[Samba] net rpc vampire not working

Del del at babel.com.au
Mon Dec 5 01:25:59 GMT 2005 

> Use
> http://www.samba.org/samba/docs/man/Samba-Guide/ntmigration.html

Thanks, that is a great help.  I have it working now.

> I would recommend that the user is familiar with setup, usage,
> maintenance of LDAP prior to doing this.

Oh, LDAP is no problem.   I'm the author of the LdapImport scripts
which some of you may have seen

http://wiki.babel.com.au/index.php?area=Linux_Projects&page=LdapImport

The problem I was having was correct configuration of samba prior to
running net rpc vampire.

Just some notes on the migration guide above that you might want to
incorporate into a later edition:

--

example 9.1:  "security = user" is missing?  Is this intentional?
the "configure.pl" script from smbldap-tools adds it to smb.conf
in any case.

May be useful to mention extending the LDAP schema before attempting
any of this, e.g. with the samba.schema file.

Before Step 7:  You can't run ./configure.pl in the smbldap-tools directory
unless samba is running.  So you need to do "service smb start" or
your OS equivalent first.  In fact, before doing that you need to
inform samba of your LDAP bind DN password using:

  smbpasswd -w <password>

Step 8:  Since you need to start samba before you run ./configure.pl, and
since samba tries to connect to the LDAP server when it starts, you
will need to start LDAP before you start samba.  So this probably belongs
around step 4 or 5.

Step 10:  You need to do this before starting Samba, so again this needs
to happen earlier than step 7.

Step 11:  Also, starting Samba will attempt to populate the LDAP directory.
On Fedora Directory Server (and in fact any non-OpenLDAP server) you may
hit troubles doing this because the entries aren't formatted correctly
with the "top" objectClass (on OpenLDAP this parent object class is added
automatically).  To fix this, what I did was:

cd /opt/IDEALX/sbin
./smbldap-populate -e /root/LDAP/smb-populate.ldif
vi /root/LDAP/smb-populate.ldif

Change the last LDIF entry in this file to include "objectClass: top"

ldapadd -x -c -D 'cn=Directory Manager' -W -f /root/LDAP/smb-populate.ldif

... and you will need to supply your root DN password to the above command.

Step 12:  This should not actually be necessary on non-OpenLDAP servers.  A
running LDAP server will notice that its directory has been populated.  It
is, however, the case that the OpenLDAP directory is completely empty after
installation so you may need to do this.

Step 14:  It might be useful to test this using:

net rpc testjoin

Step 17:  This seems to take a long time.  Expect that -- nothing happens in
the log file for a few seconds at least, don't panic.

-- 
Del

More information about the samba mailing list