John H Terpstra wrote:
On Thursday 07 April 2005 13:25, Chris Weiss wrote:There is no configure.pl present in the folder. Originally, I'd noticed that there was nothing in usr/local/sbin, so I followed the INSTALL text, which stated to manually copy the files over There is a Makefile, which claims to be version 0.8.2-1. There's now also a single smbldap_conf.pm that seems to incorporate the settings found in both the /etc/opt/IDEALX/smbldaptools/smbldap.conf and smbldapbind.conf files, which are now ignored.
I'm following the "The Linux Samba-OpenLDAP Howto" at http://samba.idealx.org/smbldap-howto.en.html and seem to have run into a problem...
I'm to the point where I want to do the initial database population using smbldap-populate.pl, but when I run it, I'm getting:
Using builtin directory structure
adding new entry: dc=pirategames,dc=net
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate.pl line 323, <GEN1> line 2.
adding new entry: ou=_USERS_,dc=pirategames,dc=net
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate.pl line 323, <GEN1> line 3.
adding new entry: ou=_GROUPS_,dc=pirategames,dc=net
failed to add entry: modifications require authentication at
/usr/local/sbin/smbldap-populate.pl line 323, <GEN1> line 4.
etc...
It would appear from the above that you have not configured your smbldap-tools. You will need to do this by executing the configure.pl script in the smbldap-tools directory.
The INSTALL directions state the following (in addition to copying):
. to allow a domain admin to add user using "add user script" in smb.conf :
chmod 753 smbldap_conf.pm
chmod 750 smbldap-useradd.pl
chgrp 512 smbldap_conf.pm smbldap-useradd.pl (512 = 0x200 = Domain Admins)
Have your admin belong to this group
In smb.conf : domain admin group = " @"Domain Admins" "
However, as I understand it, the "domain admin group" directive has been removed in Samba 3. If I read the docs correctly, I need to manage it via "net groupmap add ntgroup="Domain Admins" unixgroup=root" (for now, I just want root to be able to tweak the server). However, this is failing with:
failed to bind to server with dn= cn=samba,ou=Users,dc=pirategames,dc=net Error: Invalid credentials
Also, what version of smbldap-tools are you using? The .pl extension suggests you are using an old version. What version of Samba are you using? Please ensure that the two are matching versions.
Samba version 3.0.10.2 (via rpm -q) smbldaptools 0.8.8-1 (via rpm -q)
So I should back out smbldaptools to v0.8.6?
Samba pre-3.0.6 can use smbldap-tools 0.8.2 or 0.8.4 Samba 3.0.6 or later requires smbldap-tools 0.8.5 or later. Samba 3.0.11 is best used with smbldap-tools 0.8.7 or later.
- John T.
Something I thought was interesting is it's not even pointing out the SID, although I've got it and populated the smbldap.conf file and slapd.conf.pm (I'm using Fedora 3 and the smbldap-tools included seem to have a different default configuration, so I downloaded the RPM and did an update. This problem was occurring before and after the RPM update).
Also, using smbldap-useradd.pl fails in the same manner. $ smbldap-useradd.pl -m testuser1 failed to perform search; No such object at /usr/local/sbin///smbldap_tools.pm line 154, <DATA> line 283. failed to add entry: modifications require authentication at /usr/local/sbin/smbldap-useradd.pl line 249, <DATA> line 283. No such object at /usr/local/sbin///smbldap_tools.pm line 178, <DATA> line 283.
That message seems to indicate that I've not set the tools to choose authentication - I've gone over the permissions settings a few times and things should match up, can anyone help point me in the right direction to look as to why this might be failing?
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.9.5 - Release Date: 4/7/2005
-- This message has been scanned for viruses and dangerous content, and is believed to be clean.
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
