Re: [OpenLDAP] [lenny] suite à configuration sldap - failed...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pour info, le tutos a un bug...
lorsque tu édites /etc/smbldap-tools/smbldap.conf
il ya une ligne comme suit :
sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
en faite il faut lire :
sambaUnixIdPooldn="sambaDomainName=TONWORKGROUPSAMBA,${suffix}"
sinon tu as des érreurs lors du smbldap-populate
Cordialement
ps : sinon ce tutos est parfait.
Jean RAGOT wrote:
> Salut,
> très bonne remarque de ta part : ).
> Voici mes logs au démarrage de sldap.
> ######## */var/log/syslog ###############*
> Mar 19 13:55:38 srvdebian slapd[3960]: @(#) $OpenLDAP: slapd 2.4.11 (Oct
> 12 2008 04:13:21)
> $#012#011buildd@ninsei:/build/buildd/openldap-2.4.11/debian/build/servers/slapd
> Mar 19 13:55:38 srvdebian slapd[3960]: /etc/ldap/slapd.conf: line 20:
> unknown directive <schemacheck> outside backend info and database
> definitions.
> Mar 19 13:55:38 srvdebian slapd[3960]: slapd stopped.
> Mar 19 13:55:38 srvdebian slapd[3960]: connections_destroy: nothing to
> destroy.
> #############################################
>
> mathias dufresne a écrit :
>> Salut,
>>
>> Ta commande :
>> srvdebian:~# /etc/init.d/slapd start
>> Starting OpenLDAP: slapd - failed.
>> The operation failed but no output was produced. *For hints on what went
>> wrong please refer to the system's logfiles (e.g. /var/log/syslog)* or
>> try running the daemon in Debug mode like via "slapd -d 16383" (warning:
>> this will create copious output).
>>
>> Below, you can find the command line options used by this script to
>> run slapd. Do not forget to specify those options if you
>> want to look to debugging output:
>> slapd -g openldap -u openldap -f /etc/ldap/slapd.conf
>>
>> J'ai mis en surbrillance ce qu'il t'ai conseillé (à juste titre ;)
>> pour avoir des informations sur ce qui merdoie.
>>
>> Sans un coup d'oeil sur ces logs, on est comme toi, on ne sait pas ce
>> qui cloche : )
>>
>> à plus
>>
>> mathias
>>
>> 2009/3/19 Jean RAGOT <jeanragot@gmail.com <mailto:jeanragot@gmail.com>>
>>
>> Bonjour,
>>
>> Je me permet de me tourner vers vous suite à un petit problème qui
>> me bloque dans la mise en place de LDAP et SAMBA.
>>
>> Je suis le tutoriel suivant :
>> http://damstux.free.fr/wiki/index.php?title=PDC_Samba_et_LDAP
>>
>> Je suis sur une debian lenny i386.
>> J'ai installer les paquets pour /openLDAP/ avec Synaptic :
>> - sldap ------ 2.4.11-1 ------ OpenLDAP serveur
>> - ldap-utils ----- 2.4.11-1 ----- OpenLDAP utilities
>> - db4.2-util ------ 4.2.52 +dfsg-5 ------ Berkeley v4.2 Database
>> Utilities
>> A l'installation j'ai juste rempli le mot de passe de
>> l'administration LDAP.
>>
>> Ensuite j'ai installer
>> samba-doc ----- 2.3.2.5lennyl ----- samba documentation
>> J'ai copier le samba.schema ici :
>> /etc/ldap/schema/samba.schema
>>
>> j'ai modifier ensuite mon fichier sldap.conf suivant ma configuration
>> et j'ai mis mon mot de passe crypté obtenu avec slappasswd.
>>
>> Ensuite j'ai relancé comme demandé mon serveur LDAP est j'obtiens
>> une erreur que je n'arrive pas à résoudre ?
>>
>> srvdebian:~# /etc/init.d/slapd start
>> Starting OpenLDAP: slapd - failed.
>> The operation failed but no output was produced. For hints on what
>> went
>> wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
>> try running the daemon in Debug mode like via "slapd -d 16383"
>> (warning:
>> this will create copious output).
>>
>> Below, you can find the command line options used by this script to
>> run slapd. Do not forget to specify those options if you
>> want to look to debugging output:
>> slapd -g openldap -u openldap -f /etc/ldap/slapd.conf
>>
>> Je vous joins mon fichier sldap.conf et le fichier ldap.conf (que
>> je n'utilise pas appriori ?)
>> Merci de votre aide.
>>
>> ###########################################################
>> #### sldap.conf ######
>> ###########################################################
>> # This is the main slapd configuration file. See slapd.conf(5) for
>> more
>> # info on the configuration options.
>>
>> #######################################################################
>> # Global Directives:
>>
>> # Features to permit
>> #allow bind_v2
>>
>> # Schema and objectClass definitions
>> include /etc/ldap/schema/core.schema
>> include /etc/ldap/schema/cosine.schema
>> include /etc/ldap/schema/nis.schema
>> include /etc/ldap/schema/inetorgperson.schema
>> ####### include fichier schema ldap pour samba ######
>> include /etc/ldap/schema/samba.schema
>>
>> # Schema check allows for forcing entries to
>> # match schemas for their objectClasses's
>> schemacheck on
>>
>> # Where the pid file is put. The init.d script
>> # will not stop the server if you change this.
>> pidfile /var/run/slapd/slapd.pid
>>
>> # List of arguments that were passed to the server
>> argsfile /var/run/slapd/slapd.args
>>
>> # Read slapd.conf(5) for possible values
>> loglevel 0
>>
>> # Where the dynamically loaded modules are stored
>> modulepath /usr/lib/ldap
>> moduleload back_bdb
>>
>> #######################################################################
>> # Specific Backend Directives for hdb:
>> # Backend specific directives apply to this backend until another
>> # 'backend' directive occurs
>> backend bdb
>> checkpoint 512 30
>>
>>
>> #######################################################################
>> # Specific Backend Directives for 'other':
>> # Backend specific directives apply to this backend until another
>> # 'backend' directive occurs
>> #backend <other>
>>
>> #######################################################################
>> # Specific Directives for database #1, of type hdb:
>> # Database specific directives apply to this databasse until another
>> # 'database' directive occurs
>> database bdb
>>
>> # The base of your directory in database #1
>> suffix "dc=medica-rs,dc=int"
>> # rootdn directive for specifying a superuser on the database.
>> This is needed
>> # for syncrepl.
>> rootdn "cn=admin,dc=medica-rs,dc=int"
>> rootpw {SSHA}xxxxxxxxXXXXXxxxXXXxxXXXxxxXXxx
>>
>> # Where the database file are physically stored for database #1
>> directory "/var/lib/ldap"
>>
>> # Indexing options for database #1
>> index objectClass eq
>>
>> # Save the time that the entry gets modified, for database #1
>> lastmod on
>>
>> # Where to store the replica logs for database #1
>> # replogfile /var/lib/ldap/replog
>>
>> # The userPassword by default can be changed
>> # by the entry owning it if they are authenticated.
>> # Others should not be able to see it, except the
>> # admin entry below
>> # These access lines apply to database #1 only
>> access to attrs=userPassword
>> by dn="cn=admin,dc=medica-rs,dc=int" write
>> by anonymous auth
>> by self write
>> by * none
>>
>> # Ensure read access to the base for things like
>> # supportedSASLMechanisms. Without this you may
>> # have problems with SASL not knowing what
>> # mechanisms are available and the like.
>> # Note that this is covered by the 'access to *'
>> # ACL below too but if you change that as people
>> # are wont to do you'll still need this if you
>> # want SASL (and possible other things) to work
>> # happily.
>> access to dn.base="" by * read
>>
>> # The admin dn has full write access, everyone else
>> # can read everything.
>> access to *
>> by dn="cn=admin,dc=medica-rs,dc=int" write
>> by * read
>> #
>> ############################################################
>> #### fin fichier sldap.conf #####
>> ############################################################
>>
>> ###########################################################
>> #### ldap.conf ######
>> ###########################################################
>> #
>> # LDAP Defaults
>> #
>>
>> # See ldap.conf(5) for details
>> # This file should be world readable but not world writable.
>>
>> BASE dc=medica-rs,dc=int
>> URI ldaps://ldap.medica-rs.int <http://ldap.medica-rs.int>
>> #ldap://ldap-master.example.com:666
>>
>> #SIZELIMIT 12
>> #TIMELIMIT 15
>> #DEREF never
>> ############################################################
>> #### fin fichier ldap.conf #####
>> ############################################################
>>
>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAknCjgoACgkQR6Pkx5M777+5AwCcDQfV68HscGj5K51eJA3ossay
nLEAn3DhExk76a8fHWzUeoEc+Jx2VwEp
=1GQZ
-----END PGP SIGNATURE-----
Reply to: