hi I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2. My slapd.conf looks like this: # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/samba.schema include /etc/openldap/schema/nis.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/slapd/run/slapd.pid argsfile /var/run/slapd/run/slapd.args # Load dynamic backend modules: modulepath /usr/lib/openldap/modules # moduleload back_ldap.la # moduleload back_meta.la # moduleload back_monitor.la # moduleload back_perl.la # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=Subschema" by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # bdb database definitions ####################################################################### database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=tux,dc=dyndns,dc=org" rootdn "cn=Manager,dc=tux,dc=dyndns,dc=org" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroups eq index sambaDomainName eq index default sub When I try to execute the index by doing : tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf I end up with the following error: /etc/openldap/schema/samba.schema: line 340: AttributeType not found: "gidNumber" slapindex: bad configuration file! I have been follow the exsample from The Official Samba-3 HOWTO and Reference Guide. Can someone help me past this error please Thanks in advance Barry
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Barry Rumsey wrote: | I end up with the following error: | /etc/openldap/schema/samba.schema: line 340: AttributeType not found: | "gidNumber" | slapindex: bad configuration file! #include /etc/openldap/schema/nis.schema cheers, jerry - ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." ----------- Sting -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/yaWIR7qMdg1EfYRApgAAKDGhszYWoa7eIGpjiBk8ekZR88wZACfR61F bYGQKPNoSs+O4BCzbsy2mRk=mxkG -----END PGP SIGNATURE-----
On Wednesday 21 July 2004 18:59, Barry Rumsey wrote:> hi > I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2. > My slapd.conf looks like this: > # > # See slapd.conf(5) for details on configuration options. > # This file should NOT be world readable. > # > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/cosine.schema > include /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/samba.schema > include /etc/openldap/schema/nis.schemaThe NIS schema must be specified BEFORE the samba schema!> > # Define global ACLs to disable default read access. > > # Do not enable referrals until AFTER you have a working directory > # service AND an understanding of referrals. > #referral ldap://root.openldap.org > > pidfile /var/run/slapd/run/slapd.pid > argsfile /var/run/slapd/run/slapd.args > > # Load dynamic backend modules: > modulepath /usr/lib/openldap/modules > # moduleload back_ldap.la > # moduleload back_meta.la > # moduleload back_monitor.la > # moduleload back_perl.la > > # Sample security restrictions > # Require integrity protection (prevent hijacking) > # Require 112-bit (3DES or better) encryption for updates > # Require 63-bit encryption for simple bind > # security ssf=1 update_ssf=112 simple_bind=64 > > # Sample access control policy: > # Root DSE: allow anyone to read it > # Subschema (sub)entry DSE: allow anyone to read it > # Other DSEs: > # Allow self write access > # Allow authenticated users read access > # Allow anonymous users to authenticate > # Directives needed to implement policy: > # access to dn.base="" by * read > # access to dn.base="cn=Subschema" by * read > # access to * > # by self write > # by users read > # by anonymous auth > # > # if no access controls are present, the default policy > # allows anyone and everyone to read anything but restricts > # updates to rootdn. (e.g., "access to * by * read") > # > # rootdn can always read and write EVERYTHING! > > ####################################################################### > # bdb database definitions > ####################################################################### > > database bdb > checkpoint 1024 5 > cachesize 10000 > suffix "dc=tux,dc=dyndns,dc=org" > rootdn "cn=Manager,dc=tux,dc=dyndns,dc=org" > # Cleartext passwords, especially for the rootdn, should > # be avoid. See slappasswd(8) and slapd.conf(5) for details. > # Use of strong authentication encouraged. > rootpw secret > # The database directory MUST exist prior to running slapd AND > # should only be accessible by the slapd and slap tools. > # Mode 700 recommended. > directory /var/lib/ldap > # Indices to maintain > index objectClass eq > index cn pres,sub,eq > index sn pres,sub,eq > index uid pres,sub,eq > index displayName pres,sub,eq > index uidNumber eq > index gidNumber eq > index memberUid eq > index sambaSID eq > index sambaPrimaryGroups eq > index sambaDomainName eq > index default sub > > When I try to execute the index by doing : > tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf > > I end up with the following error: > /etc/openldap/schema/samba.schema: line 340: AttributeType not found: > "gidNumber" > slapindex: bad configuration file! > > I have been follow the exsample from The Official Samba-3 HOWTO and > Reference Guide. > > Can someone help me past this error pleaseSee above. - John T.> > Thanks in advance > Barry-- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 OpenLDAP by Example, ISBN: 0131488732 Other books in production.
Thanks, It worked On Thursday 22 July 2004 15:24, John H Terpstra wrote:> On Wednesday 21 July 2004 18:59, Barry Rumsey wrote: > > hi > > I am using suse 9.1, openldap 2.2-34, samba 3.0.4-1.2. > > My slapd.conf looks like this: > > # > > # See slapd.conf(5) for details on configuration options. > > # This file should NOT be world readable. > > # > > include /etc/openldap/schema/core.schema > > include /etc/openldap/schema/cosine.schema > > include /etc/openldap/schema/inetorgperson.schema > > include /etc/openldap/schema/samba.schema > > include /etc/openldap/schema/nis.schema > > The NIS schema must be specified BEFORE the samba schema! > > > # Define global ACLs to disable default read access. > > > > # Do not enable referrals until AFTER you have a working directory > > # service AND an understanding of referrals. > > #referral ldap://root.openldap.org > > > > pidfile /var/run/slapd/run/slapd.pid > > argsfile /var/run/slapd/run/slapd.args > > > > # Load dynamic backend modules: > > modulepath /usr/lib/openldap/modules > > # moduleload back_ldap.la > > # moduleload back_meta.la > > # moduleload back_monitor.la > > # moduleload back_perl.la > > > > # Sample security restrictions > > # Require integrity protection (prevent hijacking) > > # Require 112-bit (3DES or better) encryption for updates > > # Require 63-bit encryption for simple bind > > # security ssf=1 update_ssf=112 simple_bind=64 > > > > # Sample access control policy: > > # Root DSE: allow anyone to read it > > # Subschema (sub)entry DSE: allow anyone to read it > > # Other DSEs: > > # Allow self write access > > # Allow authenticated users read access > > # Allow anonymous users to authenticate > > # Directives needed to implement policy: > > # access to dn.base="" by * read > > # access to dn.base="cn=Subschema" by * read > > # access to * > > # by self write > > # by users read > > # by anonymous auth > > # > > # if no access controls are present, the default policy > > # allows anyone and everyone to read anything but restricts > > # updates to rootdn. (e.g., "access to * by * read") > > # > > # rootdn can always read and write EVERYTHING! > > > > ####################################################################### > > # bdb database definitions > > ####################################################################### > > > > database bdb > > checkpoint 1024 5 > > cachesize 10000 > > suffix "dc=tux,dc=dyndns,dc=org" > > rootdn "cn=Manager,dc=tux,dc=dyndns,dc=org" > > # Cleartext passwords, especially for the rootdn, should > > # be avoid. See slappasswd(8) and slapd.conf(5) for details. > > # Use of strong authentication encouraged. > > rootpw secret > > # The database directory MUST exist prior to running slapd AND > > # should only be accessible by the slapd and slap tools. > > # Mode 700 recommended. > > directory /var/lib/ldap > > # Indices to maintain > > index objectClass eq > > index cn pres,sub,eq > > index sn pres,sub,eq > > index uid pres,sub,eq > > index displayName pres,sub,eq > > index uidNumber eq > > index gidNumber eq > > index memberUid eq > > index sambaSID eq > > index sambaPrimaryGroups eq > > index sambaDomainName eq > > index default sub > > > > When I try to execute the index by doing : > > tux:/usr/sbin # ./slapindex -f /etc/openldap/slapd.conf > > > > I end up with the following error: > > /etc/openldap/schema/samba.schema: line 340: AttributeType not found: > > "gidNumber" > > slapindex: bad configuration file! > > > > I have been follow the exsample from The Official Samba-3 HOWTO and > > Reference Guide. > > > > Can someone help me past this error please > > See above. > > - John T. > > > Thanks in advance > > Barry > > -- > John H Terpstra > Samba-Team Member > Phone: +1 (650) 580-8668 > > Author: > The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 > Samba-3 by Example, ISBN: 0131472216 > Hardening Linux, ISBN: 0072254971 > OpenLDAP by Example, ISBN: 0131488732 > Other books in production.