[Samba] Re: SAMBA3 + LDAP
mallapadi niranjan
niranjan.ashok at gmail.com
Tue Dec 20 05:41:40 GMT 2005
Hi craig
i have stopped the ldap and checked the "slapindex" and it does not produce
any output and
my /var/lib/ldap is owned by ldap user and all the files created are created
by user ldap only mode 600.
i hope i am missing something in slapd.acl's
The following is my slapd.conf file
##########################################################################
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database bdb
suffix "dc=msdpl,dc=com"
rootdn "cn=manager,dc=msdpl,dc=com"
rootpw secret
directory /var/lib/ldap
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index loginShell eq,pres
index nisMapName,nisMapEntry eq,pres,sub
index displayName eq,pres,sub
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index default sub
#access to dn.base="dc=msdpl,dc=com"
access to attrs=sambaLMPassword,sambaNTPassword
by dn="uid=.*,ou=People,dc=msdpl,dc=com" write
by dn="uid=.*,ou=Domain Admins,dc=msdpl,dc=com" read
by * none
access to attr=userPassword
by dn="uid=.*,ou=People,dc=msdpl,dc=com" write
by self write
by anonymous auth
by * none
access to *
by * read
###########################################################################
On 12/19/05, Craig White <craigwhite at azapple.com> wrote:
>
> On Mon, 2005-12-19 at 15:19 +0100, Louis van Belle wrote:
> > wel,
> >
> > index objectClass eq,pres
> > index ou,cn,mail,surname,givenname eq,pres,sub
> > index loginShell eq,pres
> > index nisMapName,nisMapEntry eq,pres,sub
> > index displayName eq,pres,sub
> > index uidNumber eq
> > index gidNumber eq
> > index memberUID eq
> > index sambaSID eq
> > index sambaPrimaryGroupSID eq
> > index default sub
> >
> > one of these is wrong, of you did not run
> > slapindex
> >
> > stop the ldap server
> > slapindex
> > start the ldap server
> -----
> on RHEL 4...this would necessarily be...
>
> service ldap stop
> slapindex
> chown -R ldap:ldap /var/lib/ldap
> service ldap start
>
> when you run slapindex as root, new index files are root:root and that
> doesn't work for openldap which runs as user ldap.
>
> Craig
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list