[Samba] samba3 pdc ldap idealx
Edmundo Valle Neto
edmundo.valle at terra.com.br
Wed Feb 14 21:57:28 GMT 2007
Hi.
This has nothing to do with samba or the atribute itself. You cannot
separate attributes or index types by spaces, take a look again in the
formatting of your config.
Regards.
Edmundo Valle Neto
Jason Baker escreveu:
>
> Try removing uidNumber and just use uid. Here is a section from my
> slapd.conf file.
>
>
> index
> objectClass
> eq
> index
> cn,mail,givenname,sn,displayName
> eq,subinitial,pres
> index uidNumber,gidNumber,memberUID,member,uniqueMember eq
> index
> uid
> eq,subinitial,pres
> index sambaSID,sambaDomainName,sambaPrimaryGroupSID eq
>
> *Jason Baker
> */IT Coordinator/
>
>
> *Glastender Inc.*
> 5400 North Michigan Road
> Saginaw, Michigan 48604 USA
> 800.748.0423
> Phone: 989.752.4275 ext. 228
> Fax: 989.752.4444
> www.glastender.com <http://www.glastender.com>
>
>
>
> On 2/14/2007 3:06 PM, Miguel wrote:
>> Hi, i have followed the idealx tutorial to the letter, however i get
>> this error when i try to start slapd:
>>
>> ambepdc# /usr/local/etc/rc.d/slapd start
>> Starting slapd.
>> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
>> undefined
>>
>> this is my slapd.conf
>>
>> ambepdc# cat /usr/local/etc/openldap/slapd.conf
>> #
>> # See slapd.conf(5) for details on configuration options.
>> # This file should NOT be world readable.
>> #
>> include /usr/local/etc/openldap/schema/core.schema
>> include /usr/local/etc/openldap/schema/cosine.schema
>> include /usr/local/etc/openldap/schema/inetorgperson.schema
>> include /usr/local/etc/openldap/schema/nis.schema
>> include /usr/local/etc/openldap/schema/samba.schema
>>
>> # log
>> loglevel 4095
>>
>>
>> # Do not enable referrals until AFTER you have a working directory
>> # service AND an understanding of referrals.
>> #referral ldap://root.openldap.org
>>
>> pidfile /var/run/openldap/slapd.pid
>> argsfile /var/run/openldap/slapd.args
>>
>> # Load dynamic backend modules:
>> modulepath /usr/local/libexec/openldap
>> moduleload back_bdb
>> # moduleload back_ldap
>> # moduleload back_ldbm
>> # moduleload back_passwd
>> # moduleload back_shell
>>
>> # Sample security restrictions
>> # Require integrity protection (prevent hijacking)
>> # Require 112-bit (3DES or better) encryption for updates
>> # Require 63-bit encryption for simple bind
>> # security ssf=1 update_ssf=112 simple_bind=64
>>
>> # Sample access control policy:
>> # Root DSE: allow anyone to read it
>> # Subschema (sub)entry DSE: allow anyone to read it
>> # Other DSEs:
>> # Allow self write access
>> # Allow authenticated users read access
>> # Allow anonymous users to authenticate
>> # Directives needed to implement policy:
>> # access to dn.base="" by * read
>> # access to dn.base="cn=Subschema" by * read
>> # access to *
>> # by self write
>> # by users read
>> # by anonymous auth
>> #
>> # if no access controls are present, the default policy
>> # allows anyone and everyone to read anything but restricts
>> # updates to rootdn. (e.g., "access to * by * read")
>> #
>> # rootdn can always read and write EVERYTHING!
>>
>> #######################################################################
>> # BDB database definitions
>> #######################################################################
>>
>> database bdb
>> suffix "dc=sv,dc=amnetcorp,dc=com"
>> rootdn "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
>> # Cleartext passwords, especially for the rootdn, should
>> # be avoid. See slappasswd(8) and slapd.conf(5) for details.
>> # Use of strong authentication encouraged.
>> rootpw {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory /var/db/openldap-data
>>
>> # Indices to maintain
>> index objectClass, uidNumber, gidNumber eq
>> index cn, sn, ui, displayName pres, sub, eq
>> index memberUid, mail, givenname eq, subinitial
>> index sambaSID, sambaPrimaryGroupSID, sambaDomainName eq
>>
>> # users can authenticate and change their password
>> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
>> by self write
>> by anonymous auth
>> by * none
>>
>> # all others attributes are readable to everybody
>> access to *
>> by * read
>> ambepdc#
>>
>> I dont knowe what else to do, there are many docs in the net but
>> everbody seems to prefer the idealx one, what freebsd's special settings
>> am i missing?
>>
>> thanks
>>
>>
>>
More information about the samba
mailing list