[Samba] samba3 pdc ldap idealx
Edmundo Valle Neto
edmundo.valle at terra.com.br
Wed Feb 14 21:59:36 GMT 2007
And dont forget to execute slapindex in an already populated base after
make such changes.
Regards.
Edmundo Valle Neto
Edmundo Valle Neto escreveu:
> Hi.
>
> This has nothing to do with samba or the atribute itself. You
> cannot separate attributes or index types by spaces, take a look again
> in the formatting of your config.
>
> Regards.
>
> Edmundo Valle Neto
>
>
> Jason Baker escreveu:
>>
>> Try removing uidNumber and just use uid. Here is a section from my
>> slapd.conf file.
>>
>>
>> index
>> objectClass
>> eq
>> index
>> cn,mail,givenname,sn,displayName
>> eq,subinitial,pres
>> index uidNumber,gidNumber,memberUID,member,uniqueMember eq
>> index
>> uid
>> eq,subinitial,pres
>> index sambaSID,sambaDomainName,sambaPrimaryGroupSID eq
>>
>> *Jason Baker
>> */IT Coordinator/
>>
>>
>> *Glastender Inc.*
>> 5400 North Michigan Road
>> Saginaw, Michigan 48604 USA
>> 800.748.0423
>> Phone: 989.752.4275 ext. 228
>> Fax: 989.752.4444
>> www.glastender.com <http://www.glastender.com>
>>
>>
>>
>> On 2/14/2007 3:06 PM, Miguel wrote:
>>> Hi, i have followed the idealx tutorial to the letter, however i get
>>> this error when i try to start slapd:
>>>
>>> ambepdc# /usr/local/etc/rc.d/slapd start
>>> Starting slapd.
>>> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
>>> undefined
>>>
>>> this is my slapd.conf
>>>
>>> ambepdc# cat /usr/local/etc/openldap/slapd.conf
>>> #
>>> # See slapd.conf(5) for details on configuration options.
>>> # This file should NOT be world readable.
>>> #
>>> include /usr/local/etc/openldap/schema/core.schema
>>> include /usr/local/etc/openldap/schema/cosine.schema
>>> include /usr/local/etc/openldap/schema/inetorgperson.schema
>>> include /usr/local/etc/openldap/schema/nis.schema
>>> include /usr/local/etc/openldap/schema/samba.schema
>>>
>>> # log
>>> loglevel 4095
>>>
>>>
>>> # Do not enable referrals until AFTER you have a working directory
>>> # service AND an understanding of referrals.
>>> #referral ldap://root.openldap.org
>>>
>>> pidfile /var/run/openldap/slapd.pid
>>> argsfile /var/run/openldap/slapd.args
>>>
>>> # Load dynamic backend modules:
>>> modulepath /usr/local/libexec/openldap
>>> moduleload back_bdb
>>> # moduleload back_ldap
>>> # moduleload back_ldbm
>>> # moduleload back_passwd
>>> # moduleload back_shell
>>>
>>> # Sample security restrictions
>>> # Require integrity protection (prevent hijacking)
>>> # Require 112-bit (3DES or better) encryption for updates
>>> # Require 63-bit encryption for simple bind
>>> # security ssf=1 update_ssf=112 simple_bind=64
>>>
>>> # Sample access control policy:
>>> # Root DSE: allow anyone to read it
>>> # Subschema (sub)entry DSE: allow anyone to read it
>>> # Other DSEs:
>>> # Allow self write access
>>> # Allow authenticated users read access
>>> # Allow anonymous users to authenticate
>>> # Directives needed to implement policy:
>>> # access to dn.base="" by * read
>>> # access to dn.base="cn=Subschema" by * read
>>> # access to *
>>> # by self write
>>> # by users read
>>> # by anonymous auth
>>> #
>>> # if no access controls are present, the default policy
>>> # allows anyone and everyone to read anything but restricts
>>> # updates to rootdn. (e.g., "access to * by * read")
>>> #
>>> # rootdn can always read and write EVERYTHING!
>>>
>>> #######################################################################
>>> # BDB database definitions
>>> #######################################################################
>>>
>>> database bdb
>>> suffix "dc=sv,dc=amnetcorp,dc=com"
>>> rootdn "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
>>> # Cleartext passwords, especially for the rootdn, should
>>> # be avoid. See slappasswd(8) and slapd.conf(5) for details.
>>> # Use of strong authentication encouraged.
>>> rootpw {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
>>> # The database directory MUST exist prior to running slapd AND
>>> # should only be accessible by the slapd and slap tools.
>>> # Mode 700 recommended.
>>> directory /var/db/openldap-data
>>>
>>> # Indices to maintain
>>> index objectClass, uidNumber, gidNumber eq
>>> index cn, sn, ui, displayName pres, sub, eq
>>> index memberUid, mail, givenname eq, subinitial
>>> index sambaSID, sambaPrimaryGroupSID, sambaDomainName eq
>>>
>>> # users can authenticate and change their password
>>> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
>>> by self write
>>> by anonymous auth
>>> by * none
>>>
>>> # all others attributes are readable to everybody
>>> access to *
>>> by * read
>>> ambepdc#
>>>
>>> I dont knowe what else to do, there are many docs in the net but
>>> everbody seems to prefer the idealx one, what freebsd's special
>>> settings
>>> am i missing?
>>>
>>> thanks
>>>
>>>
>>>
>
>
More information about the samba
mailing list