[Samba] samba3 pdc ldap idealx

Edmundo Valle Neto edmundo.valle at terra.com.br
Wed Feb 14 21:59:36 GMT 2007


And dont forget to execute slapindex in an already populated base after 
make such changes.

Regards.

Edmundo Valle Neto


Edmundo Valle Neto escreveu:
> Hi.
>
>    This has nothing to do with samba or the atribute itself. You 
> cannot separate attributes or index types by spaces, take a look again 
> in the formatting of your config.
>
> Regards.
>
> Edmundo Valle Neto
>
>
> Jason Baker escreveu:
>>
>> Try removing uidNumber and just use uid. Here is a section from my 
>> slapd.conf file.
>>
>>
>> index   
>> objectClass                                                     
>>                            eq
>> index   
>> cn,mail,givenname,sn,displayName                                
>>                eq,subinitial,pres
>> index   uidNumber,gidNumber,memberUID,member,uniqueMember           eq
>> index   
>> uid                                                             
>>                                    eq,subinitial,pres
>> index   sambaSID,sambaDomainName,sambaPrimaryGroupSID               eq
>>
>> *Jason Baker
>> */IT Coordinator/
>>
>>
>> *Glastender Inc.*
>> 5400 North Michigan Road
>> Saginaw, Michigan 48604 USA
>> 800.748.0423
>> Phone: 989.752.4275 ext. 228
>> Fax: 989.752.4444
>> www.glastender.com <http://www.glastender.com>
>>
>>
>>
>> On 2/14/2007 3:06 PM, Miguel wrote:
>>> Hi, i have followed the idealx tutorial to the letter, however i get
>>> this error when i try to start slapd:
>>>
>>> ambepdc# /usr/local/etc/rc.d/slapd start
>>> Starting slapd.
>>> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
>>> undefined
>>>
>>> this is my slapd.conf
>>>
>>> ambepdc# cat /usr/local/etc/openldap/slapd.conf
>>> #
>>> # See slapd.conf(5) for details on configuration options.
>>> # This file should NOT be world readable.
>>> #
>>> include         /usr/local/etc/openldap/schema/core.schema
>>> include         /usr/local/etc/openldap/schema/cosine.schema
>>> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>>> include         /usr/local/etc/openldap/schema/nis.schema
>>> include         /usr/local/etc/openldap/schema/samba.schema
>>>
>>> # log
>>> loglevel 4095
>>>
>>>
>>> # Do not enable referrals until AFTER you have a working directory
>>> # service AND an understanding of referrals.
>>> #referral       ldap://root.openldap.org
>>>
>>> pidfile         /var/run/openldap/slapd.pid
>>> argsfile        /var/run/openldap/slapd.args
>>>
>>> # Load dynamic backend modules:
>>> modulepath      /usr/local/libexec/openldap
>>> moduleload      back_bdb
>>> # moduleload    back_ldap
>>> # moduleload    back_ldbm
>>> # moduleload    back_passwd
>>> # moduleload    back_shell
>>>
>>> # Sample security restrictions
>>> #       Require integrity protection (prevent hijacking)
>>> #       Require 112-bit (3DES or better) encryption for updates
>>> #       Require 63-bit encryption for simple bind
>>> # security ssf=1 update_ssf=112 simple_bind=64
>>>
>>> # Sample access control policy:
>>> #       Root DSE: allow anyone to read it
>>> #       Subschema (sub)entry DSE: allow anyone to read it
>>> #       Other DSEs:
>>> #               Allow self write access
>>> #               Allow authenticated users read access
>>> #               Allow anonymous users to authenticate
>>> #       Directives needed to implement policy:
>>> # access to dn.base="" by * read
>>> # access to dn.base="cn=Subschema" by * read
>>> # access to *
>>> #       by self write
>>> #       by users read
>>> #       by anonymous auth
>>> #
>>> # if no access controls are present, the default policy
>>> # allows anyone and everyone to read anything but restricts
>>> # updates to rootdn.  (e.g., "access to * by * read")
>>> #
>>> # rootdn can always read and write EVERYTHING!
>>>
>>> #######################################################################
>>> # BDB database definitions
>>> #######################################################################
>>>
>>> database        bdb
>>> suffix          "dc=sv,dc=amnetcorp,dc=com"
>>> rootdn          "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
>>> # Cleartext passwords, especially for the rootdn, should
>>> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
>>> # Use of strong authentication encouraged.
>>> rootpw          {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
>>> # The database directory MUST exist prior to running slapd AND
>>> # should only be accessible by the slapd and slap tools.
>>> # Mode 700 recommended.
>>> directory       /var/db/openldap-data
>>>
>>> # Indices to maintain
>>> index objectClass, uidNumber, gidNumber                 eq
>>> index cn, sn, ui, displayName                           pres, sub, eq
>>> index memberUid, mail, givenname                        eq, subinitial
>>> index sambaSID, sambaPrimaryGroupSID, sambaDomainName   eq
>>>
>>> # users can authenticate and change their password
>>> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
>>>            by self write
>>>            by anonymous auth
>>>            by * none
>>>
>>> # all others attributes are readable to everybody
>>> access to *
>>>           by * read
>>> ambepdc#
>>>
>>> I dont knowe what else to do, there are many docs in the net but
>>> everbody seems to prefer the idealx one, what freebsd's special 
>>> settings
>>> am i missing?
>>>
>>> thanks
>>>
>>>
>>>   
>
>



More information about the samba mailing list