[Samba] openLDAP access problem - Re: How do I list computers in the domain
Robert Moskowitz
rgm at htt-consult.com
Fri Sep 18 14:53:19 UTC 2015
If I am going to do the import of accounts, I have to access openLDAP
remotely and....
the following works:
ldapsearch -h localhost -b "dc=home,dc=htt" -D
"cn=manager,ou=internal,dc=home,dc=htt" -s sub
"objectclass=GroupOfNames" -x -w m.....
But
ldapsearch -h 192.168.128.2 -b "dc=home,dc=htt" -D
"cn=manager,ou=internal,dc=home,dc=htt" -s sub
"objectclass=GroupOfNames" -x -w m....
Does not with:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
I stopped the firewall (service firewall stop) to ensure this was not a
firewall access issue.
They have their own directory services app it seems.
On 09/18/2015 09:21 AM, L.P.H. van Belle wrote:
> Yeah, im doing to much again at the same time. ;-)
>
> The ldapsearch ..
> A "one liner"
>
> ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b `cat /etc/samba//smb.conf | grep "ldap suffix" | cut -d"=" -f2,3,4,5` 'cn=*' | grep Computers
>
> should work, well at least works here ;-)
>
>
> Greetz,
>
> Louis
>
>> -----Oorspronkelijk bericht-----
>> Van: Robert Moskowitz [mailto:rgm at htt-consult.com]
>> Verzonden: vrijdag 18 september 2015 15:13
>> Aan: L.P.H. van Belle; samba at lists.samba.org
>> Onderwerp: Re: [Samba] How do I list computers in the domain
>>
>>
>>
>> On 09/18/2015 08:54 AM, L.P.H. van Belle wrote:
>>> Ow sorry,
>>> didnt see this was and NT (samba3/ldap) domain..
>> Easy to have missed in all the stuff.
>>
>>> Then you can use something simple like:
>>>
>>> slapcat | grep ou=Computers
>> # slapcat | grep ou=Computers
>> 55fc0c03 The first database does not allow slapcat; using the first
>> available one (2)
>> reqDN: cn=NC4010$,ou=Computers,ou=Accounts,dc=home,dc=htt
>> reqDN: cn=MAVIS$,ou=Computers,ou=Accounts,dc=home,dc=htt
>>
>> Those are the two active ones, and probably the only ones. Though I
>> wonder what happened to the Dell that I have not used for 1 year?
>>
>>> or something like
>>> ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b YOURBASEDN 'cn=*'
>> # ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b YOURBASEDN 'cn=*'
>> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
>>
>> I am probably suppose to put something like HOME in for YOURBASEDN? But
>> even when I do, I still get that error. slapd is running.
>>
>>>
>>> Greetz,
>>>
>>> Louis
>>>
>>>
>>>> -----Oorspronkelijk bericht-----
>>>> Van: Robert Moskowitz [mailto:rgm at htt-consult.com]
>>>> Verzonden: vrijdag 18 september 2015 14:32
>>>> Aan: L.P.H. van Belle; samba at lists.samba.org
>>>> Onderwerp: Re: [Samba] How do I list computers in the domain
>>>>
>>>>
>>>>
>>>> On 09/18/2015 02:30 AM, L.P.H. van Belle wrote:
>>>>> Sure there is a sam.ldb. if you cant find it install mlocate, type
>>>> updatedb, and locate sam.ldb
>>>>
>>>> [root at homebase samba]# updatedb
>>>> [root at homebase samba]# locate sam.ldb
>>>> [root at homebase samba]#
>>>>
>>>> No sam.ldb :(
>>>>
>>>> Don't know what they called it instead. Will probably have to ask on
>>>> their forum.
>>>>
>>>>> Or if you type samba -b
>>>> [root at homebase samba]# samba -b
>>>> -bash: samba: command not found
>>>>
>>>>> You have all your samba folders, it should be in one of these, and
>>>> normaly in the private_dir folder.
>>>>
>>>>
>>>> Do you see it in here:
>>>>
>>>> /var/lib/ldap/sambaDomainName.bdb
>>>> /var/lib/ldap/sambaGroupType.bdb
>>>> /var/lib/ldap/sambaPrimaryGroupSID.bdb
>>>> /var/lib/ldap/sambaSID.bdb
>>>> /var/lib/ldap/sambaSIDList.bdb
>>>> /var/lib/ldap/backup.1424429165/sambaDomainName.bdb
>>>> /var/lib/ldap/backup.1424429165/sambaGroupType.bdb
>>>> /var/lib/ldap/backup.1424429165/sambaPrimaryGroupSID.bdb
>>>> /var/lib/ldap/backup.1424429165/sambaSID.bdb
>>>> /var/lib/ldap/backup.1424429165/sambaSIDList.bdb
>>>> /var/lib/ldap/backup.1442564646/sambaDomainName.bdb
>>>> /var/lib/ldap/backup.1442564646/sambaGroupType.bdb
>>>> /var/lib/ldap/backup.1442564646/sambaPrimaryGroupSID.bdb
>>>> /var/lib/ldap/backup.1442564646/sambaSID.bdb
>>>> /var/lib/ldap/backup.1442564646/sambaSIDList.bdb
>>>> /var/lib/samba/account_policy.tdb
>>>> /var/lib/samba/brlock.tdb
>>>> /var/lib/samba/browse.dat
>>>> /var/lib/samba/connections.tdb
>>>> /var/lib/samba/gencache.tdb
>>>> /var/lib/samba/gencache_notrans.tdb
>>>> /var/lib/samba/locking.tdb
>>>> /var/lib/samba/login_cache.tdb
>>>> /var/lib/samba/messages.tdb
>>>> /var/lib/samba/namelist.debug
>>>> /var/lib/samba/netsamlogon_cache.tdb
>>>> /var/lib/samba/notify.tdb
>>>> /var/lib/samba/notify_onelevel.tdb
>>>> /var/lib/samba/printer_list.tdb
>>>> /var/lib/samba/printing
>>>> /var/lib/samba/private
>>>> /var/lib/samba/registry.tdb
>>>> /var/lib/samba/scripts
>>>> /var/lib/samba/serverid.tdb
>>>> /var/lib/samba/sessionid.tdb
>>>> /var/lib/samba/share_info.tdb
>>>> /var/lib/samba/winbindd_cache.tdb
>>>> /var/lib/samba/winbindd_privileged
>>>> /var/lib/samba/wins.dat
>>>> /var/lib/samba/wins.tdb
>>>> /var/lib/samba/printing/printers.tdb
>>>> /var/lib/samba/private/schannel_store.tdb
>>>> /var/lib/samba/private/secrets.tdb
>>>> /var/lib/samba/winbindd_privileged/pipe
>>>>
>>>>
>>>> :(
>>>>
>>>> thanks for your help
>>>>
>>>>> Greetz,
>>>>>
>>>>> Louis
>>>>>
>>>>>
>>>>>
>>>>>> -----Oorspronkelijk bericht-----
>>>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Robert
>>>> Moskowitz
>>>>>> Verzonden: donderdag 17 september 2015 22:44
>>>>>> Aan: Rowland Penny; samba at lists.samba.org
>>>>>> Onderwerp: Re: [Samba] How do I list computers in the domain
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 09/17/2015 03:26 PM, Rowland Penny wrote:
>>>>>>> On 17/09/15 18:28, Robert Moskowitz wrote:
>>>>>>>> On 09/17/2015 04:07 AM, mathias dufresne wrote:
>>>>>>>>> You can use ADUC tool which is part of RSAT.
>>>>>>>> Don't have RSAT on a computer yet, and anyway I want to do this on
>>>>>>>> the server, not a client.
>>>>>>>>
>>>>>>>>> You can also use ldbsearch:
>>>>>>>>> ldbsearch -H $sam '(objectclass=computer)' dn
>>>>>>>> Had to install ldb-tools on the ClearOS system and got:
>>>>>>>>
>>>>>>>> # returned 0 records
>>>>>>>> # 0 entries
>>>>>>>> # 0 referrals
>>>>>>>>
>>>>>>>> Yet I know there are two computers joined to this PDC.
>>>>>>> You need to run this on the DC and replace '$sam' with the path for
>>>>>>> sam.ldb i.e.
>>>>>>>
>>>>>>> ldbsearch -H /var/lib/samba/private/sam.ldb '(objectclass=computer)'
>>>> dn
>>>>>> OK. that works for the sernet samba AD, but there is no sam.ldb on
>>>>>> ClearOS. Going to have to dig deeper to find what file they are
>> using.
>>>>>> thanks
>>>>>>
>>>>>>
>>>>>>>> Same return on the new AD, but that is not supprising, given the
>>>>>>>> source of the problem for the migration of the users.
>>>>>>>>
>>>>>>>>> More info on ldbsearch and ldb tools there:
>>>>>>>>> https://wiki.samba.org/index.php/LDB
>>>>>>>> More reading to do! :)
>>>>>>>>
>>>>>>>>> 2015-09-17 6:02 GMT+02:00 Robert Moskowitz <rgm at htt-consult.com>:
>>>>>>>>>
>>>>>>>>>> I want to see what computers have joined the domain. Not just
>>>> those
>>>>>>>>>> currently connected as smbtree seems to do.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> To unsubscribe from this list go to the following URL and read
>> the
>>>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>>>>>>
>>>>>> --
>>>>>> To unsubscribe from this list go to the following URL and read the
>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>
>
More information about the samba
mailing list