[K12OSN] SMB/LDAP Installer upgrades

Mark Gumprecht gumprechtm at msln.net
Fri Jul 8 09:35:18 UTC 2005 

I ran all the tests at the bottom and everything worked. The only thing 
that may have not worked and I would not know if it was normal or not, 
is being asked for a password when doing the ldapsearch. I do not know 
the password it wants.
Also I tried to connect a xp pro machine to it last night and it said 
either the username or password was invalid (from memory). I came in 
early today to take down my win2k server and play a little bit before 
everyone else shows up.
Mark

David Trask wrote:

>Mark....
>
>Did you run all the tests I show in the lower part of the how-to document?
> Each stage of the test will indicate what may be broken....generally if
>thay all pass it SHOULD (famous last words) work...otherwise....the tests
>should give you an indication as to what is broken.  The bad news is that
>I've found that once you find out what's broken you usually have to back
>up and start over with the LDAP database as everything is co-dependent.
>
>"Support list for opensource software in schools." <k12osn at redhat.com> on
>Thursday, July 7, 2005 at 11:37 AM  wrote:
>
>
>  
>
>>Guess I still have one issue. If I do a ldapsearch it comes back with
>>
>>#   SASL/Digest-MD5 Authentication Started
>>#  Please enter Password:
>>
>>If I enter the password that I used during setup, I get
>>
>>#ldap_sasl_interactive_bind_s: Internal (implementation specific) error
>>(80)
>>#additional info: SASL(-13): user not found: no secret in database
>>
>>I've searched the internet and it seams that some sort of database 
>>population or PAM auth is needed.
>>I can smbldap-adduser and then check the user and get info and all is 
>>ok. I can login under the username. Not sure about the search thing. If 
>>I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok 
>>but the search result is
>>#search: 2
>>#result: 34 Invalid DN syntax
>>#text: invalid DN
>>#numResponses: 1
>>
>>Any suggestions?
>>Mark
>>
>>Mark Gumprecht wrote:
>>
>>    
>>
>>>Matt,
>>>I've edited the distro file and added centos4, copied fc3 settings and 
>>>then commented out the packages it said it couldn't find. I verified 
>>>that everything that needed to be there is there. It works better than 
>>>1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat 
>>>command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors 
>>>out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). 
>>>That ended up being the selinux setting. I have the firewall off and 
>>>had the se setting at warn. I shut that off and rebooted and I get the 
>>>SASL/Digest-MD5 Authentication Started : Please enter Password, 
>>>prompt. I had to change the path to smbldap- tools in the smb.conf 
>>>file to /usr/sbin/ because I used a rpm that was made for rhel4. I've 
>>>been able to follow the rest of the directions of 1.2.1 and have no 
>>>problems. Thankyou for the new script.
>>>Mark
>>>
>>>Matt Oquist wrote:
>>>
>>>      
>>>
>>>>Ooooooooo
>>>>
>>>>I'm working on version 2.0 right now.  I think it's nearing
>>>>completion, but I haven't started testing yet.  It will theoretically
>>>>support any distro, though distros without the authconfig utility
>>>>(non-RH-based distros, AFAICT) will have some rather complex PAM
>>>>configuration to do by hand.
>>>>
>>>>--matt
>>>>
>>>>David Trask wrote:    [Wed Jul 06 2005, 08:07:00PM EDT]
>>>> 
>>>>
>>>>        
>>>>
>>>>>Matt,
>>>>>
>>>>>Just a thought....how about a piece to the script that might....ask
>>>>>          
>>>>>
>>the
>>    
>>
>>>>>user if he or she would like to dump an existing LDAP database....if 
>>>>>so,
>>>>>run slapcat to dump it....then run the installer...upgrading along the
>>>>>way....then assuming they selected "yes" earlier....then read the DB 
>>>>>back
>>>>>in?  Just  a thought....haven't thought it through yet...just shooting
>>>>>from the hip....
>>>>>
>>>>>
>>>>>"Support list for opensource software in schools." 
>>>>><k12osn at redhat.com> on
>>>>>Wednesday, July 6, 2005 at 1:44 PM  wrote:
>>>>>
>>>>>
>>>>>  
>>>>>
>>>>>          
>>>>>
>>>>>>>From: "Jim Kronebusch" <jim at winonacotter.org>
>>>>>>>Subject: RE: [K12OSN] SMB/LDAP Installer upgrades
>>>>>>>      
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>>>>You should be able to run it fine...unless you've made some weird 
>>>>>>>>config changes by hand.  The script backs everything up anyway so 
>>>>>>>>you can go and merge any changes if necessary.  I can't test it 
>>>>>>>>at the moment, but I believe Matt has it "merging" changes....not 
>>>>>>>>overwriting them.  The main concern would be smb.conf....try it 
>>>>>>>>and let me know what happens...I'll test myself in a few days and 
>>>>>>>>let you know as well.
>>>>>>>>        
>>>>>>>>                
>>>>>>>>
>>>>>>>When I ran it this morning on my test box I no longer had any 
>>>>>>>users when
>>>>>>>finished.  It went from 1.2 to 1.2.2-gamma.  This would be a bad 
>>>>>>>thing
>>>>>>>on a production box. 
>>>>>>>Also, do you have any tips on using quotas?  I see the bulk-add 
>>>>>>>script
>>>>>>>want a sample user to configure from.  What is the recommended set
>>>>>>>              
>>>>>>>
>>of
>>    
>>
>>>>>>>commands to set quotas on a default user?
>>>>>>>
>>>>>>>Thanks
>>>>>>>      
>>>>>>>              
>>>>>>>
>>>>>>Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer
>>>>>>doesn't merge anything.  It overwrites everything!  It makes
>>>>>>timestamped backups of all the config files it overwrites, but you
>>>>>>definitely shouldn't run it on a production system that already has
>>>>>>users (at least not without some careful planning and preparation).
>>>>>>
>>>>>>If you need to upgrade, I recommend that you
>>>>>>1) dump your LDAP DB with slapcat,
>>>>>>2) upgrade your packages (Samba, OpenLDAP, etc.),
>>>>>>3) run the Samba/LDAP installer again, and
>>>>>>4) read your DB back into LDAP.
>>>>>>
>>>>>>--matt
>>>>>>
>>>>>>_______________________________________________
>>>>>>K12OSN mailing list
>>>>>>K12OSN at redhat.com
>>>>>>https://www.redhat.com/mailman/listinfo/k12osn
>>>>>>For more info see <http://www.k12os.org>
>>>>>>    
>>>>>>            
>>>>>>
>>>>>David N. Trask
>>>>>Technology Teacher/Coordinator
>>>>>Vassalboro Community School
>>>>>dtrask at vcsvikings.org
>>>>>(207)923-3100
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>David N. Trask
>>>>>Technology Teacher/Coordinator
>>>>>Vassalboro Community School
>>>>>dtrask at vcsvikings.org
>>>>>(207)923-3100
>>>>>  
>>>>>          
>>>>>
>>>> 
>>>>
>>>>
>>>>        
>>>>
>>------------------------------------------------------------------------
>>    
>>
>>>>_______________________________________________
>>>>K12OSN mailing list
>>>>K12OSN at redhat.com
>>>>https://www.redhat.com/mailman/listinfo/k12osn
>>>>For more info see <http://www.k12os.org>
>>>>
>>>>        
>>>>
>>-- 
>>Mark Gumprecht
>>Data Systems Specialist
>>MSAD3
>>Unity, ME
>>gumprechtm at msln.net
>>
>>_______________________________________________
>>K12OSN mailing list
>>K12OSN at redhat.com
>>https://www.redhat.com/mailman/listinfo/k12osn
>>For more info see <http://www.k12os.org>
>>    
>>
>
>
>David N. Trask
>Technology Teacher/Coordinator
>Vassalboro Community School
>dtrask at vcsvikings.org
>(207)923-3100
>
>
>
>
>David N. Trask
>Technology Teacher/Coordinator
>Vassalboro Community School
>dtrask at vcsvikings.org
>(207)923-3100
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>
>
>  
>

-- 
Mark Gumprecht
Data Systems Specialist
MSAD3
Unity, ME
gumprechtm at msln.net

More information about the K12OSN mailing list