Hi Group :Migrating a NT4 Domain to a Samba with
LDAP Backend i have this error.Users / Groups /
Computers was created in ldap without problems.
fetch_account: Running the command
`/usr/local/sbin/smbldap-useradd -m "sbogado"' gave 9
Could not create posix account info for 'sbogado'
SO : Solaris 10 X86
samba ver: 3.0.22
smb.conf
[global]
workgroup = TEKNO_DOM
server string = NT2025
interfaces = e1000g0
security = user
log level = 1
syslog = 0
log file = /var/log/samba/%m
domain logons = yes
passdb backend = ldapsam:ldap://localhost
domain master = No
smb ports = 139 445
name resolver order = wins bcast hosts
wins server = 10.100.100.211
ldap suffix = dc=teknoisla,dc=com,dc=ar
ldap ssl = no
ldap timeout = 20
domain master = no
ldap suffix = dc=teknoisla,dc=com,dc=ar
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap admin dn cn=Manager,dc=teknoisla,dc=com,dc=ar
ldap idmap suffix = ou=Idmap
add machine script /usr/local/sbin/smbldap-useradd -w "%u"
add user script /usr/local/sbin/smbldap-useradd -m "%u"
#delete user script /usr/local/sbin/smbldap-userdel "%u"
add group script /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script /usr/local/sbin/smbldap-groupdel "%g"
add user to group script /usr/local/sbin/smbldap-groupmod -m
"%u" "%g"
delete user from group script /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script /usr/local/sbin/smbldap-usermod -g
"%g" "%u"
slapd.conf
bash-3.00# cat slapd.conf
#
# See slapd.conf(5) for details on configuration
options.
# This file should NOT be world readable.
#
include
/usr/local/etc/openldap/schema/core.schema
include
/usr/local/etc/openldap/schema/cosine.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
include
/usr/local/etc/openldap/schema/nis.schema
include
/usr/local/etc/openldap/schema/samba.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a
working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
# Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
# Require integrity protection (prevent
hijacking)
# Require 112-bit (3DES or better) encryption
for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read
it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default
policy
# allows anyone and everyone to read anything but
restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=teknoisla,dc=com,dc=ar"
rootdn "cn=Manager,dc=teknoisla,dc=com,dc=ar"
# Cleartext passwords, especially for the rootdn,
should
# be avoid. See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication encouraged.
index objectClass,uidNumber,gidNumber
eq
index cn,sn,uid,displayName
pres,sub,eq
index memberUid,mail,givenname
eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName
eq
#PROBANDO
#index objectClass eq
#index cn pres,sub,eq
#index sn pres,sub,eq
#index uid pres,sub,eq
#index displayName pres,sub,eq
#index uidNumber eq
#index gidNumber eq
#index memberUid eq
#index sambaSID eq
#index sambaPrimaryGroupSID eq
#index sambaDomainName eq
#index default sub
access to
attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by anonymous auth
by * none
access to *
by * read
rootpw secret
# rootpw = salaminr
rootpw {SSHA}QZL7bfgDMNalQiolDWfAnLA5gBAQXcDGye
# The database directory MUST exist prior to running
slapd AND
# should only be accessible by the slapd and slap
tools.
# Mode 700 recommended.
directory /usr/local/var/openldap-data
# Indices to maintain
#index objectClass eq
TIA
Jorge Grosso
Ushuaia Argentina
___________________________________________________________
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
http://correo.yahoo.com.ar
_________________________________________________________
Hor?scopos, Salud y belleza, Chistes, Consejos de amor:
el contenido m?s divertido para tu celular est? en Yahoo! M?vil.
Obtenelo en http://movil.yahoo.com.ar
