[Samba] net rpc vampire is sucking my brain!
Trying to migrate NT4 to samba 3.0.0 or 3.0.1pre3 with an ldap backend. I add a backup server account to the domain and joined. Getting the SID and the ldap init seem to work, and I start windbind. When I run net rpc vampire all I get is a ton of Could not create posix account info for errors. Then ofcourse pdbedit -L returns smbldap_search_suffix: Problem during the LDAP search: (No such object). I tried using smbpasswd and tdbsam backends, because I figure I have a mistake in my ldap init, but I still get the same errors. I'm including my smb.conf, sldap.conf and initldap.dif. Could someone please help? I'm sure I have overlooked something simple. Thanks Jason Smb.conf [global] workgroup = NEPHROLOGY server string = samba test dc #passdb backend = tdbsam passdb backend = ldapsam:ldap://localhost log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain logons = Yes local master = No domain master = No dns proxy = No wins server = 134.68.220.14 ldap suffix = dc=nephrology,dc=iupui,dc=edu ldap machine suffix = ou=Computers,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu ,dc=nephrology,dc=iupui,dc=edu ldap user suffix = ou=People,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc =nephrology,dc=iupui,dc=edu ldap group suffix = ou=Groups,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc =nephrology,dc=iupui,dc=edu ldap idmap suffix = dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc=nephrolog y,dc=iupui,dc=edu ldap admin dn = cn=root,dc=nephrology,dc=iupui,dc=edu remote announce = 149.166.202.255 idmap uid = 15000-2 idmap gid = 15000-2 [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No Initldap.dif #O rganization for Samba Base dn: dc=nephrology,dc=iupui,dc=edu objectclass: dcObject objectclass: organization dc: nephrology o: Nephrology Net description: The Samba-3 Network LDAP Example # Organizational Role for Directory Management dn: cn=root,dc=nephrology,dc=iupui,dc=edu objectclass: organizationalRole cn: root description: Directory Manager # Setting up container for users dn: ou=People,dc=nephrology,dc=iupui,dc=edu objectclass: top objectclass: organizationalUnit ou: People # Setting up admin handle for People OU dn: cn=root,ou=People,dc=nephrology,dc=iupui,dc=edu cn: root objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: same as slapd # Setting up container for groups dn: ou=Groups,dc=nephrology,dc=iupui,dc=edu objectclass: top objectclass: organizationalUnit ou: Groups # Setting up admin handle for Groups OU dn: cn=root,ou=Groups,dc=nephrology,dc=iupui,dc=edu cn: root objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: same as slapd # Setting up container for computers dn: ou=Computers,dc=nephrology,dc=iupui,dc=edu objectclass: top objectclass: organizationalUnit ou: Computers # Setting up admin handle for Computers OU dn: cn=root,ou=Computers,dc=nephrology,dc=iupui,dc=edu cn: root objectclass: top objectclass: organizationalRole objectclass: simpleSecurityObject userPassword: same as slapd Sladp.conf databaseldbm suffix dc=nephrology,dc=iupui,dc=edu rootdn cn=root,dc=nephrology,dc=iupui,dc=edu # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # rootpwsecret # rootpw{crypt}ijFYNcSNctBYg #rootpw {SSHA}GDtVlBhvQsENtjM3OD1GBFAWMkhv+3m/ rootpw something sensible # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,mail,givenname eq,pres,sub index uidNumber,gidNumber,loginShelleq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntryeq,pres,sub index cnpres,sub,eq index snpres,sub,eq index displayName pres,sub,eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub # Replicas of this database #replogfile /var/lib/ldap/openldap-master-replog #replica host=ldap-1.example.com:389 tls=yes # bindmethod=sasl saslmech=GSSAPI # authcId=host/[EMAIL PROTECTED] -- To unsubscribe from this list
Re: [Samba] net rpc vampire is sucking my brain!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Byars, Jason M írta: | Trying to migrate NT4 to samba 3.0.0 or 3.0.1pre3 with an ldap backend. | I add a backup server account to the domain and joined. Getting the SID | and the ldap init seem to work, and I start windbind. When I run net rpc | vampire all I get is a ton of Could not create posix account info for | errors. Then ofcourse pdbedit -L returns smbldap_search_suffix: Problem | during the LDAP search: (No such object). I tried using smbpasswd and | tdbsam backends, because I figure I have a mistake in my ldap init, but | I still get the same errors. I'm including my smb.conf, sldap.conf and | initldap.dif. Could someone please help? I'm sure I have overlooked | something simple. Thanks | | Jason | | Smb.conf | [global] | workgroup = NEPHROLOGY | server string = samba test dc | #passdb backend = tdbsam | passdb backend = ldapsam:ldap://localhost | log file = /var/log/samba/%m.log | max log size = 50 | socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 | domain logons = Yes | local master = No | domain master = No | dns proxy = No | wins server = 134.68.220.14 | ldap suffix = dc=nephrology,dc=iupui,dc=edu | ldap machine suffix = | ou=Computers,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu | ,dc=nephrology,dc=iupui,dc=edu | ldap user suffix = | ou=People,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc | =nephrology,dc=iupui,dc=edu | ldap group suffix = | ou=Groups,dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc | =nephrology,dc=iupui,dc=edu | ldap idmap suffix = | dc=nephrology,dc=iupui,dc=edu,dc=nephrology,dc=iupui,dc=edu,dc=nephrolog | y,dc=iupui,dc=edu | ldap admin dn = cn=root,dc=nephrology,dc=iupui,dc=edu | remote announce = 149.166.202.255 | idmap uid = 15000-2 | idmap gid = 15000-2 | [homes] | comment = Home Directories | read only = No | browseable = No | | [printers] | comment = All Printers | path = /var/spool/samba | printable = Yes | browseable = No | | Initldap.dif | #O rganization for Samba Base | dn: dc=nephrology,dc=iupui,dc=edu | objectclass: dcObject | objectclass: organization | dc: nephrology | o: Nephrology Net | description: The Samba-3 Network LDAP Example | | # Organizational Role for Directory Management | dn: cn=root,dc=nephrology,dc=iupui,dc=edu | objectclass: organizationalRole | cn: root | description: Directory Manager | | # Setting up container for users | dn: ou=People,dc=nephrology,dc=iupui,dc=edu | objectclass: top | objectclass: organizationalUnit | ou: People | | # Setting up admin handle for People OU | dn: cn=root,ou=People,dc=nephrology,dc=iupui,dc=edu | cn: root | objectclass: top | objectclass: organizationalRole | objectclass: simpleSecurityObject | userPassword: same as slapd | | # Setting up container for groups | dn: ou=Groups,dc=nephrology,dc=iupui,dc=edu | objectclass: top | objectclass: organizationalUnit | ou: Groups | | # Setting up admin handle for Groups OU | dn: cn=root,ou=Groups,dc=nephrology,dc=iupui,dc=edu | cn: root | objectclass: top | objectclass: organizationalRole | objectclass: simpleSecurityObject | userPassword: same as slapd | | # Setting up container for computers | dn: ou=Computers,dc=nephrology,dc=iupui,dc=edu | objectclass: top | objectclass: organizationalUnit | ou: Computers | | # Setting up admin handle for Computers OU | dn: cn=root,ou=Computers,dc=nephrology,dc=iupui,dc=edu | cn: root | objectclass: top | objectclass: organizationalRole | objectclass: simpleSecurityObject | userPassword: same as slapd | | Sladp.conf | databaseldbm | suffix dc=nephrology,dc=iupui,dc=edu | rootdn cn=root,dc=nephrology,dc=iupui,dc=edu | # Cleartext passwords, especially for the rootdn, should | # be avoided. See slappasswd(8) and slapd.conf(5) for details. | # Use of strong authentication encouraged. | # rootpwsecret | # rootpw{crypt}ijFYNcSNctBYg | #rootpw {SSHA}GDtVlBhvQsENtjM3OD1GBFAWMkhv+3m/ | rootpw something sensible | # The database directory MUST exist prior to running slapd AND | # should only be accessible by the slapd and slap tools. | # Mode 700 recommended. | directory /var/lib/ldap | | # Indices to maintain for this database | index objectClass eq,pres | index ou,mail,givenname eq,pres,sub | index uidNumber,gidNumber,loginShelleq,pres | index uid,memberUid eq,pres,sub | index nisMapName,nisMapEntryeq,pres,sub | index cnpres,sub,eq | index snpres,sub,eq | index displayName pres,sub,eq | index sambaSID eq | index sambaPrimaryGroupSID