[Samba] Can't populate LDAP directory with smbldap-populate
Alex Domoradov
alex.hha at gmail.com
Tue May 22 04:55:39 MDT 2012
It seems that issue was due to old perl-LDAP module. I have updated
with perl-LDAP-0.34-6.fc12 from Fedora Core 12 and now all works fine.
# smbldap-populate -a Administrator -g 10000 -l 11111 -r 10000 -u 10000
Populating LDAP directory for domain SYSADM
(S-1-5-21-206255134-223837211-2022137911)
(using builtin directory structure)
adding new entry: dc=sys-adm,dc=local
adding new entry: ou=Users,dc=sys-adm,dc=local
adding new entry: ou=Groups,dc=sys-adm,dc=local
adding new entry: ou=Computers,dc=sys-adm,dc=local
adding new entry: ou=Idmap,dc=sys-adm,dc=local
adding new entry: sambaDomainName=SYSADM,dc=sys-adm,dc=local
adding new entry: uid=Administrator,ou=Users,dc=sys-adm,dc=local
adding new entry: uid=nobody,ou=Users,dc=sys-adm,dc=local
adding new entry: cn=Domain Admins,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Domain Users,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Domain Guests,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Domain Computers,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Administrators,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Account Operators,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Print Operators,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Backup Operators,ou=Groups,dc=sys-adm,dc=local
adding new entry: cn=Replicators,ou=Groups,dc=sys-adm,dc=local
Please provide a password for the domain Administrator:
Changing UNIX and samba passwords for Administrator
New password: *******
Retype new password: *******
# smbldap-usershow Administrator
dn: uid=Administrator,ou=Users,dc=sys-adm,dc=local
objectClass: top,person,organizationalPerson,inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount
uid: Administrator
cn: Administrator
sn: Administrator
gidNumber: 0
uidNumber: 0
homeDirectory: /home/Administrator
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomePath: \\PDC-SRV\Administrator
sambaHomeDrive: H:
sambaProfilePath: \\PDC-SRV\profiles\Administrator
sambaPrimaryGroupSID: S-1-5-21-206255134-223837211-2022137911-512
sambaSID: S-1-5-21-206255134-223837211-2022137911-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaLMPassword: 0AFA9EFC9DE20294AAD3B435B51404EE
sambaAcctFlags: [U]
sambaNTPassword: 8F4BC1891E1050BDB614E72625AC2D7B
sambaPwdLastSet: 1337682668
sambaPwdMustChange: 1341570668
userPassword: {SSHA}ux+8irlDG6QkyFr0iswpw/iX1QJhOFFv
shadowLastChange: 15482
shadowMax: 45
On Mon, May 21, 2012 at 6:44 PM, Alex Domoradov <alex.hha at gmail.com> wrote:
> It seems that this issue RHEL/CentOS related. I have tried the following
>
> Install smbldap-tools-0.9.8 on Debian squeeze, locate smbldap.conf to
> my test server with CentOS-5.8. All works fine
>
> # smbldap-populate -a Administrator -g 10000 -l 11111 -r 10000 -u 10000
> Populating LDAP directory for domain SYSADM
> (S-1-5-21-206255134-223837211-2022137911)
> (using builtin directory structure)
>
> adding new entry: dc=sysadm,dc=local
> adding new entry: ou=Users,dc=sysadm,dc=local
> adding new entry: ou=Groups,dc=sysadm,dc=local
> adding new entry: ou=Computers,dc=sysadm,dc=local
> adding new entry: ou=Idmap,dc=sysadm,dc=local
> adding new entry: uid=Administrator,ou=Users,dc=sysadm,dc=local
> adding new entry: uid=nobody,ou=Users,dc=sysadm,dc=local
> adding new entry: cn=Domain Admins,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Domain Users,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Domain Guests,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Domain Computers,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Administrators,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Account Operators,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Print Operators,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Backup Operators,ou=Groups,dc=sysadm,dc=local
> adding new entry: cn=Replicators,ou=Groups,dc=sysadm,dc=local
> adding new entry: sambaDomainName=SYSADM,dc=sysadm,dc=local
>
> Please provide a password for the domain Administrator:
> Changing UNIX and samba passwords for Administrator
> New password: *******
> Retype new password: *******
>
> On CentOS server
>
> # smbldap-usershow Administrator
> dn: uid=Administrator,ou=Users,dc=sysadm,dc=local
> cn: Administrator
> sn: Administrator
> objectClass: top,person,organizationalPerson,inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount
> gidNumber: 0
> uid: Administrator
> uidNumber: 0
> homeDirectory: /home/Administrator
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomePath: \\PDC-SRV\Administrator
> sambaHomeDrive: H:
> sambaProfilePath: \\PDC-SRV\profiles\Administrator
> sambaPrimaryGroupSID: S-1-5-21-206255134-223837211-2022137911-512
> sambaSID: S-1-5-21-206255134-223837211-2022137911-500
> loginShell: /bin/false
> gecos: Netbios Domain Administrator
> sambaLMPassword: 0AFA9EFC9DE20294AAD3B435B51404EE
> sambaAcctFlags: [U]
> sambaNTPassword: 8F4BC1891E1050BDB614E72625AC2D7B
> sambaPwdLastSet: 1337613886
> sambaPwdMustChange: 1341501886
> userPassword: {SSHA}4GSeyrunuwZo4F5JyPxEhFALjEhNMlN0
> shadowLastChange: 15481
> shadowMax: 45
>
> # ldapsearch -LLL -x -b 'dc=sysadm,dc=local' -D
> 'cn=root,dc=sysadm,dc=local' -w 1234567 uid=Administrator
> dn: uid=Administrator,ou=Users,dc=sysadm,dc=local
> cn: Administrator
> sn: Administrator
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> gidNumber: 0
> uid: Administrator
> uidNumber: 0
> homeDirectory: /home/Administrator
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomePath: \\PDC-SRV\Administrator
> sambaHomeDrive: H:
> sambaProfilePath: \\PDC-SRV\profiles\Administrator
> sambaPrimaryGroupSID: S-1-5-21-206255134-223837211-2022137911-512
> sambaSID: S-1-5-21-206255134-223837211-2022137911-500
> loginShell: /bin/false
> gecos: Netbios Domain Administrator
> sambaLMPassword: 0AFA9EFC9DE20294AAD3B435B51404EE
> sambaAcctFlags: [U]
> sambaNTPassword: 8F4BC1891E1050BDB614E72625AC2D7B
> sambaPwdLastSet: 1337613886
> sambaPwdMustChange: 1341501886
> userPassword:: e1NTSEF9NEdTZXlydW51d1pvNEY1SnlQeEVoRkFMakVoTk1sTjA=
> shadowLastChange: 15481
> shadowMax: 45
>
> On Mon, May 21, 2012 at 5:01 PM, Alex Domoradov <alex.hha at gmail.com> wrote:
>> No, i don't. It's testing environment, so the password is too simple -
>> "1234567" :)
>>
>> On Mon, May 21, 2012 at 4:58 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:
>>> Hai,
>>>
>>> Are u using, @#$%^&*!() in your password ?
>>> Try itout..
>>>
>>> Gr.
>>>
>>> Louis
>>>
>>>
>>>>-----Oorspronkelijk bericht-----
>>>>Van: alex.hha at gmail.com [mailto:samba-bounces at lists.samba.org]
>>>>Namens Alex Domoradov
>>>>Verzonden: 2012-05-21 15:55
>>>>Aan: samba at lists.samba.org
>>>>Onderwerp: [Samba] Can't populate LDAP directory with smbldap-populate
>>>>
>>>>I have the following environment
>>>>
>>>># cat /etc/redhat-release
>>>>CentOS release 5.8 (Final)
>>>>
>>>># uname -r
>>>>2.6.18-308.4.1.el5
>>>>
>>>>I have installed smbldap-tools from
>>>>http://download.gna.org/smbldap-tools/packages/el5/smbldap-tool
>>>>s-0.9.8-1.el5.noarch.rpm.
>>>>Configured OpenLDAP, but when I try to populate LDAP directory I got
>>>>the following error messages
>>>>
>>>># smbldap-populate -a Administrator -g 10000 -l 11111 -r 10000 -u 10000
>>>>Populating LDAP directory for domain SYSADM
>>>>(S-1-5-21-206255134-223837211-2022137911)
>>>>(using builtin directory structure)
>>>>
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-populate line 483, <DATA> line 303.
>>>>Use of uninitialized value in string eq at /usr/sbin/smbldap-populate
>>>>line 484, <DATA> line 303.
>>>>entry already exist.
>>>>
>>>>Please provide a password for the domain Administrator:
>>>>No such object at
>>>>/usr/lib/perl5/vendor_perl/5.8.8/smbldap_tools.pm line 431.
>>>>
>>>># cat smbldap.conf | grep -v ^# | grep -v ^$
>>>>SID="S-1-5-21-206255134-223837211-2022137911"
>>>>sambaDomain="SYSADM"
>>>>slaveLDAP="localhost"
>>>>slavePort="389"
>>>>masterLDAP="localhost"
>>>>masterPort="389"
>>>>ldapTLS="0"
>>>>ldapSSL="0"
>>>>verify="none"
>>>>suffix="dc=sys-adm,dc=local"
>>>>usersdn="ou=Users,${suffix}"
>>>>computersdn="ou=Computers,${suffix}"
>>>>groupsdn="ou=Groups,${suffix}"
>>>>idmapdn="ou=Idmap,${suffix}"
>>>>sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
>>>>scope="sub"
>>>>password_hash="SSHA"
>>>>password_crypt_salt_format="%s"
>>>>userLoginShell="/sbin/nologin"
>>>>userHome="/home/%U"
>>>>userHomeDirectoryMode="700"
>>>>userGecos="System User"
>>>>defaultUserGid="513"
>>>>defaultComputerGid="515"
>>>>skeletonDir="/etc/skel"
>>>>shadowAccount="1"
>>>>defaultMaxPasswordAge="45"
>>>>userSmbHome="\\PDC\%U"
>>>>userProfile="\\PDC\profiles\%U"
>>>>userHomeDrive="H:"
>>>>userScript="logon.bat"
>>>>mailDomain="sys-adm.local"
>>>>with_smbpasswd="0"
>>>>smbpasswd="/usr/bin/smbpasswd"
>>>>with_slappasswd="0"
>>>>slappasswd="/usr/sbin/slappasswd"
>>>>
>>>>With smbldap-tools-0.9.6-3.el5 from EPEL repository iwth the same
>>>>config file I got the following error messages
>>>>
>>>># smbldap-populate -a Administrator -g 10000 -l 11111 -r 10000 -u
>>>>10000
>>>>Populating LDAP directory for domain SYSADM
>>>>(S-1-5-21-206255134-223837211-2022137911)
>>>>(using builtin directory structure)
>>>>
>>>>adding new entry: dc=sys-adm,dc=local
>>>>adding new entry: ou=Users,dc=sys-adm,dc=local
>>>>adding new entry: ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: ou=Computers,dc=sys-adm,dc=local
>>>>adding new entry: ou=Idmap,dc=sys-adm,dc=local
>>>>adding new entry: uid=Administrator,ou=Users,dc=sys-adm,dc=local
>>>>adding new entry: uid=nobody,ou=Users,dc=sys-adm,dc=local
>>>>adding new entry: cn=Domain Admins,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Domain Users,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Domain Guests,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Domain Computers,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Administrators,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Account Operators,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Print Operators,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Backup Operators,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: cn=Replicators,ou=Groups,dc=sys-adm,dc=local
>>>>adding new entry: sambaDomainName=SYSADM,dc=sys-adm,dc=local
>>>>
>>>>Please provide a password for the domain Administrator:
>>>>Changing UNIX and samba passwords for Administrator
>>>>New password: ********
>>>>Retype new password: *******
>>>>Use of uninitialized value in concatenation (.) or string at
>>>>/usr/sbin/smbldap-passwd line 319, <STDIN> line 2.
>>>>I cannot generate the proper hash!
>>>>
>>>>Have I missed something?
>>>>--
>>>>To unsubscribe from this list go to the following URL and read the
>>>>instructions: https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>>
More information about the samba
mailing list