Not sure if this is where I should ask about this, but if I try to run any of the smbldap-* scripts, I get the following kind of output: oink:/usr/local/sbin # ./smbldap-populate Using builtin directory structure erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. I feel like this must be from a typo somewhere but I'm at a loss. I have followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. Here are the relevant config files: ### smb.conf LDAP section ### passdb backend = ldapsam:ldap://localhost # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Manager,dc=borkholder,dc=com ldap suffix = dc=borkholder,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users ldap ssl = no add user script = /usr/local/sbin/smbldap-useradd -m "%u" ldap delete dn = No #delete user script = /usr/local/sbin/smbldap-userdel "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/local/sbin/smbldap-groupdel "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" ### smbldap.conf without comments ### SID="S-1-5-21-725326080-1709766072-2910717368" slaveLDAP="127.0.0.1" slavePort="389" masterLDAP="127.0.0.1" masterPort="389" ldapTLS="0" verify="optional" cafile="/etc/openldap/slapd-cert.pem" clientcert="/etc/smbldap-tools/smbldap-tools.pem" clientkey="/etc/smbldap-tools/smbldap-tools.key" suffix="dc=borkholder,dc=com" usersdn="ou=People,${suffix}" computersdn="ou=Computers,${suffix}" groupsdn="ou=Groups,${suffix}" idmapdn="ou=People,${suffix}" sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" scope="sub" hash_encrypt="SSHA" crypt_salt_format="%s" userLoginShell="/bin/false" userHome="/home/%U" userGecos="Samba User" defaultUserGid="513" defaultComputerGid="515" skeletonDir="/etc/skel" defaultMaxPasswordAge="90" userSmbHome="" userProfile="" userHomeDrive="" userScript="" mailDomain="borkholder.com" with_smbpasswd="0" smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't think it mattered since with_smbpasswd is set to 0 ### smbldap_bind.conf ### slaveDN="cn=Manager,dc=borkholder,dc=com" slavePw="my_cleartext_pw" masterDN="cn=Manager,dc=borkholder,dc=com" masterPw="my_cleartext_pw" ### Proof that I am able to connect to my LDAP server and that nss_ldap works ### oink:/etc/smbldap-tools # id root uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) oink:/etc/smbldap-tools # more /etc/group |grep 512 Thanks in advance for your help. Please let me know if there is more info needed to debug this problem. Misty
>oink:/usr/local/sbin # ./smbldap-populate >Using builtin directory structure >erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad protocol >'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > >This sounds like you just configured a Solaris box with the ldapclient command. Edit your /etc/nsswitch.conf file and change protocols: ldap back to protocols: files If you're not on Solaris, what are the specifics of your environment then?>I feel like this must be from a typo somewhere but I'm at a loss. I have >followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. > >Here are the relevant config files: > >### smb.conf LDAP section ### >passdb backend = ldapsam:ldap://localhost > # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > ldap admin dn = cn=Manager,dc=borkholder,dc=com > ldap suffix = dc=borkholder,dc=com > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > ldap ssl = no > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = No > #delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" >"%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod -x >"%u" "%g" > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" >"%u" > >### smbldap.conf without comments ### >SID="S-1-5-21-725326080-1709766072-2910717368" >slaveLDAP="127.0.0.1" >slavePort="389" >masterLDAP="127.0.0.1" >masterPort="389" >ldapTLS="0" >verify="optional" >cafile="/etc/openldap/slapd-cert.pem" >clientcert="/etc/smbldap-tools/smbldap-tools.pem" >clientkey="/etc/smbldap-tools/smbldap-tools.key" >suffix="dc=borkholder,dc=com" >usersdn="ou=People,${suffix}" >computersdn="ou=Computers,${suffix}" >groupsdn="ou=Groups,${suffix}" >idmapdn="ou=People,${suffix}" >sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" >scope="sub" >hash_encrypt="SSHA" >crypt_salt_format="%s" >userLoginShell="/bin/false" >userHome="/home/%U" >userGecos="Samba User" >defaultUserGid="513" >defaultComputerGid="515" >skeletonDir="/etc/skel" >defaultMaxPasswordAge="90" >userSmbHome="" >userProfile="" >userHomeDrive="" >userScript="" >mailDomain="borkholder.com" >with_smbpasswd="0" >smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't >think it mattered since with_smbpasswd is set to 0 > >### smbldap_bind.conf ### >slaveDN="cn=Manager,dc=borkholder,dc=com" >slavePw="my_cleartext_pw" >masterDN="cn=Manager,dc=borkholder,dc=com" >masterPw="my_cleartext_pw" > >### Proof that I am able to connect to my LDAP server and that nss_ldap works >### >oink:/etc/smbldap-tools # id root >uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) >oink:/etc/smbldap-tools # more /etc/group |grep 512 > >Thanks in advance for your help. Please let me know if there is more info >needed to debug this problem. > >Misty > > >-- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax: 701-281-1322 URL: ae-solutions.com mailto: pgienger@ae-solutions.com
Re-sending this because I accidentally replied off-list. On Monday 27 September 2004 10:59, Misty Stanley-Jones wrote:> On Monday 27 September 2004 10:46, you wrote: > > >oink:/usr/local/sbin # ./smbldap-populate > > >Using builtin directory structure > > >erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad > > > protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > > > > This sounds like you just configured a Solaris box with the ldapclient > > command. Edit your /etc/nsswitch.conf file and change > > protocols: ldap > > back to > > protocols: files > > > > If you're not on Solaris, what are the specifics of your environment > > then? > > Sorry for not saying. I am on SuSE 9.1 using pam_ldap and nss_ldap. My > nsswitch.conf reads "files ldap" for passwd, shadow, and groups. I tried > with "ldap files" but it didn't work on reboot, since it has got to find > some local things to boot up to the point that the LDAP server will start. > > I also turned off nscd for testing and that didn't help at all. > Misty
I am replying to myself because I solved this. The problem was the netgroup directive in the nsswitch.conf. It was ldap [NOTFOUND=return] files. I changed it to files ldap and everything is happy. I have no idea what that entry is even about. This is just a word to the wise. Misty On Monday 27 September 2004 10:43, Misty Stanley-Jones wrote:> Not sure if this is where I should ask about this, but if I try to run any > of the smbldap-* scripts, I get the following kind of output: > > oink:/usr/local/sbin # ./smbldap-populate > Using builtin directory structure > erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad > protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > > I feel like this must be from a typo somewhere but I'm at a loss. I have > followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. > > Here are the relevant config files: > > ### smb.conf LDAP section ### > passdb backend = ldapsam:ldap://localhost > # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > ldap admin dn = cn=Manager,dc=borkholder,dc=com > ldap suffix = dc=borkholder,dc=com > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > ldap ssl = no > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = No > #delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" > "%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod -x > "%u" "%g" > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" > "%u" > > ### smbldap.conf without comments ### > SID="S-1-5-21-725326080-1709766072-2910717368" > slaveLDAP="127.0.0.1" > slavePort="389" > masterLDAP="127.0.0.1" > masterPort="389" > ldapTLS="0" > verify="optional" > cafile="/etc/openldap/slapd-cert.pem" > clientcert="/etc/smbldap-tools/smbldap-tools.pem" > clientkey="/etc/smbldap-tools/smbldap-tools.key" > suffix="dc=borkholder,dc=com" > usersdn="ou=People,${suffix}" > computersdn="ou=Computers,${suffix}" > groupsdn="ou=Groups,${suffix}" > idmapdn="ou=People,${suffix}" > sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" > scope="sub" > hash_encrypt="SSHA" > crypt_salt_format="%s" > userLoginShell="/bin/false" > userHome="/home/%U" > userGecos="Samba User" > defaultUserGid="513" > defaultComputerGid="515" > skeletonDir="/etc/skel" > defaultMaxPasswordAge="90" > userSmbHome="" > userProfile="" > userHomeDrive="" > userScript="" > mailDomain="borkholder.com" > with_smbpasswd="0" > smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't > think it mattered since with_smbpasswd is set to 0 > > ### smbldap_bind.conf ### > slaveDN="cn=Manager,dc=borkholder,dc=com" > slavePw="my_cleartext_pw" > masterDN="cn=Manager,dc=borkholder,dc=com" > masterPw="my_cleartext_pw" > > ### Proof that I am able to connect to my LDAP server and that nss_ldap > works ### > oink:/etc/smbldap-tools # id root > uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) > oink:/etc/smbldap-tools # more /etc/group |grep 512 > > Thanks in advance for your help. Please let me know if there is more info > needed to debug this problem. > > Misty