[K12OSN] SMB/LDAP Installer upgrades

David Trask dtrask at vcsvikings.org
Thu Jul 7 18:55:36 UTC 2005


Mark....

Did you run all the tests I show in the lower part of the how-to document?
 Each stage of the test will indicate what may be broken....generally if
thay all pass it SHOULD (famous last words) work...otherwise....the tests
should give you an indication as to what is broken.  The bad news is that
I've found that once you find out what's broken you usually have to back
up and start over with the LDAP database as everything is co-dependent.

"Support list for opensource software in schools." <k12osn at redhat.com> on
Thursday, July 7, 2005 at 11:37 AM  wrote:


>Guess I still have one issue. If I do a ldapsearch it comes back with
> 
> #   SASL/Digest-MD5 Authentication Started
> #  Please enter Password:
>
>If I enter the password that I used during setup, I get
>
>#ldap_sasl_interactive_bind_s: Internal (implementation specific) error
>(80)
>#additional info: SASL(-13): user not found: no secret in database
>
>I've searched the internet and it seams that some sort of database 
>population or PAM auth is needed.
>I can smbldap-adduser and then check the user and get info and all is 
>ok. I can login under the username. Not sure about the search thing. If 
>I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok 
>but the search result is
>#search: 2
>#result: 34 Invalid DN syntax
>#text: invalid DN
>#numResponses: 1
>
>Any suggestions?
>Mark
>
>Mark Gumprecht wrote:
>
>> Matt,
>> I've edited the distro file and added centos4, copied fc3 settings and 
>> then commented out the packages it said it couldn't find. I verified 
>> that everything that needed to be there is there. It works better than 
>> 1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat 
>> command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors 
>> out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). 
>> That ended up being the selinux setting. I have the firewall off and 
>> had the se setting at warn. I shut that off and rebooted and I get the 
>> SASL/Digest-MD5 Authentication Started : Please enter Password, 
>> prompt. I had to change the path to smbldap- tools in the smb.conf 
>> file to /usr/sbin/ because I used a rpm that was made for rhel4. I've 
>> been able to follow the rest of the directions of 1.2.1 and have no 
>> problems. Thankyou for the new script.
>> Mark
>>
>> Matt Oquist wrote:
>>
>>> Ooooooooo
>>>
>>> I'm working on version 2.0 right now.  I think it's nearing
>>> completion, but I haven't started testing yet.  It will theoretically
>>> support any distro, though distros without the authconfig utility
>>> (non-RH-based distros, AFAICT) will have some rather complex PAM
>>> configuration to do by hand.
>>>
>>> --matt
>>>
>>> David Trask wrote:    [Wed Jul 06 2005, 08:07:00PM EDT]
>>>  
>>>
>>>> Matt,
>>>>
>>>> Just a thought....how about a piece to the script that might....ask
>the
>>>> user if he or she would like to dump an existing LDAP database....if 
>>>> so,
>>>> run slapcat to dump it....then run the installer...upgrading along the
>>>> way....then assuming they selected "yes" earlier....then read the DB 
>>>> back
>>>> in?  Just  a thought....haven't thought it through yet...just shooting
>>>> from the hip....
>>>>
>>>>
>>>> "Support list for opensource software in schools." 
>>>> <k12osn at redhat.com> on
>>>> Wednesday, July 6, 2005 at 1:44 PM  wrote:
>>>>
>>>>
>>>>   
>>>>
>>>>>> From: "Jim Kronebusch" <jim at winonacotter.org>
>>>>>> Subject: RE: [K12OSN] SMB/LDAP Installer upgrades
>>>>>>       
>>>>>>
>>>>>>> You should be able to run it fine...unless you've made some weird 
>>>>>>> config changes by hand.  The script backs everything up anyway so 
>>>>>>> you can go and merge any changes if necessary.  I can't test it 
>>>>>>> at the moment, but I believe Matt has it "merging" changes....not 
>>>>>>> overwriting them.  The main concern would be smb.conf....try it 
>>>>>>> and let me know what happens...I'll test myself in a few days and 
>>>>>>> let you know as well.
>>>>>>>         
>>>>>>
>>>>>> When I ran it this morning on my test box I no longer had any 
>>>>>> users when
>>>>>> finished.  It went from 1.2 to 1.2.2-gamma.  This would be a bad 
>>>>>> thing
>>>>>> on a production box. 
>>>>>> Also, do you have any tips on using quotas?  I see the bulk-add 
>>>>>> script
>>>>>> want a sample user to configure from.  What is the recommended set
>of
>>>>>> commands to set quotas on a default user?
>>>>>>
>>>>>> Thanks
>>>>>>       
>>>>>
>>>>> Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer
>>>>> doesn't merge anything.  It overwrites everything!  It makes
>>>>> timestamped backups of all the config files it overwrites, but you
>>>>> definitely shouldn't run it on a production system that already has
>>>>> users (at least not without some careful planning and preparation).
>>>>>
>>>>> If you need to upgrade, I recommend that you
>>>>> 1) dump your LDAP DB with slapcat,
>>>>> 2) upgrade your packages (Samba, OpenLDAP, etc.),
>>>>> 3) run the Samba/LDAP installer again, and
>>>>> 4) read your DB back into LDAP.
>>>>>
>>>>> --matt
>>>>>
>>>>> _______________________________________________
>>>>> K12OSN mailing list
>>>>> K12OSN at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/k12osn
>>>>> For more info see <http://www.k12os.org>
>>>>>     
>>>>
>>>> David N. Trask
>>>> Technology Teacher/Coordinator
>>>> Vassalboro Community School
>>>> dtrask at vcsvikings.org
>>>> (207)923-3100
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> David N. Trask
>>>> Technology Teacher/Coordinator
>>>> Vassalboro Community School
>>>> dtrask at vcsvikings.org
>>>> (207)923-3100
>>>>   
>>>
>>>
>>>  
>>>
>>>
>------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> K12OSN mailing list
>>> K12OSN at redhat.com
>>> https://www.redhat.com/mailman/listinfo/k12osn
>>> For more info see <http://www.k12os.org>
>>>
>>
>
>-- 
>Mark Gumprecht
>Data Systems Specialist
>MSAD3
>Unity, ME
>gumprechtm at msln.net
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>


David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask at vcsvikings.org
(207)923-3100




David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask at vcsvikings.org
(207)923-3100




More information about the K12OSN mailing list