[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] SMB/LDAP Installer upgrades



Guess I still have one issue. If I do a ldapsearch it comes back with

#   SASL/Digest-MD5 Authentication Started
#  Please enter Password:

If I enter the password that I used during setup, I get

#ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
#additional info: SASL(-13): user not found: no secret in database

I've searched the internet and it seams that some sort of database population or PAM auth is needed.
I can smbldap-adduser and then check the user and get info and all is ok. I can login under the username. Not sure about the search thing. If I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok but the search result is
#search: 2
#result: 34 Invalid DN syntax
#text: invalid DN
#numResponses: 1


Any suggestions?
Mark

Mark Gumprecht wrote:

Matt,
I've edited the distro file and added centos4, copied fc3 settings and then commented out the packages it said it couldn't find. I verified that everything that needed to be there is there. It works better than 1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). That ended up being the selinux setting. I have the firewall off and had the se setting at warn. I shut that off and rebooted and I get the SASL/Digest-MD5 Authentication Started : Please enter Password, prompt. I had to change the path to smbldap- tools in the smb.conf file to /usr/sbin/ because I used a rpm that was made for rhel4. I've been able to follow the rest of the directions of 1.2.1 and have no problems. Thankyou for the new script.
Mark


Matt Oquist wrote:

Ooooooooo

I'm working on version 2.0 right now.  I think it's nearing
completion, but I haven't started testing yet.  It will theoretically
support any distro, though distros without the authconfig utility
(non-RH-based distros, AFAICT) will have some rather complex PAM
configuration to do by hand.

--matt

David Trask wrote: [Wed Jul 06 2005, 08:07:00PM EDT]


Matt,

Just a thought....how about a piece to the script that might....ask the
user if he or she would like to dump an existing LDAP database....if so,
run slapcat to dump it....then run the installer...upgrading along the
way....then assuming they selected "yes" earlier....then read the DB back
in? Just a thought....haven't thought it through yet...just shooting
from the hip....



"Support list for opensource software in schools." <k12osn redhat com> on
Wednesday, July 6, 2005 at 1:44 PM wrote:





From: "Jim Kronebusch" <jim winonacotter org>
Subject: RE: [K12OSN] SMB/LDAP Installer upgrades


You should be able to run it fine...unless you've made some weird config changes by hand. The script backs everything up anyway so you can go and merge any changes if necessary. I can't test it at the moment, but I believe Matt has it "merging" changes....not overwriting them. The main concern would be smb.conf....try it and let me know what happens...I'll test myself in a few days and let you know as well.

When I ran it this morning on my test box I no longer had any users when
finished. It went from 1.2 to 1.2.2-gamma. This would be a bad thing
on a production box. Also, do you have any tips on using quotas? I see the bulk-add script
want a sample user to configure from. What is the recommended set of
commands to set quotas on a default user?


Thanks

Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer doesn't merge anything. It overwrites everything! It makes timestamped backups of all the config files it overwrites, but you definitely shouldn't run it on a production system that already has users (at least not without some careful planning and preparation).

If you need to upgrade, I recommend that you
1) dump your LDAP DB with slapcat,
2) upgrade your packages (Samba, OpenLDAP, etc.),
3) run the Samba/LDAP installer again, and
4) read your DB back into LDAP.

--matt

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

David N. Trask Technology Teacher/Coordinator Vassalboro Community School dtrask vcsvikings org (207)923-3100






David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask vcsvikings org
(207)923-3100




------------------------------------------------------------------------

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>



-- Mark Gumprecht Data Systems Specialist MSAD3 Unity, ME gumprechtm msln net


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]