[K12OSN] SMB/LDAP Installer upgrades
Mark Gumprecht
gumprechtm at msln.net
Fri Jul 8 09:35:18 UTC 2005
I ran all the tests at the bottom and everything worked. The only thing
that may have not worked and I would not know if it was normal or not,
is being asked for a password when doing the ldapsearch. I do not know
the password it wants.
Also I tried to connect a xp pro machine to it last night and it said
either the username or password was invalid (from memory). I came in
early today to take down my win2k server and play a little bit before
everyone else shows up.
Mark
David Trask wrote:
>Mark....
>
>Did you run all the tests I show in the lower part of the how-to document?
> Each stage of the test will indicate what may be broken....generally if
>thay all pass it SHOULD (famous last words) work...otherwise....the tests
>should give you an indication as to what is broken. The bad news is that
>I've found that once you find out what's broken you usually have to back
>up and start over with the LDAP database as everything is co-dependent.
>
>"Support list for opensource software in schools." <k12osn at redhat.com> on
>Thursday, July 7, 2005 at 11:37 AM wrote:
>
>
>
>
>>Guess I still have one issue. If I do a ldapsearch it comes back with
>>
>># SASL/Digest-MD5 Authentication Started
>># Please enter Password:
>>
>>If I enter the password that I used during setup, I get
>>
>>#ldap_sasl_interactive_bind_s: Internal (implementation specific) error
>>(80)
>>#additional info: SASL(-13): user not found: no secret in database
>>
>>I've searched the internet and it seams that some sort of database
>>population or PAM auth is needed.
>>I can smbldap-adduser and then check the user and get info and all is
>>ok. I can login under the username. Not sure about the search thing. If
>>I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok
>>but the search result is
>>#search: 2
>>#result: 34 Invalid DN syntax
>>#text: invalid DN
>>#numResponses: 1
>>
>>Any suggestions?
>>Mark
>>
>>Mark Gumprecht wrote:
>>
>>
>>
>>>Matt,
>>>I've edited the distro file and added centos4, copied fc3 settings and
>>>then commented out the packages it said it couldn't find. I verified
>>>that everything that needed to be there is there. It works better than
>>>1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat
>>>command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors
>>>out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1).
>>>That ended up being the selinux setting. I have the firewall off and
>>>had the se setting at warn. I shut that off and rebooted and I get the
>>>SASL/Digest-MD5 Authentication Started : Please enter Password,
>>>prompt. I had to change the path to smbldap- tools in the smb.conf
>>>file to /usr/sbin/ because I used a rpm that was made for rhel4. I've
>>>been able to follow the rest of the directions of 1.2.1 and have no
>>>problems. Thankyou for the new script.
>>>Mark
>>>
>>>Matt Oquist wrote:
>>>
>>>
>>>
>>>>Ooooooooo
>>>>
>>>>I'm working on version 2.0 right now. I think it's nearing
>>>>completion, but I haven't started testing yet. It will theoretically
>>>>support any distro, though distros without the authconfig utility
>>>>(non-RH-based distros, AFAICT) will have some rather complex PAM
>>>>configuration to do by hand.
>>>>
>>>>--matt
>>>>
>>>>David Trask wrote: [Wed Jul 06 2005, 08:07:00PM EDT]
>>>>
>>>>
>>>>
>>>>
>>>>>Matt,
>>>>>
>>>>>Just a thought....how about a piece to the script that might....ask
>>>>>
>>>>>
>>the
>>
>>
>>>>>user if he or she would like to dump an existing LDAP database....if
>>>>>so,
>>>>>run slapcat to dump it....then run the installer...upgrading along the
>>>>>way....then assuming they selected "yes" earlier....then read the DB
>>>>>back
>>>>>in? Just a thought....haven't thought it through yet...just shooting
>>>>>from the hip....
>>>>>
>>>>>
>>>>>"Support list for opensource software in schools."
>>>>><k12osn at redhat.com> on
>>>>>Wednesday, July 6, 2005 at 1:44 PM wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>From: "Jim Kronebusch" <jim at winonacotter.org>
>>>>>>>Subject: RE: [K12OSN] SMB/LDAP Installer upgrades
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>You should be able to run it fine...unless you've made some weird
>>>>>>>>config changes by hand. The script backs everything up anyway so
>>>>>>>>you can go and merge any changes if necessary. I can't test it
>>>>>>>>at the moment, but I believe Matt has it "merging" changes....not
>>>>>>>>overwriting them. The main concern would be smb.conf....try it
>>>>>>>>and let me know what happens...I'll test myself in a few days and
>>>>>>>>let you know as well.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>When I ran it this morning on my test box I no longer had any
>>>>>>>users when
>>>>>>>finished. It went from 1.2 to 1.2.2-gamma. This would be a bad
>>>>>>>thing
>>>>>>>on a production box.
>>>>>>>Also, do you have any tips on using quotas? I see the bulk-add
>>>>>>>script
>>>>>>>want a sample user to configure from. What is the recommended set
>>>>>>>
>>>>>>>
>>of
>>
>>
>>>>>>>commands to set quotas on a default user?
>>>>>>>
>>>>>>>Thanks
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer
>>>>>>doesn't merge anything. It overwrites everything! It makes
>>>>>>timestamped backups of all the config files it overwrites, but you
>>>>>>definitely shouldn't run it on a production system that already has
>>>>>>users (at least not without some careful planning and preparation).
>>>>>>
>>>>>>If you need to upgrade, I recommend that you
>>>>>>1) dump your LDAP DB with slapcat,
>>>>>>2) upgrade your packages (Samba, OpenLDAP, etc.),
>>>>>>3) run the Samba/LDAP installer again, and
>>>>>>4) read your DB back into LDAP.
>>>>>>
>>>>>>--matt
>>>>>>
>>>>>>_______________________________________________
>>>>>>K12OSN mailing list
>>>>>>K12OSN at redhat.com
>>>>>>https://www.redhat.com/mailman/listinfo/k12osn
>>>>>>For more info see <http://www.k12os.org>
>>>>>>
>>>>>>
>>>>>>
>>>>>David N. Trask
>>>>>Technology Teacher/Coordinator
>>>>>Vassalboro Community School
>>>>>dtrask at vcsvikings.org
>>>>>(207)923-3100
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>David N. Trask
>>>>>Technology Teacher/Coordinator
>>>>>Vassalboro Community School
>>>>>dtrask at vcsvikings.org
>>>>>(207)923-3100
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>------------------------------------------------------------------------
>>
>>
>>>>_______________________________________________
>>>>K12OSN mailing list
>>>>K12OSN at redhat.com
>>>>https://www.redhat.com/mailman/listinfo/k12osn
>>>>For more info see <http://www.k12os.org>
>>>>
>>>>
>>>>
>>--
>>Mark Gumprecht
>>Data Systems Specialist
>>MSAD3
>>Unity, ME
>>gumprechtm at msln.net
>>
>>_______________________________________________
>>K12OSN mailing list
>>K12OSN at redhat.com
>>https://www.redhat.com/mailman/listinfo/k12osn
>>For more info see <http://www.k12os.org>
>>
>>
>
>
>David N. Trask
>Technology Teacher/Coordinator
>Vassalboro Community School
>dtrask at vcsvikings.org
>(207)923-3100
>
>
>
>
>David N. Trask
>Technology Teacher/Coordinator
>Vassalboro Community School
>dtrask at vcsvikings.org
>(207)923-3100
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>
>
>
>
--
Mark Gumprecht
Data Systems Specialist
MSAD3
Unity, ME
gumprechtm at msln.net
More information about the K12OSN
mailing list