[K12OSN] SMB/LDAP Installer upgrades
Mark Gumprecht
gumprechtm at msln.net
Thu Jul 7 15:37:30 UTC 2005
Guess I still have one issue. If I do a ldapsearch it comes back with
# SASL/Digest-MD5 Authentication Started
# Please enter Password:
If I enter the password that I used during setup, I get
#ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
#additional info: SASL(-13): user not found: no secret in database
I've searched the internet and it seams that some sort of database
population or PAM auth is needed.
I can smbldap-adduser and then check the user and get info and all is
ok. I can login under the username. Not sure about the search thing. If
I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok
but the search result is
#search: 2
#result: 34 Invalid DN syntax
#text: invalid DN
#numResponses: 1
Any suggestions?
Mark
Mark Gumprecht wrote:
> Matt,
> I've edited the distro file and added centos4, copied fc3 settings and
> then commented out the packages it said it couldn't find. I verified
> that everything that needed to be there is there. It works better than
> 1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat
> command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors
> out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1).
> That ended up being the selinux setting. I have the firewall off and
> had the se setting at warn. I shut that off and rebooted and I get the
> SASL/Digest-MD5 Authentication Started : Please enter Password,
> prompt. I had to change the path to smbldap- tools in the smb.conf
> file to /usr/sbin/ because I used a rpm that was made for rhel4. I've
> been able to follow the rest of the directions of 1.2.1 and have no
> problems. Thankyou for the new script.
> Mark
>
> Matt Oquist wrote:
>
>> Ooooooooo
>>
>> I'm working on version 2.0 right now. I think it's nearing
>> completion, but I haven't started testing yet. It will theoretically
>> support any distro, though distros without the authconfig utility
>> (non-RH-based distros, AFAICT) will have some rather complex PAM
>> configuration to do by hand.
>>
>> --matt
>>
>> David Trask wrote: [Wed Jul 06 2005, 08:07:00PM EDT]
>>
>>
>>> Matt,
>>>
>>> Just a thought....how about a piece to the script that might....ask the
>>> user if he or she would like to dump an existing LDAP database....if
>>> so,
>>> run slapcat to dump it....then run the installer...upgrading along the
>>> way....then assuming they selected "yes" earlier....then read the DB
>>> back
>>> in? Just a thought....haven't thought it through yet...just shooting
>>> from the hip....
>>>
>>>
>>> "Support list for opensource software in schools."
>>> <k12osn at redhat.com> on
>>> Wednesday, July 6, 2005 at 1:44 PM wrote:
>>>
>>>
>>>
>>>
>>>>> From: "Jim Kronebusch" <jim at winonacotter.org>
>>>>> Subject: RE: [K12OSN] SMB/LDAP Installer upgrades
>>>>>
>>>>>
>>>>>> You should be able to run it fine...unless you've made some weird
>>>>>> config changes by hand. The script backs everything up anyway so
>>>>>> you can go and merge any changes if necessary. I can't test it
>>>>>> at the moment, but I believe Matt has it "merging" changes....not
>>>>>> overwriting them. The main concern would be smb.conf....try it
>>>>>> and let me know what happens...I'll test myself in a few days and
>>>>>> let you know as well.
>>>>>>
>>>>>
>>>>> When I ran it this morning on my test box I no longer had any
>>>>> users when
>>>>> finished. It went from 1.2 to 1.2.2-gamma. This would be a bad
>>>>> thing
>>>>> on a production box.
>>>>> Also, do you have any tips on using quotas? I see the bulk-add
>>>>> script
>>>>> want a sample user to configure from. What is the recommended set of
>>>>> commands to set quotas on a default user?
>>>>>
>>>>> Thanks
>>>>>
>>>>
>>>> Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer
>>>> doesn't merge anything. It overwrites everything! It makes
>>>> timestamped backups of all the config files it overwrites, but you
>>>> definitely shouldn't run it on a production system that already has
>>>> users (at least not without some careful planning and preparation).
>>>>
>>>> If you need to upgrade, I recommend that you
>>>> 1) dump your LDAP DB with slapcat,
>>>> 2) upgrade your packages (Samba, OpenLDAP, etc.),
>>>> 3) run the Samba/LDAP installer again, and
>>>> 4) read your DB back into LDAP.
>>>>
>>>> --matt
>>>>
>>>> _______________________________________________
>>>> K12OSN mailing list
>>>> K12OSN at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/k12osn
>>>> For more info see <http://www.k12os.org>
>>>>
>>>
>>> David N. Trask
>>> Technology Teacher/Coordinator
>>> Vassalboro Community School
>>> dtrask at vcsvikings.org
>>> (207)923-3100
>>>
>>>
>>>
>>>
>>>
>>>
>>> David N. Trask
>>> Technology Teacher/Coordinator
>>> Vassalboro Community School
>>> dtrask at vcsvikings.org
>>> (207)923-3100
>>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>
--
Mark Gumprecht
Data Systems Specialist
MSAD3
Unity, ME
gumprechtm at msln.net
More information about the K12OSN
mailing list