[Samba] samba3 pdc ldap idealx

Miguel mmiranda at 123.com.sv
Wed Feb 14 22:37:52 GMT 2007 

On Wed, 2007-02-14 at 19:57 -0200, Edmundo Valle Neto wrote:
> Hi.
> 
>     This has nothing to do with samba or the atribute itself. You cannot 
> separate attributes or index types by spaces, take a look again in the 
> formatting of your config.
> 
> Regards.
> 
> Edmundo Valle Neto
> 


Thanks a lot Edmundo, i missed that in the docs, all is working now

regards,

Miguel



> 
> Jason Baker escreveu:
> >
> > Try removing uidNumber and just use uid. Here is a section from my 
> > slapd.conf file.
> >
> >
> > index   
> > objectClass                                                     
> >                            eq
> > index   
> > cn,mail,givenname,sn,displayName                                
> >                eq,subinitial,pres
> > index   uidNumber,gidNumber,memberUID,member,uniqueMember           eq
> > index   
> > uid                                                             
> >                                    eq,subinitial,pres
> > index   sambaSID,sambaDomainName,sambaPrimaryGroupSID               eq
> >
> > *Jason Baker
> > */IT Coordinator/
> >
> >
> > *Glastender Inc.*
> > 5400 North Michigan Road
> > Saginaw, Michigan 48604 USA
> > 800.748.0423
> > Phone: 989.752.4275 ext. 228
> > Fax: 989.752.4444
> > www.glastender.com <http://www.glastender.com>
> >
> >
> >
> > On 2/14/2007 3:06 PM, Miguel wrote:
> >> Hi, i have followed the idealx tutorial to the letter, however i get
> >> this error when i try to start slapd:
> >>
> >> ambepdc# /usr/local/etc/rc.d/slapd start
> >> Starting slapd.
> >> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
> >> undefined
> >>
> >> this is my slapd.conf
> >>
> >> ambepdc# cat /usr/local/etc/openldap/slapd.conf
> >> #
> >> # See slapd.conf(5) for details on configuration options.
> >> # This file should NOT be world readable.
> >> #
> >> include         /usr/local/etc/openldap/schema/core.schema
> >> include         /usr/local/etc/openldap/schema/cosine.schema
> >> include         /usr/local/etc/openldap/schema/inetorgperson.schema
> >> include         /usr/local/etc/openldap/schema/nis.schema
> >> include         /usr/local/etc/openldap/schema/samba.schema
> >>
> >> # log
> >> loglevel 4095
> >>
> >>
> >> # Do not enable referrals until AFTER you have a working directory
> >> # service AND an understanding of referrals.
> >> #referral       ldap://root.openldap.org
> >>
> >> pidfile         /var/run/openldap/slapd.pid
> >> argsfile        /var/run/openldap/slapd.args
> >>
> >> # Load dynamic backend modules:
> >> modulepath      /usr/local/libexec/openldap
> >> moduleload      back_bdb
> >> # moduleload    back_ldap
> >> # moduleload    back_ldbm
> >> # moduleload    back_passwd
> >> # moduleload    back_shell
> >>
> >> # Sample security restrictions
> >> #       Require integrity protection (prevent hijacking)
> >> #       Require 112-bit (3DES or better) encryption for updates
> >> #       Require 63-bit encryption for simple bind
> >> # security ssf=1 update_ssf=112 simple_bind=64
> >>
> >> # Sample access control policy:
> >> #       Root DSE: allow anyone to read it
> >> #       Subschema (sub)entry DSE: allow anyone to read it
> >> #       Other DSEs:
> >> #               Allow self write access
> >> #               Allow authenticated users read access
> >> #               Allow anonymous users to authenticate
> >> #       Directives needed to implement policy:
> >> # access to dn.base="" by * read
> >> # access to dn.base="cn=Subschema" by * read
> >> # access to *
> >> #       by self write
> >> #       by users read
> >> #       by anonymous auth
> >> #
> >> # if no access controls are present, the default policy
> >> # allows anyone and everyone to read anything but restricts
> >> # updates to rootdn.  (e.g., "access to * by * read")
> >> #
> >> # rootdn can always read and write EVERYTHING!
> >>
> >> #######################################################################
> >> # BDB database definitions
> >> #######################################################################
> >>
> >> database        bdb
> >> suffix          "dc=sv,dc=amnetcorp,dc=com"
> >> rootdn          "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
> >> # Cleartext passwords, especially for the rootdn, should
> >> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> >> # Use of strong authentication encouraged.
> >> rootpw          {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
> >> # The database directory MUST exist prior to running slapd AND
> >> # should only be accessible by the slapd and slap tools.
> >> # Mode 700 recommended.
> >> directory       /var/db/openldap-data
> >>
> >> # Indices to maintain
> >> index objectClass, uidNumber, gidNumber                 eq
> >> index cn, sn, ui, displayName                           pres, sub, eq
> >> index memberUid, mail, givenname                        eq, subinitial
> >> index sambaSID, sambaPrimaryGroupSID, sambaDomainName   eq
> >>
> >> # users can authenticate and change their password
> >> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
> >>            by self write
> >>            by anonymous auth
> >>            by * none
> >>
> >> # all others attributes are readable to everybody
> >> access to *
> >>           by * read
> >> ambepdc#
> >>
> >> I dont knowe what else to do, there are many docs in the net but
> >> everbody seems to prefer the idealx one, what freebsd's special settings
> >> am i missing?
> >>
> >> thanks
> >>
> >>
> >>   
>

More information about the samba mailing list