Displaying 20 results from an estimated 61 matches for "ldap_priv".
2020 Jul 15
2
Interacting with LDAP db without password as root
How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
(ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL: <htt...
2011 Feb 06
0
bind9 dlopen/dlz problems
...bind
config:
dlz "Samba zone" {
database "dlopen /usr/lib/libdlz_bind9.so";
}
And that's about as far as I get. During bind startup I only get this
error message:
Loading 'Samba zone' using driver dlopen
Unable to get basedn for
ldapi:///var/lib/samba4/private/ldap_priv/ldapi - (null)
dlz_dlopen of 'Samba zone' failed
SDLZ driver failed to load.
DLZ driver failed to load.
loading configuration: failure
exiting (due to fatal error)
So I tried ldapi access using ldapsearch:
> ldapsearch -U Administrator -H
ldapi:///var/lib/samba4/private/ldap_priv/ldapi...
2011 Feb 07
2
bind9 dlopen/dlz problems [update]
...n "standard ldb modules
path"). Just setting LDB_MODULES_PATH to the directory containing
it makes named start:
export LDB_MODULES_PATH=/usr/lib/samba/ldb/
named -u named
-> startup complete
So it wasn't my first suspect "ldap uri":
ldapi:///var/lib/samba4/private/ldap_priv/ldapi
ldapi://%2Fvar%2Flib%2Fsamba4%2Fprivate%2Fldap_priv%2Fldapi
This leaves me with the task to finally get some DNS entries into the
samba database :-)
Bye,
Marcel
2020 Jul 15
2
Interacting with LDAP db without password as root
Wed, 15 Jul 2020 13:56:48 +0100 Rowland penny via samba <samba at lists.samba.org>:
> On 15/07/2020 13:36, RhineDevil via samba wrote:
> > How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
> > (ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
>
> Don't use ldap-utils, use ldb-tools and the machine password:
>
> sudo ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap
>
> Rowland
&q...
2020 Jul 15
2
Interacting with LDAP db without password as root
...07/2020 14:56, RhineDevil wrote:
> > Wed, 15 Jul 2020 13:56:48 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >> On 15/07/2020 13:36, RhineDevil via samba wrote:
> >>> How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
> >>> (ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
> >> Don't use ldap-utils, use ldb-tools and the machine password:
> >>
> >> sudo ldbsearch -P -H ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2...
2020 Jul 15
2
Interacting with LDAP db without password as root
...l wrote:
> >>> Wed, 15 Jul 2020 13:56:48 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>> On 15/07/2020 13:36, RhineDevil via samba wrote:
> >>>>> How could I avoid being asked a password when interacting with /var/lib/samba/private/ldap_priv/ldapi through ldapsearch or ldaputils in general?
> >>>>> (ldapsearch -H ldapi//%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi)
> >>>> Don't use ldap-utils, use ldb-tools and the machine password:
> >>>>
> >>>> sudo ldbsearch -P -H ldapi://...
2015 Feb 02
2
Searching samba ldap without authentication
...thout authentication.
I've set up 2 machines, the first as PDC, the second as BDC.
I run my scripts on both and while they run fine on the PDC they end
with error on the BDC.
Here is the minimal example that behave this way:
import ldap
LDAP_URI = "ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldap_priv%2fldapi"
l = ldap.initialize(LDAP_URI, trace_level=1)
entries = l.search_s('dc=mon,dc=dom', ldap.SCOPE_SUBTREE)
print(entries)
it ends with: ldap.OPERATIONS_ERROR: {'info': '00002020: Operation
unavailable without authentication', 'desc': 'Operations error...
2020 Jul 18
2
Adding users with ldif file
...os domain name (aka
>>>> workgroup) then you can find this with wbinfo:
>>>>
>>>> wbinfo --own-domain
>>>>
>>>> Rowland
>>>>
>>> I tried to add ypServ30 using ldapi socket "ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap_priv%2Fldapi, it said
>>>
>>> `ERR: insufficient access rights : "LDAP error 50 LDAP_INSUFFICIENT_ACCESS_RIGHTS <acl: unable to get access to CN=ypServ30,CN=RpcServices,CN=System,DC=mydomain,DC=mytld> <>" on DN CN=ypServ30,CN=RpcServices,CN=System,DC=mydomain,DC=m...
2020 Jul 18
2
Adding users with ldif file
...then you can find this with wbinfo:
>>>>>>
>>>>>> wbinfo --own-domain
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>> I tried to add ypServ30 using ldapi socket "ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap_priv%2Fldapi, it said
>>>>>
>>>>> `ERR: insufficient access rights : "LDAP error 50 LDAP_INSUFFICIENT_ACCESS_RIGHTS <acl: unable to get access to CN=ypServ30,CN=RpcServices,CN=System,DC=mydomain,DC=mytld> <>" on DN CN=ypServ30,CN=RpcServices,CN=System,...
2020 Jul 18
2
Adding users with ldif file
...>>>>>
>>>>>>>> wbinfo --own-domain
>>>>>>>>
>>>>>>>> Rowland
>>>>>>>>
>>>>>>> I tried to add ypServ30 using ldapi socket "ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap_priv%2Fldapi, it said
>>>>>>>
>>>>>>> `ERR: insufficient access rights : "LDAP error 50 LDAP_INSUFFICIENT_ACCESS_RIGHTS <acl: unable to get access to CN=ypServ30,CN=RpcServices,CN=System,DC=mydomain,DC=mytld> <>" on DN CN=ypServ30,CN=RpcSer...
2013 Oct 29
1
samba_backup
...7: socket ignored
tar: ./private/smbd.tmp/msg/msg.3240.83: socket ignored
tar: ./private/smbd.tmp/msg/msg.28325.1: socket ignored
tar: ./private/smbd.tmp/msg/msg.3248.61: socket ignored
tar: ./private/smbd.tmp/msg/msg.3248.65: socket ignored
tar: ./private/ldapi: socket ignored
tar: ./private/ldap_priv/ldapi: socket ignored
tar: ./private: file changed as we read it
Error while archiving /usr/local/backups/samba4_private.291013.tar.bz2
Best regards
Stefan J?ckel IT und Systemadministration
Martin-Luther-Universit?t Halle Wittenberg
Juristische und Wirtschaftswissenschaftliche Fakul...
2019 Jul 23
2
errors restoring samba
> Jul 22 14:39:39 dc1 named[27846]: samba_dlz: Failed to connect to
> /var/lib/samba/private/dns/sam.ldb
The good news is I believe I've found the problem:
RUNNING:
# file: samba/private
# owner: root
# group: root
user::rwx
group::r-x
group:bind:r-x
mask::r-x
other::---
RESTORE:
# file: samba/private
# owner: root
# group: root
user::rwx
group::r-x
other::---
The bad news is
2015 Feb 02
2
Searching samba ldap without authentication
...first as PDC, the second as BDC.
>> I run my scripts on both and while they run fine on the PDC they end
>> with error on the BDC.
>> Here is the minimal example that behave this way:
>>
>> import ldap
>> LDAP_URI = "ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldap_priv%2fldapi"
>>
>> l = ldap.initialize(LDAP_URI, trace_level=1)
>> entries = l.search_s('dc=mon,dc=dom', ldap.SCOPE_SUBTREE)
>> print(entries)
>>
>> it ends with: ldap.OPERATIONS_ERROR: {'info': '00002020: Operation
>> unavailable witho...
2019 Oct 04
2
samba-tool user syncpasswords crashes with python3
...29:47 2019: pid[985]: Using
cache_ldb[/usr/local/samba/private/user-syncpasswords-cache.ldb]
Fri Oct 4 12:29:47 2019: pid[985]: currentPid: 985
Fri Oct 4 12:29:47 2019: pid[985]: Wait before connect - sleep(1)
Fri Oct 4 12:29:48 2019: pid[985]: Connecting to
'ldapi:///usr/local/samba/private/ldap_priv/ldapi'
Fri Oct 4 12:29:48 2019: pid[985]: Resuming monitoring
dirsyncFilter:
(&(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=512)(!(
sAMAccountName=krbtgt*)))
dirsyncControls: ['dirsync:1:0:0', 'extended_dn:1:0']
syncCommand: /usr/local/bin/syncpw.py
Fri Oct...
2015 Aug 27
2
Samba Internal DNS vs. BIND_DLZ
On 08/27/2015 04:37 PM, Rowland Penny wrote:
> On 27/08/15 21:23, Robert Moskowitz wrote:
>>
>>
>> On 08/27/2015 04:18 PM, Marc Muehlfeld wrote:
>>> Hello Jim,
>>>
>>> Am 27.08.2015 um 21:49 schrieb Jim Seymour:
>>>> BIND would be the auth nameserver for example.com and delegate
>>>> the samdom.example.com zone to
2020 Jul 06
0
dns_tkey_gssnegotiate: TKEY is unacceptable
...tions
tkey-gssapi-keytab "/var/lib/samba/*bind-dns*/dns.keytab";
root at DC1:~# ls /var/lib/samba/bind-dns/
dns named.conf named.txt/*<<<<<<<<<<<<<<< notice dns.keytab is MISSING*/
root at DC1:~# ls /var/lib/samba/private/
*dns.keytab* hklm.ldb ldap_priv . . . . more files
root at DC1:~# cat /etc/krb5.conf
[libdefaults]
default_realm = SUBDOM.EXAMPLE.COM
>>>>>>>>>>>>>>>> snipped for brevity <<<<<<<<<<<<<<<<
[realms]
SUBDOM.EXAMPLE.COM = {
kdc = DC01
kdc...
2015 Aug 27
4
Samba Internal DNS vs. BIND_DLZ
...>> Empty dir.
>
> OK, how did you provision samba4 as a DC ?
> I believe that /var/lib/samba/private is empty until the domain is
> provisioned, at which point it should look like this:
>
> dns ldapi randseed.tdb share.ldb
> dns.keytab ldap_priv sam.ldb smbd.tmp
> dns_update_cache named.conf sam.ldb.d spn_update_list
> dns_update_list named.conf.update schannel_store.tdb tls
> hklm.ldb named.txt secrets.keytab
> idmap.ldb netlogon_creds_cli.tdb secrets.ldb
> krb5.conf...
2016 Jul 12
1
Testing a forest trusts in Samba 4.4.5 AD environment
Database size would interest us here, with and without trust if you have
these metrics. Global catalog is supposed to stored some attributes of
almost all objects of all trusted domains, if me understanding is correct
and we have no real idea about what that means in concrete terms.
2016-07-12 12:55 GMT+02:00 Alex Crow <acrow at integrafin.co.uk>:
> On 12/07/16 09:36, mathias dufresne
2020 Jul 18
1
Adding users with ldif file
...;>>>>> wbinfo --own-domain
>>>>>>>>>>
>>>>>>>>>> Rowland
>>>>>>>>>>
>>>>>>>>> I tried to add ypServ30 using ldapi socket "ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldap_priv%2Fldapi, it said
>>>>>>>>>
>>>>>>>>> `ERR: insufficient access rights : "LDAP error 50 LDAP_INSUFFICIENT_ACCESS_RIGHTS <acl: unable to get access to CN=ypServ30,CN=RpcServices,CN=System,DC=mydomain,DC=mytld> <>" on DN CN=yp...
2014 Jun 05
1
Ubuntu DC dns update failure
...ot root 2270 jun 5 18:41 dns_update_list
-rw------- 1 root root 1286144 jun 5 18:40 hklm.ldb
-rw------- 1 root root 1609728 jun 5 19:25 idmap.ldb
-rw-r--r-- 1 root root 91 jun 5 18:41 krb5.conf
srwxrwxrwx 1 root root 0 jun 5 20:33 ldapi
drwxr-x--- 2 root root 4096 jun 5 20:33 ldap_priv
-rw-r--r-- 1 root bind 555 jun 5 19:22 named.conf
-rw-r--r-- 1 root root 555 jun 5 19:21 named.conf~
-r--r--r-- 1 root root 220 jun 5 18:52 named.conf.update
-rw-r--r-- 1 root root 2212 jun 5 18:41 named.txt
-rw------- 1 root root 1286144 jun 5 18:40 privilege.ldb
-rw------- 1 r...