[Samba] Problems with the IdealX scripts

Paul Gienger pgienger at ae-solutions.com
Mon Sep 27 15:46:51 GMT 2004 

>oink:/usr/local/sbin # ./smbldap-populate
>Using builtin directory structure
>erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad protocol 
>'tcp') at /usr/local/sbin//smbldap_tools.pm line 153.
>  
>
This sounds like you just configured a Solaris box with the ldapclient 
command.  Edit your /etc/nsswitch.conf file and change
protocols: ldap
back to
protocols: files

If you're not on Solaris, what are the specifics of your environment then?


>I feel like this must be from a typo somewhere but I'm at a loss.  I have 
>followed the instructions in the INSTALL file.  Using smbldap-tools-0.8.5.
>
>Here are the relevant config files:
>
>### smb.conf LDAP section ###
>passdb backend = ldapsam:ldap://localhost
>        # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
>        ldap admin dn = cn=Manager,dc=borkholder,dc=com
>        ldap suffix = dc=borkholder,dc=com
>        ldap group suffix = ou=Groups
>        ldap user suffix = ou=Users
>        ldap machine suffix = ou=Computers
>        ldap idmap suffix = ou=Users
>        ldap ssl = no
>        add user script = /usr/local/sbin/smbldap-useradd -m "%u"
>        ldap delete dn = No
>        #delete user script = /usr/local/sbin/smbldap-userdel "%u"
>        add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
>        add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
>        #delete group script = /usr/local/sbin/smbldap-groupdel "%g"
>        add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" 
>"%g"
>        delete user from group script = /usr/local/sbin/smbldap-groupmod -x 
>"%u" "%g"
>        set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" 
>"%u"
>
>### smbldap.conf without comments ###
>SID="S-1-5-21-725326080-1709766072-2910717368"
>slaveLDAP="127.0.0.1"
>slavePort="389"
>masterLDAP="127.0.0.1"
>masterPort="389"
>ldapTLS="0"
>verify="optional"
>cafile="/etc/openldap/slapd-cert.pem"
>clientcert="/etc/smbldap-tools/smbldap-tools.pem"
>clientkey="/etc/smbldap-tools/smbldap-tools.key"
>suffix="dc=borkholder,dc=com"
>usersdn="ou=People,${suffix}"
>computersdn="ou=Computers,${suffix}"
>groupsdn="ou=Groups,${suffix}"
>idmapdn="ou=People,${suffix}"
>sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}"
>scope="sub"
>hash_encrypt="SSHA"
>crypt_salt_format="%s"
>userLoginShell="/bin/false"
>userHome="/home/%U"
>userGecos="Samba User"
>defaultUserGid="513"
>defaultComputerGid="515"
>skeletonDir="/etc/skel"
>defaultMaxPasswordAge="90"
>userSmbHome=""
>userProfile=""
>userHomeDrive=""
>userScript=""
>mailDomain="borkholder.com"
>with_smbpasswd="0"
>smbpasswd="/usr/bin/smbpasswd"  <--- it is actually not here but I didn't 
>think it mattered since with_smbpasswd is set to 0
>  
>### smbldap_bind.conf ###
>slaveDN="cn=Manager,dc=borkholder,dc=com"
>slavePw="my_cleartext_pw"
>masterDN="cn=Manager,dc=borkholder,dc=com"
>masterPw="my_cleartext_pw"
>
>### Proof that I am able to connect to my LDAP server and that nss_ldap works 
>###
>oink:/etc/smbldap-tools # id root
>uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins)
>oink:/etc/smbldap-tools # more /etc/group |grep 512
>
>Thanks in advance for your help.  Please let me know if there is more info 
>needed to debug this problem.
>
>Misty
>
>  
>

-- 
Paul Gienger                     Office: 701-281-1884
Applied Engineering Inc.         
Information Systems Consultant   Fax:    701-281-1322
URL: www.ae-solutions.com        mailto: pgienger at ae-solutions.com

More information about the samba mailing list