Hi, I have already a cn=admin,dc=example,dc=com to add/modify my users/groups in ldap. And I don't have a olcAuthzRegexp configured But I could add the samba.schema in my ldap server with ldapadd -Y external -H ldapi:/// -f /tmp/cn\=samba.ldif
No password was asked? Is this normal? Thanks!! On 01/24/2014 12:12 AM, Joshua Schaeffer wrote: > Debian Wheezy's package does include sasl external auth by default, so > you should be able to use Dan's suggestion. Also you can run > dpkg-reconfigure slapd to set an admin account > (cn=admin,dc=example,dc=com) and a password for your bdb or hdb > database. However you wouldn't want to use that account anyway to add > a schema as that needs to be added to the cn=schema,cn=config directory. > > > On Thu, Jan 23, 2014 at 10:19 AM, Dan White <[email protected] > <mailto:[email protected]>> wrote: > > On 01/23/14 18:01 +0100, W Forum W wrote: > > Hi, > I try to add the samba.schema in my openldap server (Debian > Wheezy), > default installed. > slapd: 2.4.31 > ldap-utils 2.4.31 > > I followed this tutorial > https://help.ubuntu.com/10.04/serverguide/samba-ldap.html > > I can use ldapsearch, ldapadd and ldapmodify with my > cn=admin,dc=example,dc=com password > but when I try to add the new schema to the directory with > > ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\=samba.ldif > > I get > ldap_bind: Invalid credentials (49) > > Is there a different password for cn=admin,cn=config? I was > never asked > to create it. > And how can I change it if necessary? > > > Use 'slapcat -n0' to view your existing configuration. You may have an > olcAuthzRegexp configured to allow sasl external authentication > over your > ldapi unix socket. If so, try: > > ldapadd -Y external -H ldapi:/// -f /tmp/cn\=samba.ldif > > -- > Dan White > >
