[Samba] Problems with the IdealX scripts
Misty Stanley-Jones
misty at borkholder.com
Mon Sep 27 21:49:09 GMT 2004
I am replying to myself because I solved this. The problem was the netgroup
directive in the nsswitch.conf. It was ldap [NOTFOUND=return] files. I
changed it to files ldap and everything is happy. I have no idea what that
entry is even about. This is just a word to the wise.
Misty
On Monday 27 September 2004 10:43, Misty Stanley-Jones wrote:
> Not sure if this is where I should ask about this, but if I try to run any
> of the smbldap-* scripts, I get the following kind of output:
>
> oink:/usr/local/sbin # ./smbldap-populate
> Using builtin directory structure
> erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad
> protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153.
>
> I feel like this must be from a typo somewhere but I'm at a loss. I have
> followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5.
>
> Here are the relevant config files:
>
> ### smb.conf LDAP section ###
> passdb backend = ldapsam:ldap://localhost
> # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
> ldap admin dn = cn=Manager,dc=borkholder,dc=com
> ldap suffix = dc=borkholder,dc=com
> ldap group suffix = ou=Groups
> ldap user suffix = ou=Users
> ldap machine suffix = ou=Computers
> ldap idmap suffix = ou=Users
> ldap ssl = no
> add user script = /usr/local/sbin/smbldap-useradd -m "%u"
> ldap delete dn = No
> #delete user script = /usr/local/sbin/smbldap-userdel "%u"
> add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> #delete group script = /usr/local/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
> "%g"
> delete user from group script = /usr/local/sbin/smbldap-groupmod -x
> "%u" "%g"
> set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
> "%u"
>
> ### smbldap.conf without comments ###
> SID="S-1-5-21-725326080-1709766072-2910717368"
> slaveLDAP="127.0.0.1"
> slavePort="389"
> masterLDAP="127.0.0.1"
> masterPort="389"
> ldapTLS="0"
> verify="optional"
> cafile="/etc/openldap/slapd-cert.pem"
> clientcert="/etc/smbldap-tools/smbldap-tools.pem"
> clientkey="/etc/smbldap-tools/smbldap-tools.key"
> suffix="dc=borkholder,dc=com"
> usersdn="ou=People,${suffix}"
> computersdn="ou=Computers,${suffix}"
> groupsdn="ou=Groups,${suffix}"
> idmapdn="ou=People,${suffix}"
> sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}"
> scope="sub"
> hash_encrypt="SSHA"
> crypt_salt_format="%s"
> userLoginShell="/bin/false"
> userHome="/home/%U"
> userGecos="Samba User"
> defaultUserGid="513"
> defaultComputerGid="515"
> skeletonDir="/etc/skel"
> defaultMaxPasswordAge="90"
> userSmbHome=""
> userProfile=""
> userHomeDrive=""
> userScript=""
> mailDomain="borkholder.com"
> with_smbpasswd="0"
> smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't
> think it mattered since with_smbpasswd is set to 0
>
> ### smbldap_bind.conf ###
> slaveDN="cn=Manager,dc=borkholder,dc=com"
> slavePw="my_cleartext_pw"
> masterDN="cn=Manager,dc=borkholder,dc=com"
> masterPw="my_cleartext_pw"
>
> ### Proof that I am able to connect to my LDAP server and that nss_ldap
> works ###
> oink:/etc/smbldap-tools # id root
> uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins)
> oink:/etc/smbldap-tools # more /etc/group |grep 512
>
> Thanks in advance for your help. Please let me know if there is more info
> needed to debug this problem.
>
> Misty
More information about the samba
mailing list