Fedora directory users - Mar 2006 - Trouble Populating FDS with PDC Entry

I am trying to follow
http://directory.fedora.redhat.com/wiki/Howto:Sambaand running into
trouble.

I''m at the "Populating FDS with PDC Entry" section.  I get my
SID, and
create my domainName.ldif file as sepcified (contents below).

I then run the command:

/opt/fedora-ds/slapd-rheles4rs1/ldif2ldap "cn=Directory manager"
myDMPassword /tmp/forayadams.ldif

What this gives me is:

adding new entry sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
ldap_add: Already exists

I can''t find anything on this.

None of the log files (admin-serv/logs/access, admin-serv/logs/error,
slapd-rheles4rs1/logs/access, slapd-rheles4rs1/logs/errors) show anything
when I issue this command.

Any ideas as to what I''ve done wrong?

Thanks,
-Mont

Contents of my /tmp/forayadams.ldif:

dn: sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
objectclass: sambaDomain
objectclass: sambaUnixIDPool
objectclass: top
sambaDomainName: forayadams
sambaSID: S-1-5-21-807157010-1821471989-4121009367
uidNumber: 550
gidNumber: 550

Just to clarify, if I do a ldapsearch for "objectclass=sambaDomain" I
get
nothing back.

I believe the "Already exists" is erroneous, but I don''t know
why.

-Mont


On 3/14/06, Mont Rothstein <mont.rothstein@gmail.com>
wrote:
>
> I am trying to follow
http://directory.fedora.redhat.com/wiki/Howto:Sambaand running into trouble.
>
> I''m at the "Populating FDS with PDC Entry" section.  I
get my SID, and
> create my domainName.ldif file as sepcified (contents below).
>
> I then run the command:
>
> /opt/fedora-ds/slapd-rheles4rs1/ldif2ldap "cn=Directory manager"
myDMPassword /tmp/forayadams.ldif
>
> What this gives me is:
>
> adding new entry sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
> ldap_add: Already exists
>
> I can''t find anything on this.
>
> None of the log files (admin-serv/logs/access, admin-serv/logs/error,
> slapd-rheles4rs1/logs/access, slapd-rheles4rs1/logs/errors) show anything
> when I issue this command.
>
> Any ideas as to what I''ve done wrong?
>
> Thanks,
> -Mont
>
> Contents of my /tmp/forayadams.ldif:
>
> dn: sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
> objectclass: sambaDomain
> objectclass: sambaUnixIDPool
> objectclass: top
> sambaDomainName: forayadams
> sambaSID: S-1-5-21-807157010-1821471989-4121009367
> uidNumber: 550
> gidNumber: 550
>
>
>

That''s clearly a problem...

 ldapsearch -x -D ''cn=Directory Manager'' -W
''(objectclass=sambadomain)''
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (objectclass=sambadomain)
# requesting: ALL
#

# example, example.com
dn: sambaDomainName=example,dc=example,dc=com
sambaSID: S-1-5-21-9999999999-9999999999-9999999999
objectClass: top
objectClass: sambaDomain
objectClass: sambaunixidpool
sambaAlgorithmicRidBase: 1000
sambaDomainName: example
gidNumber: 1000
uidNumber: 1001

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Craig

On Wed, 2006-03-15 at 10:11 -0800, Mont Rothstein wrote:
> Just to clarify, if I do a ldapsearch for
"objectclass=sambaDomain" I
> get nothing back.
> 
> I believe the "Already exists" is erroneous, but I don''t
know why.
> 
> -Mont
> 
> 
> On 3/14/06, Mont Rothstein <mont.rothstein@gmail.com> wrote:
>         I am trying to follow
>         http://directory.fedora.redhat.com/wiki/Howto:Samba and
>         running into trouble.
>         
>         I''m at the "Populating FDS with PDC Entry"
section.  I get my
>         SID, and create my domainName.ldif file as sepcified (contents
>         below).
>         
>         I then run the command:
>         
>         /opt/fedora-ds/slapd-rheles4rs1/ldif2ldap "cn=Directory
manager" myDMPassword /tmp/forayadams.ldif
>         What this gives me is:
>         
>         adding new entry
>         sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
>         ldap_add: Already exists
>         
>         I can''t find anything on this.
>         
>         None of the log files (admin-serv/logs/access,
>         admin-serv/logs/error, slapd-rheles4rs1/logs/access,
>         slapd-rheles4rs1/logs/errors) show anything when I issue this
>         command.
>         
>         Any ideas as to what I''ve done wrong?
>         
>         Thanks,
>         -Mont
>         
>         Contents of my /tmp/forayadams.ldif:
>         
>         dn: sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com
>         objectclass: sambaDomain
>         objectclass: sambaUnixIDPool
>         objectclass: top
>         sambaDomainName: forayadams
>         sambaSID: S-1-5-21-807157010-1821471989-4121009367
>         uidNumber: 550
>         gidNumber: 550
>         
>         
>         
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

Mont Rothstein wrote:
> Just to clarify, if I do a ldapsearch for
"objectclass=sambaDomain" I
> get nothing back.
>
> I believe the "Already exists" is erroneous, but I don''t
know why.
>
If the server says it is there it is there.  So, either the entry does 
not have the sambaDomain objectclass or the user you are using to search 
for the entry does not have permission to see it.  Try a base scope 
search with basedn 
sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com using 
cn=Directory Manager as your bind id and objectclass=* for the filter.


-- 
Pete

Thanks Pete.  I am now finding it, I''m not sure if I was typing
something
wrong before or it is the reboot I just did, but I now find the entry.

I''m not sure how it got there but it is there.  I tried to add the ldif
file
a single time before I got the already exists error, but on that try I had
miss-typed the password and it complained about it.

Could the fact that I was running as root have forced it to add even through
my directory manager password was wrong?

Thanks again,
-Mont


On 3/15/06, Pete Rowley <prowley@redhat.com>
wrote:
>
>
> Mont Rothstein wrote:
>
> > Just to clarify, if I do a ldapsearch for
"objectclass=sambaDomain" I
> > get nothing back.
> >
> > I believe the "Already exists" is erroneous, but I
don''t know why.
> >
> If the server says it is there it is there.  So, either the entry does
> not have the sambaDomain objectclass or the user you are using to search
> for the entry does not have permission to see it.  Try a base scope
> search with basedn
> sambaDomainName=forayadams,dc=forayadams,dc=foray,dc=com using
> cn=Directory Manager as your bind id and objectclass=* for the filter.
>
>
> --
> Pete
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
>

Mont Rothstein wrote:
> Could the fact that I was running as root have forced it to add even 
> through my directory manager password was wrong?
>
No.  The credentials are entirely different.

-- 
Pete

Hmm, I didn''t think so but I thought I''d ask because I then
have no idea how
it got added.

I''m going to re-build the whole thing from scratch once I get all the
way
through, so perhaps I will determine where this got added then.

Thanks,
-Mont

On 3/15/06, Pete Rowley <prowley@redhat.com>
wrote:
>
> Mont Rothstein wrote:
>
> > Could the fact that I was running as root have forced it to add even
> > through my directory manager password was wrong?
> >
> No.  The credentials are entirely different.
>
> --
> Pete
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
>