search for: olcaccess

...x: uniqueMember eq,pres > olcDbIndex: sambaSID eq > olcDbIndex: sambaPrimaryGroupSID eq > olcDbIndex: sambaGroupType eq > olcDbIndex: sambaSIDList eq > olcDbIndex: sambaDomainName eq > olcDbIndex: default sub > olcDbIndex: nisMapName eq > olcDbIndex: nisMapEntry eq > add: olcAccess > olcAccess: to attrs=loginShell by dn="cn=admin,dc=mydomain" write by > self write by * read > olcAccess: to > attrs=sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChan > ge by dn="cn=admin,dc=mydomain" write by self write by * none Here I retrieve...

...t; key(25) = "SECRETS/DOMGUID/mydomain" key(42) = "SECRETS/MACHINE_SEC_CHANNEL_TYPE/mydomain" key(42) = "SECRETS/MACHINE_LAST_CHANGE_TIME/mydomain" key(34) = "SECRETS/MACHINE_PASSWORD/mydomain" dapsearch -LLLY External -H ldapi:/// -b cn=config -s sub 'olcaccess=*' olcaccess SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn: olcDatabase={-1}frontend,cn=config olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth manage by * break olcAccess: {1}to...

...enname eq olcDbIndex: loginShell eq olcDbIndex: uniqueMember eq,pres olcDbIndex: sambaSID eq olcDbIndex: sambaPrimaryGroupSID eq olcDbIndex: sambaGroupType eq olcDbIndex: sambaSIDList eq olcDbIndex: sambaDomainName eq olcDbIndex: default sub olcDbIndex: nisMapName eq olcDbIndex: nisMapEntry eq add: olcAccess olcAccess: to attrs=loginShell by dn="cn=admin,dc=mydomain" write by self write by * read olcAccess: to attrs=sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange by dn="cn=admin,dc=mydomain" write by self write by * none Did the certificates, confirmed working A...

...script = /usr/sbin/smbldap-useradd -m '%u' passwd program = /usr/sbin/smbldap-passwd -u "%u" passwd chat = "Changing *\nNew password*" %n\n "*Retype new password* "%n\n" Have the following in /etc/ldap/slapd.d/cn=config/olcDatabase{1}.hdb olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * none olcAccess: {1}to attrs=shadowLastChange by self write by * read olcAccess: {2}to * by * read olcLastMod: TRUE olcRootDN: cn=admin,dc=testdomain Couldn't see anything in the /samba/logs so I guess it is an issue with LDAP? Thi...

Hi Rowland, I tried that but didn't work. # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 9033b998 dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=testdom olcAccess: {0}to attrs=sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange by dn="cn=admin,dc=testdom" write by self write by * none olcAccess: {1}to attrs=shadowLastChange by self write by * read olcLastMod: TRUE smb.conf add user script = /usr/sbin/smbldap-useradd -m '%u'...

...ot-ldap_user.conf.ext driver = ldap } protocol lmtp { mail_plugins = " sieve" } output of cat /etc/dovecot/dovecot-ldap_pass.conf.ext: hosts = 127.0.0.1:389 auth_bind = yes auth_bind_userdn = uid=%n,ou=Users,dc=arvoreen,dc=net base = ou=Users,dc=arvoreen, dc=net ldap_version = 3 olcAccess infomation: olcSuffix: dc=arvoreen,dc=net olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou s auth by dn="cn=admin,dc=arvoreen,dc=net" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by self write by dn="cn=admin,dc=a...

...s Jan 28 09:09:44 city1 net: #011(unknown) Looks like the ldap password is set in the following configuration files: olcDatabase={0}config.ldif olcDatabase={2}bdb.ldif I am thinking most of this is done in olcDatabase={2}bdb.ldif, here's what I think is the relevant part of it: olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=samba,dc=burlin gtoniowa,dc=org" write by anonymous auth by self write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by dn="cn=samba,dc=burlingtoniowa,dc=org" write by * read olcRootPW: {SSH...

...x: uniqueMember eq,pres > olcDbIndex: sambaSID eq > olcDbIndex: sambaPrimaryGroupSID eq > olcDbIndex: sambaGroupType eq > olcDbIndex: sambaSIDList eq > olcDbIndex: sambaDomainName eq > olcDbIndex: default sub > olcDbIndex: nisMapName eq > olcDbIndex: nisMapEntry eq > add: olcAccess > olcAccess: to attrs=loginShell by dn="cn=admin,dc=mydomain" write by > self write by * read > olcAccess: to > attrs=sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwd MustChan > ge by dn="cn=admin,dc=mydomain" write by self write by * none > > Did...

...tried that but didn't work. > # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. > # CRC32 9033b998 > dn: olcDatabase={1}hdb > objectClass: olcDatabaseConfig > objectClass: olcHdbConfig > olcDatabase: {1}hdb > olcDbDirectory: /var/lib/ldap > olcSuffix: dc=testdom > olcAccess: {0}to > attrs=sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange by > dn="cn=admin,dc=testdom" write by self write by * none olcAccess: > {1}to attrs=shadowLastChange by self write by * read olcLastMod: TRUE > > smb.conf > add user script = /usr/sbin/smbldap-us...

...19) ldapsam_create_user: Unable to allocate a new user id: bailing out! Unfortunately I cannot find any other hint on what the reason could be. Has someone an idea what I might have misconfigured? Below's my smb.conf. The samba-user has granted the rights to manage the whole domain-tree (olcAccess = {0}to dn.sub="dc=lohrmann,dc=de" by dn="cn=samba,dc=lohrmann,dc=de" manage by * break). Thx a lot in advance! Chris -------- smb.conf: [global] workgroup = LOHRMANN.DE domain logons = yes domain master = yes local master = yes preferred master = yes...

Hi Harry, When I install slapd , I didn't get the option to use MDB, so used hdb I went through your suggestions and cleaned up the smb.conf. Also added the unixidpool ldif dn: sambaDomainName=mydomain,dc=mydomain sambaDomainName: mydomain sambaSID: S-1-5-21-3936576374-1604348213-1812434911 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain objectClass: sambaUnixIdPool

...20091011-1.x86_64.rpm drwx------. 5 unconfined_u:object_r:home_root_t:s0 1000 1000 4096 Oct 19 2016 [01;34m.mozilla drwxr-xr-x. 2 unconfined_u:object_r:home_root_t:s0 1000 1000 4096 Jan 10 2016 [01;34mMusic -rw-r--r--. 1 unconfined_u:object_r:home_root_t:s0 1000 1000 569 Sep 20 09:59 olcAccess -rw-rw-r--. 1 unconfined_u:object_r:home_root_t:s0 1000 1000 5613971 Sep 18 13:11 OpenLDAP-Guide.ps drwxrwxr-x. 2 unconfined_u:object_r:home_root_t:s0 1000 1000 4096 Jan 10 2016 [01;34mperl5 -rw-rw-r--. 1 unconfined_u:object_r:home_root_t:s0 1000 1000 17300 Jan 15 2014 [01;31mperl-Crypt-S...