access.
> >
> > # Do not enable referrals until AFTER you have a working directory
> > # service AND an understanding of referrals.
> > #referral	ldap://root.openldap.org
> >
> > pidfile		/var/run/slapd/run/slapd.pid
> > argsfile	/var/run/slapd/run/slapd.args
> >
> > # Load dynamic backend modules:
> > modulepath	/usr/lib/openldap/modules
> > # moduleload	back_ldap.la
> > # moduleload	back_meta.la
> > # moduleload	back_monitor.la
> > # moduleload	back_perl.la
> >
> > # Sample security restrictions
> > #	Require integrity protection (prevent hijacking)
> > #	Require 112-bit (3DES or better) encryption for updates
> > #	Require 63-bit encryption for simple bind
> > # security ssf=1 update_ssf=112 simple_bind=64
> >
> > # Sample access control policy:
> > #	Root DSE: allow anyone to read it
> > #	Subschema (sub)entry DSE: allow anyone to read it
> > #	Other DSEs:
> > #		Allow self write access
> > #		Allow authenticated users read access
> > #		Allow anonymous users to authenticate
> > #	Directives needed to implement policy:
> > # access to dn.base="" by * read
> > # access to dn.base="cn=Subschema" by * read
> > # access to *
> > #	by self write
> > #	by users read
> > #	by anonymous auth
> > #
> > # if no access controls are present, the default policy
> > # allows anyone and everyone to read anything but restricts
> > # updates to rootdn.  (e.g., "access to * by * read")
> > #
> > # rootdn can always read and write EVERYTHING!
> >
> > #######################################################################
> > # bdb database definitions
> > #######################################################################
> >
> > database	bdb
> > checkpoint      1024    5
> > cachesize       10000
> > suffix		"dc=tux,dc=dyndns,dc=org"
> > rootdn		"cn=Manager,dc=tux,dc=dyndns,dc=org"
> > # Cleartext passwords, especially for the rootdn, should
> > # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> > # Use of strong authentication encouraged.
> > rootpw		secret
> > # The database directory MUST exist prior to running slapd AND
> > # should only be accessible by the slapd and slap tools.
> > # Mode 700 recommended.
> > directory	/var/lib/ldap
> > # Indices to maintain
> > index	objectClass	eq
> > index	cn		pres,sub,eq
> > index	sn		pres,sub,eq
> > index	uid		pres,sub,eq
> > index	displayName	pres,sub,eq
> > index	uidNumber	eq
> > index	gidNumber	eq
> > index	memberUid	eq
> > index	sambaSID	eq
> > index	sambaPrimaryGroups	eq
> > index	sambaDomainName		eq
> > index	default			sub
> >
> > When I try to execute the index by doing :
> > tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf
> >
> > I end up with the following error:
> > /etc/openldap/schema/samba.schema: line 340: AttributeType not found:
> > "gidNumber"
> > slapindex: bad configuration file!
> >
> > I have been follow the exsample from The Official Samba-3 HOWTO and
> > Reference Guide.
> >
> > Can someone help me past this error please
>
> See above.
>
> - John T.
>
> > Thanks in advance
> > Barry
>
> --
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> Samba-3 by Example, ISBN: 0131472216
> Hardening Linux, ISBN: 0072254971
> OpenLDAP by Example, ISBN: 0131488732
> Other books in production.


More information about the samba mailing list