[Samba] Samba + OpenLdap replication problem
robert at ruegner.org
robert at ruegner.org
Mon Oct 4 11:35:01 GMT 2004
Mattia schrieb:
> Paul Gienger wrote:
>
>>
>>> not sure if I can ask here, because this sounds to me more an
>>> OpenLdap than a Samba problem, but it involves samba too.
>>
>>
>>
>> Nope, it's just openldap at this point. It's hard to say exactly
>> what your issue is without knowing how your slapd.conf files are set up.
>
>
> Thanks Paul. Here are slapd.conf files on master and slave servers
>
>
> ********************
> ****** MASTER ******
> ********************
>
>
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
> 23:19:14 kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/samba.schema
> include /etc/openldap/schema/redhat/autofs.schema
>
> allow bind_v2
>
> pidfile /var/run/slapd.pid
> argsfile /var/run/slapd.args
>
> #######################################################################
> # ldbm and/or bdb database definitions
> #######################################################################
>
> database ldbm
> suffix "dc=mydomain,dc=myorg,dc=it"
> rootdn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
>
> # Cleartext passwords, especially for the rootdn, should
> # be avoided. See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw mypass
>
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory /var/lib/ldap
>
> # Indices to maintain for this database
> index objectClass eq
> index cn pres,sub,eq
> index sn pres,sub,eq
> index uid pres,sub,eq
> index displayName pres,sub,eq
> index uidNumber eq
> index gidNumber eq
> index memberUid eq
> index sambaSID eq
> index sambaPrimaryGroupSID eq
> index sambaDomainName eq
> index default sub
>
> #############################
> # Replicas of this database #
> #############################
>
> replogfile /var/log/slurpd.replog
>
> replica host=bdc.mydomain.myorg.it:389
> tls=no
> binddn="cn=replicator,dc=mydomain,dc=myorg,dc=it"
> bindmethod=simple
> credentials=password
>
> access to dn=".*,dc=mydomain,dc=myorg,dc=it"
> by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
> by self write
> by * read
> access to dn="dc=mydomain,dc=myorg,dc=it"
> by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
> by self write
> by * read
>
>
>
>
> ********************
> ****** SLAVE *******
> ********************
>
>
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
> 23:19:14 kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/samba.schema
> include /etc/openldap/schema/redhat/autofs.schema
>
> allow bind_v2
>
> pidfile /var/run/slapd.pid
> argsfile /var/run/slapd.args
>
> #######################################################################
> # ldbm and/or bdb database definitions
> #######################################################################
>
> database ldbm
> suffix "dc=mydomain,dc=myorg,dc=it"
> rootdn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
>
> # Cleartext passwords, especially for the rootdn, should
> # be avoided. See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw mypass
>
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory /var/lib/ldap/replica
> updatedn "cn=Manager,dc=mydomain,dc=myorg,dc=it"
> updateref ldap://bdc.mydomain.myorg.it
>
> # Indices to maintain for this database
> index objectClass eq
> index cn pres,sub,eq
> index sn pres,sub,eq
> index uid pres,sub,eq
> index displayName pres,sub,eq
> index uidNumber eq
> index gidNumber eq
> index memberUid eq
> index sambaSID eq
> index sambaPrimaryGroupSID eq
> index sambaDomainName eq
> index default sub
>
>
> #############################
> # Replicas of this database #
> #############################
>
> access to dn=".*,dc=mydomain,dc=myorg,dc=it"
> by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
> by self write
> by anonymous auth
> by * none
> access to dn="dc=mydomain,dc=myorg,dc=it"
> by self write
> by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it" write
> by * read
>
>
>
>
> Thanks in advance for any help
>
> Bye... Mattia
Hi, have you checked that nscd is killed on the slave ldap server ,
cause this makes trouble
Regards
More information about the samba
mailing list