[Samba] Samba + OpenLdap replication problem
Mattia
mattia at sinapto.net
Mon Oct 4 13:15:13 GMT 2004
Paul Gienger wrote:
>
>> not sure if I can ask here, because this sounds to me more an OpenLdap
>> than a Samba problem, but it involves samba too.
>
>
> Nope, it's just openldap at this point. It's hard to say exactly what
> your issue is without knowing how your slapd.conf files are set up.
Thanks Paul. Here are slapd.conf files on master and slave servers
********************
****** MASTER ******
********************
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/redhat/autofs.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database ldbm
suffix "dc=mydomain,dc=myorg,dc=it"
rootdn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw mypass
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain for this database
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
#############################
# Replicas of this database #
#############################
replogfile /var/log/slurpd.replog
replica host=bdc.mydomain.myorg.it:389
tls=no
binddn="cn=replicator,dc=mydomain,dc=myorg,dc=it"
bindmethod=simple
credentials=password
access to dn=".*,dc=mydomain,dc=myorg,dc=it"
by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
by self write
by * read
access to dn="dc=mydomain,dc=myorg,dc=it"
by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
by self write
by * read
********************
****** SLAVE *******
********************
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/redhat/autofs.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database ldbm
suffix "dc=mydomain,dc=myorg,dc=it"
rootdn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw mypass
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/ldap/replica
updatedn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
updateref ldap://bdc.mydomain.myorg.it
# Indices to maintain for this database
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
#############################
# Replicas of this database #
#############################
access to dn=".*,dc=mydomain,dc=myorg,dc=it"
by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
by self write
by anonymous auth
by * none
access to dn="dc=mydomain,dc=myorg,dc=it"
by self write
by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
by * read
Thanks in advance for any help
Bye... Mattia
More information about the samba
mailing list