[K12OSN] ltsp ldap client setup

David Trask dtrask at vcsvikings.org
Wed Jul 12 21:17:46 UTC 2006 

do this....

slapcat -l filename.ldif

(that's an "L"...and filename can be whatever you wish to name it)

then post the file somewhere for us to download and look at.  

Having said that LDAP is a sensitive beast when setting it up...once it's
up she's rock solid.  (once screwup and the whole thing falls apart)
....(a good reason for using the smbldap-installer script....as we've
tested it over and over)  However, I've wasted many hours trying to "fix"
an ldap installation when I'd have been much better off just starting
anew.  Slapcat and slapadd are your friends....once you have an LDAP
database up and running you can back it up (slapcat -l filename.ldif) then
move the file to another LDAP server or simply restore the current ldap
server with (slapadd -l filename.ldif....where filename is the file you
"slapcatted" earlier)....it's a cinch!

"Support list for opensource software in schools." <k12osn at redhat.com> on
Wed Jul 12 2006 at 15:26 +0000 wrote:
>all i ever do up to now is write an ldif..or generate one with a
>script..and add groups that way..using ldapadd..do slapcat>/soemfile and
>send it if you want...ill instal it on a machine here if you like..
>
>> Hey David,
>>
>> I tried ,
>> smbldap-groupadd –a –g 525 Students
>> smbldap-groupadd –a –g 526 Staff
>>
>>
>> But net groupmap list doesn't show them.  Also when I look at the user
>> i created with smbldap-useradd -m -a [username], getent group shows
>> the new entry as this:
>>
>> \E2\80\93a:x:10000:
>>
>> (the user i just created had gid 10000)
>>
>> Whats up with that doyou think?
>>
>>
>> I just posted some messages from tail -f /var/log/ldap to the list
>> too. Maybe that will help?
>>
>> Thanks!
>>
>> Peter
>>
>>
>>
>> On 7/10/06, David Trask <dtrask at vcsvikings.org> wrote:
>>> Sorry for the short answer....it was late.  The issue is probably
>>> nsswitch.conf.  There's no problem that I can se other than the
>>> authentication is looking for local users first....it always does....so
>>> you can use a few predetermined users (local) on the server....if for
>>> some
>>> reason LDAP didn't work....you'd be locked out until you went into
>>> single
>>> user mode and fixed some things.  You'll notice that /etc/nsswitch.conf
>>> shows   "files ldap"  in that order......this basically means it checks
>>> local first then ldap (as it should).  Now.....which version of the
>>> smbldap-installer are you using?  What did you install onto
>>> FC4...FC5...K12LTSP 4.4 or 5?  The latest version, as Matt indicated in
>>> his post, has an issue with a "dbus" timeout that appears to be
>directly
>>> related to nsswitch in FC5 (K12LTSP 5).  I'd limit the number of local
>>> users on the server to just a few to keep from confusing things.  Let
>me
>>> know what versions you're using and we'll take it from there.
>>>
>>>
>>> "Support list for opensource software in schools." <k12osn at redhat.com>
>>> writes:
>>> >"Support list for opensource software in schools." <k12osn at redhat.com>
>>> on
>>> >Sun Jul  9 2006 at 16:56 +0000 wrote:
>>> >>I did move the k12 users to the ldap server because I was
>>> >>thinking of using the padl.com migrate_passwd.pl because I thought it
>>> >>actually uses the current passwords (now I don't think it does).  But
>>> >>I think this might be causing me some problems because
>>> >>/etc/sysconfig/system-auth checks the login against /etc/passwd
>first.
>>> >> Right now my client setup definetely checks the local /etc/passwd
>>> >>first.  If It doesn't find an entry and does find a ldap user I get
>>> >>asked for Login, Password, Ldap Password but I still can't get in.
>Can
>>> >>you shed any light on this?
>>> >
>>> >
>>> >There shouldn't be any users on the K12LTSP box....yes....it will
>check
>>> >local users/passwords first....so don't have any users on the k12ltsp
>>> box
>>> >
>>> >
>>> >David N. Trask
>>> >Technology Teacher/Director
>>> >Vassalboro Community School
>>> >dtrask at vcsvikings.org
>>> >(207)923-3100
>>> >
>>> >
>>> >_______________________________________________
>>> >K12OSN mailing list
>>> >K12OSN at redhat.com
>>> >https://www.redhat.com/mailman/listinfo/k12osn
>>> >For more info see <http://www.k12os.org>
>>>
>>>
>>>
>>> David N. Trask
>>> Technology Teacher/Director
>>> Vassalboro Community School
>>> dtrask at vcsvikings.org
>>> (207)923-3100
>>>
>>>
>>> _______________________________________________
>>> K12OSN mailing list
>>> K12OSN at redhat.com
>>> https://www.redhat.com/mailman/listinfo/k12osn
>>> For more info see <http://www.k12os.org>
>>>
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>
>
>_______________________________________________
>K12OSN mailing list
>K12OSN at redhat.com
>https://www.redhat.com/mailman/listinfo/k12osn
>For more info see <http://www.k12os.org>



David N. Trask
Technology Teacher/Director
Vassalboro Community School
dtrask at vcsvikings.org
(207)923-3100

More information about the K12OSN mailing list