Not sure if this is where I should ask about this, but if I try to run any of
the smbldap-* scripts, I get the following kind of output:
oink:/usr/local/sbin # ./smbldap-populate
Using builtin directory structure
erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad
protocol
'tcp') at /usr/local/sbin//smbldap_tools.pm line 153.
I feel like this must be from a typo somewhere but I'm at a loss. I have
followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5.
Here are the relevant config files:
### smb.conf LDAP section ###
passdb backend = ldapsam:ldap://localhost
# ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=Manager,dc=borkholder,dc=com
ldap suffix = dc=borkholder,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap ssl = no
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = No
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m
"%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g
"%g"
"%u"
### smbldap.conf without comments ###
SID="S-1-5-21-725326080-1709766072-2910717368"
slaveLDAP="127.0.0.1"
slavePort="389"
masterLDAP="127.0.0.1"
masterPort="389"
ldapTLS="0"
verify="optional"
cafile="/etc/openldap/slapd-cert.pem"
clientcert="/etc/smbldap-tools/smbldap-tools.pem"
clientkey="/etc/smbldap-tools/smbldap-tools.key"
suffix="dc=borkholder,dc=com"
usersdn="ou=People,${suffix}"
computersdn="ou=Computers,${suffix}"
groupsdn="ou=Groups,${suffix}"
idmapdn="ou=People,${suffix}"
sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format="%s"
userLoginShell="/bin/false"
userHome="/home/%U"
userGecos="Samba User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="90"
userSmbHome=""
userProfile=""
userHomeDrive=""
userScript=""
mailDomain="borkholder.com"
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I
didn't
think it mattered since with_smbpasswd is set to 0
### smbldap_bind.conf ###
slaveDN="cn=Manager,dc=borkholder,dc=com"
slavePw="my_cleartext_pw"
masterDN="cn=Manager,dc=borkholder,dc=com"
masterPw="my_cleartext_pw"
### Proof that I am able to connect to my LDAP server and that nss_ldap works
###
oink:/etc/smbldap-tools # id root
uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins)
oink:/etc/smbldap-tools # more /etc/group |grep 512
Thanks in advance for your help. Please let me know if there is more info
needed to debug this problem.
Misty
>oink:/usr/local/sbin # ./smbldap-populate >Using builtin directory structure >erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad protocol >'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > >This sounds like you just configured a Solaris box with the ldapclient command. Edit your /etc/nsswitch.conf file and change protocols: ldap back to protocols: files If you're not on Solaris, what are the specifics of your environment then?>I feel like this must be from a typo somewhere but I'm at a loss. I have >followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. > >Here are the relevant config files: > >### smb.conf LDAP section ### >passdb backend = ldapsam:ldap://localhost > # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > ldap admin dn = cn=Manager,dc=borkholder,dc=com > ldap suffix = dc=borkholder,dc=com > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > ldap ssl = no > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = No > #delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" >"%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod -x >"%u" "%g" > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" >"%u" > >### smbldap.conf without comments ### >SID="S-1-5-21-725326080-1709766072-2910717368" >slaveLDAP="127.0.0.1" >slavePort="389" >masterLDAP="127.0.0.1" >masterPort="389" >ldapTLS="0" >verify="optional" >cafile="/etc/openldap/slapd-cert.pem" >clientcert="/etc/smbldap-tools/smbldap-tools.pem" >clientkey="/etc/smbldap-tools/smbldap-tools.key" >suffix="dc=borkholder,dc=com" >usersdn="ou=People,${suffix}" >computersdn="ou=Computers,${suffix}" >groupsdn="ou=Groups,${suffix}" >idmapdn="ou=People,${suffix}" >sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" >scope="sub" >hash_encrypt="SSHA" >crypt_salt_format="%s" >userLoginShell="/bin/false" >userHome="/home/%U" >userGecos="Samba User" >defaultUserGid="513" >defaultComputerGid="515" >skeletonDir="/etc/skel" >defaultMaxPasswordAge="90" >userSmbHome="" >userProfile="" >userHomeDrive="" >userScript="" >mailDomain="borkholder.com" >with_smbpasswd="0" >smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't >think it mattered since with_smbpasswd is set to 0 > >### smbldap_bind.conf ### >slaveDN="cn=Manager,dc=borkholder,dc=com" >slavePw="my_cleartext_pw" >masterDN="cn=Manager,dc=borkholder,dc=com" >masterPw="my_cleartext_pw" > >### Proof that I am able to connect to my LDAP server and that nss_ldap works >### >oink:/etc/smbldap-tools # id root >uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) >oink:/etc/smbldap-tools # more /etc/group |grep 512 > >Thanks in advance for your help. Please let me know if there is more info >needed to debug this problem. > >Misty > > >-- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.com mailto: pgienger@ae-solutions.com
Re-sending this because I accidentally replied off-list. On Monday 27 September 2004 10:59, Misty Stanley-Jones wrote:> On Monday 27 September 2004 10:46, you wrote: > > >oink:/usr/local/sbin # ./smbldap-populate > > >Using builtin directory structure > > >erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad > > > protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > > > > This sounds like you just configured a Solaris box with the ldapclient > > command. Edit your /etc/nsswitch.conf file and change > > protocols: ldap > > back to > > protocols: files > > > > If you're not on Solaris, what are the specifics of your environment > > then? > > Sorry for not saying. I am on SuSE 9.1 using pam_ldap and nss_ldap. My > nsswitch.conf reads "files ldap" for passwd, shadow, and groups. I tried > with "ldap files" but it didn't work on reboot, since it has got to find > some local things to boot up to the point that the LDAP server will start. > > I also turned off nscd for testing and that didn't help at all. > Misty
I am replying to myself because I solved this. The problem was the netgroup directive in the nsswitch.conf. It was ldap [NOTFOUND=return] files. I changed it to files ldap and everything is happy. I have no idea what that entry is even about. This is just a word to the wise. Misty On Monday 27 September 2004 10:43, Misty Stanley-Jones wrote:> Not sure if this is where I should ask about this, but if I try to run any > of the smbldap-* scripts, I get the following kind of output: > > oink:/usr/local/sbin # ./smbldap-populate > Using builtin directory structure > erreur LDAP: Can't contact master ldap server (IO::Socket::INET: Bad > protocol 'tcp') at /usr/local/sbin//smbldap_tools.pm line 153. > > I feel like this must be from a typo somewhere but I'm at a loss. I have > followed the instructions in the INSTALL file. Using smbldap-tools-0.8.5. > > Here are the relevant config files: > > ### smb.conf LDAP section ### > passdb backend = ldapsam:ldap://localhost > # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > ldap admin dn = cn=Manager,dc=borkholder,dc=com > ldap suffix = dc=borkholder,dc=com > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > ldap ssl = no > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = No > #delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > #delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" > "%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod -x > "%u" "%g" > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" > "%u" > > ### smbldap.conf without comments ### > SID="S-1-5-21-725326080-1709766072-2910717368" > slaveLDAP="127.0.0.1" > slavePort="389" > masterLDAP="127.0.0.1" > masterPort="389" > ldapTLS="0" > verify="optional" > cafile="/etc/openldap/slapd-cert.pem" > clientcert="/etc/smbldap-tools/smbldap-tools.pem" > clientkey="/etc/smbldap-tools/smbldap-tools.key" > suffix="dc=borkholder,dc=com" > usersdn="ou=People,${suffix}" > computersdn="ou=Computers,${suffix}" > groupsdn="ou=Groups,${suffix}" > idmapdn="ou=People,${suffix}" > sambaUnixIdPooldn="cn=Uidpool,ou=People,${suffix}" > scope="sub" > hash_encrypt="SSHA" > crypt_salt_format="%s" > userLoginShell="/bin/false" > userHome="/home/%U" > userGecos="Samba User" > defaultUserGid="513" > defaultComputerGid="515" > skeletonDir="/etc/skel" > defaultMaxPasswordAge="90" > userSmbHome="" > userProfile="" > userHomeDrive="" > userScript="" > mailDomain="borkholder.com" > with_smbpasswd="0" > smbpasswd="/usr/bin/smbpasswd" <--- it is actually not here but I didn't > think it mattered since with_smbpasswd is set to 0 > > ### smbldap_bind.conf ### > slaveDN="cn=Manager,dc=borkholder,dc=com" > slavePw="my_cleartext_pw" > masterDN="cn=Manager,dc=borkholder,dc=com" > masterPw="my_cleartext_pw" > > ### Proof that I am able to connect to my LDAP server and that nss_ldap > works ### > oink:/etc/smbldap-tools # id root > uid=0(root) gid=0(root) groups=0(root),3(sys),512(admins) > oink:/etc/smbldap-tools # more /etc/group |grep 512 > > Thanks in advance for your help. Please let me know if there is more info > needed to debug this problem. > > Misty