[Samba] samba3 pdc ldap idealx
Miguel
mmiranda at 123.com.sv
Wed Feb 14 22:37:52 GMT 2007
On Wed, 2007-02-14 at 19:57 -0200, Edmundo Valle Neto wrote:
> Hi.
>
> This has nothing to do with samba or the atribute itself. You cannot
> separate attributes or index types by spaces, take a look again in the
> formatting of your config.
>
> Regards.
>
> Edmundo Valle Neto
>
Thanks a lot Edmundo, i missed that in the docs, all is working now
regards,
Miguel
>
> Jason Baker escreveu:
> >
> > Try removing uidNumber and just use uid. Here is a section from my
> > slapd.conf file.
> >
> >
> > index
> > objectClass
> > eq
> > index
> > cn,mail,givenname,sn,displayName
> > eq,subinitial,pres
> > index uidNumber,gidNumber,memberUID,member,uniqueMember eq
> > index
> > uid
> > eq,subinitial,pres
> > index sambaSID,sambaDomainName,sambaPrimaryGroupSID eq
> >
> > *Jason Baker
> > */IT Coordinator/
> >
> >
> > *Glastender Inc.*
> > 5400 North Michigan Road
> > Saginaw, Michigan 48604 USA
> > 800.748.0423
> > Phone: 989.752.4275 ext. 228
> > Fax: 989.752.4444
> > www.glastender.com <http://www.glastender.com>
> >
> >
> >
> > On 2/14/2007 3:06 PM, Miguel wrote:
> >> Hi, i have followed the idealx tutorial to the letter, however i get
> >> this error when i try to start slapd:
> >>
> >> ambepdc# /usr/local/etc/rc.d/slapd start
> >> Starting slapd.
> >> /usr/local/etc/openldap/slapd.conf: line 74: index type "uidNumber"
> >> undefined
> >>
> >> this is my slapd.conf
> >>
> >> ambepdc# cat /usr/local/etc/openldap/slapd.conf
> >> #
> >> # See slapd.conf(5) for details on configuration options.
> >> # This file should NOT be world readable.
> >> #
> >> include /usr/local/etc/openldap/schema/core.schema
> >> include /usr/local/etc/openldap/schema/cosine.schema
> >> include /usr/local/etc/openldap/schema/inetorgperson.schema
> >> include /usr/local/etc/openldap/schema/nis.schema
> >> include /usr/local/etc/openldap/schema/samba.schema
> >>
> >> # log
> >> loglevel 4095
> >>
> >>
> >> # Do not enable referrals until AFTER you have a working directory
> >> # service AND an understanding of referrals.
> >> #referral ldap://root.openldap.org
> >>
> >> pidfile /var/run/openldap/slapd.pid
> >> argsfile /var/run/openldap/slapd.args
> >>
> >> # Load dynamic backend modules:
> >> modulepath /usr/local/libexec/openldap
> >> moduleload back_bdb
> >> # moduleload back_ldap
> >> # moduleload back_ldbm
> >> # moduleload back_passwd
> >> # moduleload back_shell
> >>
> >> # Sample security restrictions
> >> # Require integrity protection (prevent hijacking)
> >> # Require 112-bit (3DES or better) encryption for updates
> >> # Require 63-bit encryption for simple bind
> >> # security ssf=1 update_ssf=112 simple_bind=64
> >>
> >> # Sample access control policy:
> >> # Root DSE: allow anyone to read it
> >> # Subschema (sub)entry DSE: allow anyone to read it
> >> # Other DSEs:
> >> # Allow self write access
> >> # Allow authenticated users read access
> >> # Allow anonymous users to authenticate
> >> # Directives needed to implement policy:
> >> # access to dn.base="" by * read
> >> # access to dn.base="cn=Subschema" by * read
> >> # access to *
> >> # by self write
> >> # by users read
> >> # by anonymous auth
> >> #
> >> # if no access controls are present, the default policy
> >> # allows anyone and everyone to read anything but restricts
> >> # updates to rootdn. (e.g., "access to * by * read")
> >> #
> >> # rootdn can always read and write EVERYTHING!
> >>
> >> #######################################################################
> >> # BDB database definitions
> >> #######################################################################
> >>
> >> database bdb
> >> suffix "dc=sv,dc=amnetcorp,dc=com"
> >> rootdn "cn=Manager,dc=sv,dc=amnetcorp,dc=com"
> >> # Cleartext passwords, especially for the rootdn, should
> >> # be avoid. See slappasswd(8) and slapd.conf(5) for details.
> >> # Use of strong authentication encouraged.
> >> rootpw {SSHA}v6130sVnBx1z/2/c3e7qipTB5Y41TQOu
> >> # The database directory MUST exist prior to running slapd AND
> >> # should only be accessible by the slapd and slap tools.
> >> # Mode 700 recommended.
> >> directory /var/db/openldap-data
> >>
> >> # Indices to maintain
> >> index objectClass, uidNumber, gidNumber eq
> >> index cn, sn, ui, displayName pres, sub, eq
> >> index memberUid, mail, givenname eq, subinitial
> >> index sambaSID, sambaPrimaryGroupSID, sambaDomainName eq
> >>
> >> # users can authenticate and change their password
> >> access to attrs=userPassword , sambaNTPassword , sambaLMPassword
> >> by self write
> >> by anonymous auth
> >> by * none
> >>
> >> # all others attributes are readable to everybody
> >> access to *
> >> by * read
> >> ambepdc#
> >>
> >> I dont knowe what else to do, there are many docs in the net but
> >> everbody seems to prefer the idealx one, what freebsd's special settings
> >> am i missing?
> >>
> >> thanks
> >>
> >>
> >>
>
More information about the samba
mailing list