Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th January 2008, 08:16
oalkatib oalkatib is offline
Junior Member
 
Join Date: Jan 2008
Location: MI
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation Step 8: Add an LDAP user to the system Problem [Stuck]

Hi Guys,
I got to this step, and now I'm really stuck, what did I miss, or what did I do wrong, please help me, I'm a linux n00b, and I'm very thankful that I found an LDAP solution, just need some help
here is what I'm inputing, and the error I'm getting

:~# smbldap-useradd -a -m -M test -c "TEST MAN" test
Error looking for next uid at /usr/share/perl5/smbldap_tools.pm line 1044.
Reply With Quote
Sponsored Links
  #2  
Old 12th January 2008, 14:49
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

This is what I've found: http://lists.samba.org/archive/samba...ly/122599.html
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 12th January 2008, 20:15
oalkatib oalkatib is offline
Junior Member
 
Join Date: Jan 2008
Location: MI
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default Super n00b at this

I read it, but I dont kow how to fix it, I'm a huge n00b, can you plez give some more guidence


Quote:
Hi,

You need something like this in your tree to store the next free uid and
gid:

dn: cn=NextFreeUnixId,o=youro
objectClass: inetOrgPerson
objectClass: sambaUnixIdPool
cn: NextFreeUnixId
sn: NextFreeUnixId
structuralObjectClass: inetOrgPerson
uidNumber: 29205
gidNumber: 1426

Take a look at smbldap-tools documentation.

Albert

El dj 06 de 07 del 2006 a les 22:51 +0200, en/na Mario Ohnewald va
escriure:
> anyone?
>
> On Thu, 2006-07-06 at 17:05 +0200, Mario Ohnewald wrote:
> > Hello List,
> >
> > i am using Ubuntu Dapper with:
> >
> > ldap-account-manager 0.5.1-1
> > samba 3.0.22-1ubuntu3
> > samba-common 3.0.22-1ubuntu3
> > debian-edu-config 0.399
> > slapd 2.2.26-5ubuntu2.1
> > smbldap-tools 0.9.2-3
> >
> >
> > When i try to join a domain i get this error:
> >
> > Could not find base dn, to get next uidNumber
> > at /usr/share/perl5/smbldap_tools.pm line 1046.
> > [2006/07/06 16:54:44, 0]
> > rpc_server/srv_samr_nt.c:_samr_create_user(2415)
> > _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
> > "na$"' gave 127
> >
> >
> > I am using /etc/ldap/schema/samba.schema from debian-edu-config.
> >
> > Where does it look for the base dn which it cant find?
> >
> > Cheers, Mario
> >
> >
> >
>
--
Reply With Quote
  #4  
Old 12th January 2008, 21:16
o.meyer o.meyer is offline
Senior Member
 
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
Default

Hi,

please give me some information about your smbldap-tools configuration.

cat /etc/smbldap-tools/smbldap_bind.conf

and

cat /etc/smbldap-tools/smbldap.conf

Be sure that you put the samba.schema in the right place and configured the slapd.conf & smb.conf properly.

Best regards,

Olli

Last edited by o.meyer; 12th January 2008 at 21:19.
Reply With Quote
  #5  
Old 12th January 2008, 23:30
oalkatib oalkatib is offline
Junior Member
 
Join Date: Jan 2008
Location: MI
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy The configurations

I'm using the configurations from the this link: http://www.howtoforge.com/openldap-s...ler-ubuntu7.10

and this is what I'm stuck on the 8th step, which is on the second page of the guid:
http://www.howtoforge.com/openldap-s...ler-ubuntu7.10

I have followed the guid to the dot.
So what I'm I doing wrong.....
Reply With Quote
  #6  
Old 14th January 2008, 04:15
o.meyer o.meyer is offline
Senior Member
 
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
Default

Please paste the output of

cat /etc/smbldap-tools/smbldap.conf

here. I think there's an error in your configuration or it's not complete.

Best regards,

Olli
Reply With Quote
  #7  
Old 14th January 2008, 19:43
oalkatib oalkatib is offline
Junior Member
 
Join Date: Jan 2008
Location: MI
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Post config file

Hi, this is what I have for the config file:

Quote:
# $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $
# $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $
#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools

# This code was developped by IDEALX (http://IDEALX.org/) and
# contributors (their names can be found in the CONTRIBUTORS file).
#
# Copyright (C) 2001-2002 IDEALX
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
# USA.

# Purpose :
# . be the configuration file for all smbldap-tools scripts

################################################## ############################
#
# General Configuration
#
################################################## ############################

# Put your own SID. To obtain this number do: "net getlocalsid".
# If not defined, parameter is taking from "net getlocalsid" return
SID="S-1-5-21-3278692326-2207112801-3614777453"

# Domain name the Samba server is in charged.
# If not defined, parameter is taking from smb.conf configuration file
# Ex: sambaDomain="IDEALX-NT"
sambaDomain="TEST"

################################################## ############################
#
# LDAP Configuration
#
################################################## ############################

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
# (typically a replication directory)

# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
# If not defined, parameter is set to "127.0.0.1"
slaveLDAP="127.0.0.1"

# Slave LDAP port
# If not defined, parameter is set to "389"
slavePort="389"

# Master LDAP server: needed for write operations
# Ex: masterLDAP=127.0.0.1
# If not defined, parameter is set to "127.0.0.1"
masterLDAP="127.0.0.1"

# Master LDAP port
# If not defined, parameter is set to "389"
masterPort="389"

# Use TLS for LDAP
# If set to 1, this option will use start_tls for connection
# (you should also used the port 389)
# If not defined, parameter is set to "1"
ldapTLS="0"

# How to verify the server's certificate (none, optional or require)
# see "man Net::LDAP" in start_tls section for more details
verify="require"

# CA certificate
# see "man Net::LDAP" in start_tls section for more details
cafile="/etc/opt/IDEALX/smbldap-tools/ca.pem"

# certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
clientcert="/etc/opt/IDEALX/smbldap-tools/smbldap-tools.pem"

# key certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
clientkey="/etc/opt/IDEALX/smbldap-tools/smbldap-tools.key"

# LDAP Suffix
# Ex: suffix=dc=test,dc=local
suffix="dc=test,dc=local"

# Where are stored Users
# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG"
# Warning: if 'suffix' is not set here, you must set the full dn for usersdn
usersdn="ou=Users,${suffix}"

# Where are stored Computers
# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
# Warning: if 'suffix' is not set here, you must set the full dn for computersdn
computersdn="ou=Computers,${suffix}"

# Where are stored Groups
# Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG"
# Warning: if 'suffix' is not set here, you must set the full dn for groupsdn
groupsdn="ou=Groups,${suffix}"

# Where are stored Idmap entries (used if samba is a domain member server)
# Ex: groupsdn="ou=Idmap,dc=IDEALX,dc=ORG"
# Warning: if 'suffix' is not set here, you must set the full dn for idmapdn
idmapdn="ou=Idmap,${suffix}"

# Where to store next uidNumber and gidNumber available for new users and groups
# If not defined, entries are stored in sambaDomainName object.
# Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain}, ${suffix}"
# Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
sambaUnixIdPooldn="sambaDomainName=EXAMPLE,${suffi x}"

# Default scope Used
scope="sub"

# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
hash_encrypt="SSHA"

# if hash_encrypt is set to CRYPT, you may set a salt format.
# default is "%s", but many systems will generate MD5 hashed
# passwords if you use "$1$%.8s". This parameter is optional!
crypt_salt_format="%s"

################################################## ############################
#
# Unix Accounts Configuration
#
################################################## ############################

# Login defs
# Default Login Shell
# Ex: userLoginShell="/bin/bash"
userLoginShell="/bin/bash"

# Home directory
# Ex: userHome="/home/%U"
userHome="/home/%U"

# Default mode used for user homeDirectory
userHomeDirectoryMode="700"

# Gecos
userGecos="System User"

# Default User (POSIX and Samba) GID
defaultUserGid="513"

# Default Computer (Samba) GID
defaultComputerGid="515"

# Skel dir
skeletonDir="/etc/skel"

# Default password validation time (time in days) Comment the next line if
# you don't want password to be enable for defaultMaxPasswordAge days (be
# careful to the sambaPwdMustChange attribute's value)
defaultMaxPasswordAge="45"

################################################## ############################
#
# SAMBA Configuration
#
################################################## ############################

# The UNC path to home drives location (%U username substitution)
# Just set it to a null string if you want to use the smb.conf 'logon home'
# directive and/or disable roaming profiles
# Ex: userSmbHome="\\PDC-SMB3\%U"
userSmbHome=

# The UNC path to profiles locations (%U username substitution)
# Just set it to a null string if you want to use the smb.conf 'logon path'
# directive and/or disable roaming profiles
# Ex: userProfile="\\PDC-SMB3\profiles\%U"
userProfile=

# The default Home Drive Letter mapping
# (will be automatically mapped at logon time if home directory exist)
# Ex: userHomeDrive="H:"
userHomeDrive=

# The default user netlogon script name (%U username substitution)
# if not used, will be automatically username.cmd
# make sure script file is edited under dos
# Ex: userScript="startup.cmd" # make sure script file is edited under dos
userScript=

# Domain appended to the users "mail"-attribute
# when smbldap-useradd -M is used
# Ex: mailDomain="idealx.com"
mailDomain=

################################################## ############################
#
# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
################################################## ############################

# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
# prefer Crypt::SmbHash library
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"

# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"

# comment out the following line to get rid of the default banner
# no_banner="1"

Reply With Quote
  #8  
Old 15th January 2008, 14:03
o.meyer o.meyer is offline
Senior Member
 
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
Default

Hi oalkatib,

I found some errors in your configuration.

Please use the following configuration. Replace %your_sid% with the SID from your system (getlocalsid) and %samba_netbios_name% with the netbios name that you configured in samba configuration file (/etc/samba/smb.conf):

Code:
SID="%your_sid%"
sambaDomain="EXAMPLE"
ldapTLS="0"
suffix="dc=example,dc=local"
usersdn="ou=Users,${suffix}"
computersdn="ou=Computers,${suffix}"
groupsdn="ou=Groups,${suffix}"
idmapdn="ou=Idmap,${suffix}"
sambaUnixIdPooldn="sambaDomainName=EXAMPLE,${suffix}"
scope="sub"
hash_encrypt="SSHA"
userLoginShell="/bin/bash"
userHome="/home/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="45"
userSmbHome="\\%samba_netbios_name%\%U"
userProfile="\\%samba_netbios_name%\profiles\%U"
userHomeDrive="H:"
userScript="logon.bat"
mailDomain="example.local"
smbpasswd="/usr/bin/smbpasswd"
slappasswd="/usr/sbin/slappasswd"

Last edited by o.meyer; 15th January 2008 at 18:11.
Reply With Quote
  #9  
Old 15th January 2008, 19:26
oalkatib oalkatib is offline
Junior Member
 
Join Date: Jan 2008
Location: MI
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ok so, just completly replace the cfg file, with the one you pased, awsome. THANK YOU!!, I'm going to try it once I get back home
Reply With Quote
  #10  
Old 16th January 2008, 19:19
agarcia71 agarcia71 is offline
HowtoForge Supporter
 
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to agarcia71
 
Red face Step 13: Add a workstation account to LDAP

Hi Fellows:

I follow every step from this howto: OpenLDAP + Samba Domain Controller On Ubuntu 7.10

My work stations is configured just like said the howto, its have the ldap-server IP for DNS.

But when i try to connect a workstation to the server, its doesn't work



I got this message:

DNS query refused:
And domain server can't found it.

Any Help !!!

thanks in advance
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix problems with smtp linkdeb Server Operation 13 15th March 2014 18:58
:D All recieved mails goes to the system admin user ??help Mounir Installation/Configuration 8 31st July 2006 13:22
Import System User razorbuzz HOWTO-Related Questions 1 25th May 2006 15:13
User loging to email problem jackaltx Installation/Configuration 2 30th March 2006 13:26
How can I add same user name but different domain lexcomputer Installation/Configuration 3 6th October 2005 15:18


All times are GMT +2. The time now is 06:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.