[Samba] samba3 pdc ldap idealx

Edmundo Valle Neto edmundo.valle at terra.com.br
Wed Feb 14 21:57:28 GMT 2007


Hi.

    This has nothing to do with samba or the atribute itself. You cannot 
separate attributes or index types by spaces, take a look again in the 
formatting of your config.

Regards.

Edmundo Valle Neto


Jason Baker escreveu:
>
> Try removing uidNumber and just use uid. Here is a section from my 
> slapd.conf file.
>
>
> index   
> objectClass                                                     
>                            eq
> index   
> cn,mail,givenname,sn,displayName                                
>                eq,subinitial,pres
> index   uidNumber,gidNumber,memberUID,member,uniqueMember           eq
> index   
> uid                                                             
>                                    eq,subinitial,pres
> index   sambaSID,sambaDomainName,sambaPrimaryGroupSID               eq
>
> *Jason Baker
> */IT Coordinator/
>
>
> *Glastender Inc.*
> 5400 North Michigan Road
> Saginaw, Michigan 48604 USA
> 800.748.0423
> Phone: 989.752.4275 ext. 228
> Fax: 989.752.4444
> www.glastender.com <http://www.glastender.com>
>
>
>
> On 2/14/2007 3:06 PM, Miguel wrote:
>> Hi, i have followed the idealx tutorial to the letter, however i get
>> this error when i try to start slapd:
>>
>> ambepdc# /usr/local/etc/rc.d/slapd start
>> Starting slapd.
>> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
>> undefined
>>
>> this is my slapd.conf
>>
>> ambepdc# cat /usr/local/etc/openldap/slapd.conf
>> #
>> # See slapd.conf(5) for details on configuration options.
>> # This file should NOT be world readable.
>> #
>> include         /usr/local/etc/openldap/schema/core.schema
>> include         /usr/local/etc/openldap/schema/cosine.schema
>> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>> include         /usr/local/etc/openldap/schema/nis.schema
>> include         /usr/local/etc/openldap/schema/samba.schema
>>
>> # log
>> loglevel 4095
>>
>>
>> # Do not enable referrals until AFTER you have a working directory
>> # service AND an understanding of referrals.
>> #referral       ldap://root.openldap.org
>>
>> pidfile         /var/run/openldap/slapd.pid
>> argsfile        /var/run/openldap/slapd.args
>>
>> # Load dynamic backend modules:
>> modulepath      /usr/local/libexec/openldap
>> moduleload      back_bdb
>> # moduleload    back_ldap
>> # moduleload    back_ldbm
>> # moduleload    back_passwd
>> # moduleload    back_shell
>>
>> # Sample security restrictions
>> #       Require integrity protection (prevent hijacking)
>> #       Require 112-bit (3DES or better) encryption for updates
>> #       Require 63-bit encryption for simple bind
>> # security ssf=1 update_ssf=112 simple_bind=64
>>
>> # Sample access control policy:
>> #       Root DSE: allow anyone to read it
>> #       Subschema (sub)entry DSE: allow anyone to read it
>> #       Other DSEs:
>> #               Allow self write access
>> #               Allow authenticated users read access
>> #               Allow anonymous users to authenticate
>> #       Directives needed to implement policy:
>> # access to dn.base="" by * read
>> # access to dn.base="cn=Subschema" by * read
>> # access to *
>> #       by self write
>> #       by users read
>> #       by anonymous auth
>> #
>> # if no access controls are present, the default policy
>> # allows anyone and everyone to read anything but restricts
>> # updates to rootdn.  (e.g., "access to * by * read")
>> #
>> # rootdn can always read and write EVERYTHING!
>>
>> #######################################################################
>> # BDB database definitions
>> #######################################################################
>>
>> database        bdb
>> suffix          "dc=sv,dc=amnetcorp,dc=com"
>> rootdn          "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
>> # Cleartext passwords, especially for the rootdn, should
>> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
>> # Use of strong authentication encouraged.
>> rootpw          {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory       /var/db/openldap-data
>>
>> # Indices to maintain
>> index objectClass, uidNumber, gidNumber                 eq
>> index cn, sn, ui, displayName                           pres, sub, eq
>> index memberUid, mail, givenname                        eq, subinitial
>> index sambaSID, sambaPrimaryGroupSID, sambaDomainName   eq
>>
>> # users can authenticate and change their password
>> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
>>            by self write
>>            by anonymous auth
>>            by * none
>>
>> # all others attributes are readable to everybody
>> access to *
>>           by * read
>> ambepdc#
>>
>> I dont knowe what else to do, there are many docs in the net but
>> everbody seems to prefer the idealx one, what freebsd's special settings
>> am i missing?
>>
>> thanks
>>
>>
>>   



More information about the samba mailing list