On Wednesday 21 July 2004 18:59, Barry Rumsey wrote:
> hi
> I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2.
> My slapd.conf looks like this:
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include               /etc/openldap/schema/core.schema
> include               /etc/openldap/schema/cosine.schema
> include               /etc/openldap/schema/inetorgperson.schema
> include               /etc/openldap/schema/samba.schema
> include               /etc/openldap/schema/nis.schema

The NIS schema must be specified BEFORE the samba schema!

>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral     ldap://root.openldap.org
>
> pidfile               /var/run/slapd/run/slapd.pid
> argsfile      /var/run/slapd/run/slapd.args
>
> # Load dynamic backend modules:
> modulepath    /usr/lib/openldap/modules
> # moduleload  back_ldap.la
> # moduleload  back_meta.la
> # moduleload  back_monitor.la
> # moduleload  back_perl.la
>
> # Sample security restrictions
> #     Require integrity protection (prevent hijacking)
> #     Require 112-bit (3DES or better) encryption for updates
> #     Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> #     Root DSE: allow anyone to read it
> #     Subschema (sub)entry DSE: allow anyone to read it
> #     Other DSEs:
> #             Allow self write access
> #             Allow authenticated users read access
> #             Allow anonymous users to authenticate
> #     Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> #     by self write
> #     by users read
> #     by anonymous auth
> #
> # if no access controls are present, the default policy
> # allows anyone and everyone to read anything but restricts
> # updates to rootdn.  (e.g., "access to * by * read")
> #
> # rootdn can always read and write EVERYTHING!
>
> #######################################################################
> # bdb database definitions
> #######################################################################
>
> database      bdb
> checkpoint      1024    5
> cachesize       10000
> suffix                "dc=tux,dc=dyndns,dc=org"
> rootdn                "cn=Manager,dc=tux,dc=dyndns,dc=org"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw                secret
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory     /var/lib/ldap
> # Indices to maintain
> index objectClass     eq
> index cn              pres,sub,eq
> index sn              pres,sub,eq
> index uid             pres,sub,eq
> index displayName     pres,sub,eq
> index uidNumber       eq
> index gidNumber       eq
> index memberUid       eq
> index sambaSID        eq
> index sambaPrimaryGroups      eq
> index sambaDomainName         eq
> index default                 sub
>
> When I try to execute the index by doing :
> tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf
>
> I end up with the following error:
> /etc/openldap/schema/samba.schema: line 340: AttributeType not found:
> "gidNumber"
> slapindex: bad configuration file!
>
> I have been follow the exsample from The Official Samba-3 HOWTO and
> Reference Guide.
>
> Can someone help me past this error please

See above.

- John T.

>
> Thanks in advance
> Barry

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to