[Samba] Re: SAMBA3 + LDAP

mallapadi niranjan niranjan.ashok at gmail.com
Tue Dec 20 05:41:40 GMT 2005 

Hi craig

i have stopped the ldap and checked the "slapindex" and it does not produce
any output  and
my /var/lib/ldap is owned by ldap user and all the files created are created
by user ldap only mode 600.

i hope i am missing something in slapd.acl's
The following is my slapd.conf file
##########################################################################
include        /etc/openldap/schema/core.schema
include        /etc/openldap/schema/cosine.schema
include        /etc/openldap/schema/inetorgperson.schema
include        /etc/openldap/schema/nis.schema
include        /etc/openldap/schema/samba.schema

pidfile        /var/run/slapd.pid
argsfile    /var/run/slapd.args
database    bdb
suffix        "dc=msdpl,dc=com"
rootdn        "cn=manager,dc=msdpl,dc=com"
rootpw        secret
directory    /var/lib/ldap

# Indices to maintain for this database
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index loginShell             eq,pres
index nisMapName,nisMapEntry            eq,pres,sub
index displayName            eq,pres,sub
index uidNumber                eq
index gidNumber                eq
index memberUID                eq
index sambaSID                eq
index sambaPrimaryGroupSID        eq
index default                sub

#access to dn.base="dc=msdpl,dc=com"
access to attrs=sambaLMPassword,sambaNTPassword
        by dn="uid=.*,ou=People,dc=msdpl,dc=com" write
        by dn="uid=.*,ou=Domain Admins,dc=msdpl,dc=com" read
        by * none
access to attr=userPassword
        by dn="uid=.*,ou=People,dc=msdpl,dc=com" write
        by self write
        by anonymous auth
        by * none
access to *
        by * read
###########################################################################
On 12/19/05, Craig White <craigwhite at azapple.com> wrote:
>
> On Mon, 2005-12-19 at 15:19 +0100, Louis van Belle wrote:
> > wel,
> >
> > index objectClass eq,pres
> > index ou,cn,mail,surname,givenname eq,pres,sub
> > index loginShell eq,pres
> > index nisMapName,nisMapEntry eq,pres,sub
> > index displayName eq,pres,sub
> > index uidNumber eq
> > index gidNumber eq
> > index memberUID eq
> > index sambaSID eq
> > index sambaPrimaryGroupSID eq
> > index default sub
> >
> > one of these is wrong, of you did not run
> > slapindex
> >
> > stop the ldap server
> > slapindex
> > start the ldap server
> -----
> on RHEL 4...this would necessarily be...
>
> service ldap stop
> slapindex
> chown -R ldap:ldap /var/lib/ldap
> service ldap start
>
> when you run slapindex as root, new index files are root:root and that
> doesn't work for openldap which runs as user ldap.
>
> Craig
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list