[K12OSN] SMB/LDAP Installer upgrades

Thu Jul 7 15:37:30 UTC 2005

Guess I still have one issue. If I do a ldapsearch it comes back with

 #   SASL/Digest-MD5 Authentication Started
 #  Please enter Password:

If I enter the password that I used during setup, I get

#ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
#additional info: SASL(-13): user not found: no secret in database

I've searched the internet and it seams that some sort of database 
population or PAM auth is needed.
I can smbldap-adduser and then check the user and get info and all is 
ok. I can login under the username. Not sure about the search thing. If 
I do a ldapsearch -x -b "-s base" "(ObjectClass=*)" , it starts out ok 
but the search result is
#search: 2
#result: 34 Invalid DN syntax
#text: invalid DN
#numResponses: 1

Any suggestions?
Mark

Mark Gumprecht wrote:

> Matt,
> I've edited the distro file and added centos4, copied fc3 settings and 
> then commented out the packages it said it couldn't find. I verified 
> that everything that needed to be there is there. It works better than 
> 1.2.1 for centos4 up to step 18 ldapsearch. In 1.2.1 the slapcat 
> command didn't work. In 2.0a it gives a return. 2.0a ldapsearch errors 
> out with ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). 
> That ended up being the selinux setting. I have the firewall off and 
> had the se setting at warn. I shut that off and rebooted and I get the 
> SASL/Digest-MD5 Authentication Started : Please enter Password, 
> prompt. I had to change the path to smbldap- tools in the smb.conf 
> file to /usr/sbin/ because I used a rpm that was made for rhel4. I've 
> been able to follow the rest of the directions of 1.2.1 and have no 
> problems. Thankyou for the new script.
> Mark
>
> Matt Oquist wrote:
>
>> Ooooooooo
>>
>> I'm working on version 2.0 right now.  I think it's nearing
>> completion, but I haven't started testing yet.  It will theoretically
>> support any distro, though distros without the authconfig utility
>> (non-RH-based distros, AFAICT) will have some rather complex PAM
>> configuration to do by hand.
>>
>> --matt
>>
>> David Trask wrote:    [Wed Jul 06 2005, 08:07:00PM EDT]
>>  
>>
>>> Matt,
>>>
>>> Just a thought....how about a piece to the script that might....ask the
>>> user if he or she would like to dump an existing LDAP database....if 
>>> so,
>>> run slapcat to dump it....then run the installer...upgrading along the
>>> way....then assuming they selected "yes" earlier....then read the DB 
>>> back
>>> in?  Just  a thought....haven't thought it through yet...just shooting
>>> from the hip....
>>>
>>>
>>> "Support list for opensource software in schools." 
>>> <k12osn at redhat.com> on
>>> Wednesday, July 6, 2005 at 1:44 PM  wrote:
>>>
>>>
>>>   
>>>
>>>>> From: "Jim Kronebusch" <jim at winonacotter.org>
>>>>> Subject: RE: [K12OSN] SMB/LDAP Installer upgrades
>>>>>       
>>>>>
>>>>>> You should be able to run it fine...unless you've made some weird 
>>>>>> config changes by hand.  The script backs everything up anyway so 
>>>>>> you can go and merge any changes if necessary.  I can't test it 
>>>>>> at the moment, but I believe Matt has it "merging" changes....not 
>>>>>> overwriting them.  The main concern would be smb.conf....try it 
>>>>>> and let me know what happens...I'll test myself in a few days and 
>>>>>> let you know as well.
>>>>>>         
>>>>>
>>>>> When I ran it this morning on my test box I no longer had any 
>>>>> users when
>>>>> finished.  It went from 1.2 to 1.2.2-gamma.  This would be a bad 
>>>>> thing
>>>>> on a production box. 
>>>>> Also, do you have any tips on using quotas?  I see the bulk-add 
>>>>> script
>>>>> want a sample user to configure from.  What is the recommended set of
>>>>> commands to set quotas on a default user?
>>>>>
>>>>> Thanks
>>>>>       
>>>>
>>>> Thanks for the vote of confidence, Dave, but the Samba/LDAP Installer
>>>> doesn't merge anything.  It overwrites everything!  It makes
>>>> timestamped backups of all the config files it overwrites, but you
>>>> definitely shouldn't run it on a production system that already has
>>>> users (at least not without some careful planning and preparation).
>>>>
>>>> If you need to upgrade, I recommend that you
>>>> 1) dump your LDAP DB with slapcat,
>>>> 2) upgrade your packages (Samba, OpenLDAP, etc.),
>>>> 3) run the Samba/LDAP installer again, and
>>>> 4) read your DB back into LDAP.
>>>>
>>>> --matt
>>>>
>>>> _______________________________________________
>>>> K12OSN mailing list
>>>> K12OSN at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/k12osn
>>>> For more info see <http://www.k12os.org>
>>>>     
>>>
>>> David N. Trask
>>> Technology Teacher/Coordinator
>>> Vassalboro Community School
>>> dtrask at vcsvikings.org
>>> (207)923-3100
>>>
>>>
>>>
>>>
>>>
>>>
>>> David N. Trask
>>> Technology Teacher/Coordinator
>>> Vassalboro Community School
>>> dtrask at vcsvikings.org
>>> (207)923-3100
>>>   
>>
>>
>>  
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>

-- 
Mark Gumprecht
Data Systems Specialist
MSAD3
Unity, ME
gumprechtm at msln.net