search for: olcdatabase

Hi Rowland, I tried that but didn't work. # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 9033b998 dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=testdom olcAccess: {0}to attrs=sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange by dn="cn=admin,dc=testdom" write by self write by * none olcAccess: {1}to attr...

Hi Guys, We're trying to add a BDC in Samb4 classic domain setup. The Samba 3 How -To and Samb3 by Example covers this but uses the old slapd.conf option, we are using the slapd.d config. I couldn't find a similar document for Samba4 Can you please advise that the following steps will work? LDAP in the existing PDC is working using the smbldap tools - Setup the LDAP in BDC

...ystem) Jan 28 09:09:44 city1 net: failed to bind to server ldap://city1.burlingtoniowa.org with dn="cn=samba,dc=burlingtoniowa,dc=org" Error: Invalid credentials Jan 28 09:09:44 city1 net: #011(unknown) Looks like the ldap password is set in the following configuration files: olcDatabase={0}config.ldif olcDatabase={2}bdb.ldif I am thinking most of this is done in olcDatabase={2}bdb.ldif, here's what I think is the relevant part of it: olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=samba,dc=burlin gtoniowa,dc=org" write by anonymous auth by s...

...ds you suggested, nothing in reply. I tried ldapi:// and ldap://sam3dc.mydomain . Let me run through what I did , /etc/ldap/ldap.conf: BASE dc=mydomain URI ldap://sam3dc.mydomain TLS_CACERT /etc/ldap/ca_certs.pem Imported the samba.ldif from the 3.6.25 binaries. Imported the indices dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcDbIndex olcDbIndex: ou eq olcDbIndex: mail eq olcDbIndex: surname eq olcDbIndex: givenname eq olcDbIndex: loginShell eq olcDbIndex: uniqueMember eq,pres olcDbIndex: sambaSID eq olcDbIndex: sambaPrimaryGroupSID eq olcDbIndex: sambaGroupType eq olcDbIndex:...

...unts,dc=afrika,dc=xx > > Let me run through what I did , > /etc/ldap/ldap.conf: > BASE dc=mydomain > URI ldap://sam3dc.mydomain > TLS_CACERT /etc/ldap/ca_certs.pem > > Imported the samba.ldif from the 3.6.25 binaries. > > Imported the indices > > dn: olcDatabase={1}hdb,cn=config > changetype: modify > add: olcDbIndex > olcDbIndex: ou eq > olcDbIndex: mail eq > olcDbIndex: surname eq > olcDbIndex: givenname eq > olcDbIndex: loginShell eq > olcDbIndex: uniqueMember eq,pres > olcDbIndex: sambaSID eq > olcDbIndex: sambaPrimaryGrou...

...IN Replication Method: refreshAndPersist Replication: After importing the LDIFs for Provider and consumer, we found that the in the PDC the oldDatabase(1)HDB was converted from a file to a folder. The contents of the which are below. In BDC it remained a file. BDC: LDAP sync related bits from olCDatabase(1)HDB olcSyncrepl: {0}rid=0 provider=ldap://lin-pdc1.lin bindmethod=simple bindd n="cn=admin,dc=lin" credentials=seceret searchbase="dc=lin" log base="cn=accesslog" logfilter="(&(objectClass=auditWriteObject)(reqResult=0)) " schemachecking=on type=refres...

...CHANGE_TIME/mydomain" key(34) = "SECRETS/MACHINE_PASSWORD/mydomain" dapsearch -LLLY External -H ldapi:/// -b cn=config -s sub 'olcaccess=*' olcaccess SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn: olcDatabase={-1}frontend,cn=config olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth manage by * break olcAccess: {1}to dn.exact="" by * read olcAccess: {2}to dn.base="cn=Subschema" by * read dn: olcDatabase={0}config,cn=config olcAccess: {0}to * by d...

...t is here add user script = /usr/sbin/smbldap-useradd -m '%u' passwd program = /usr/sbin/smbldap-passwd -u "%u" passwd chat = "Changing *\nNew password*" %n\n "*Retype new password* "%n\n" Have the following in /etc/ldap/slapd.d/cn=config/olcDatabase{1}.hdb olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * none olcAccess: {1}to attrs=shadowLastChange by self write by * read olcAccess: {2}to * by * read olcLastMod: TRUE olcRootDN: cn=admin,dc=testdomain Couldn't see anything in the /samba/logs so I guess it is an iss...

On Thu, 26 Apr 2018 13:57:12 +1000 Robin G via samba <samba at lists.samba.org> wrote: > Hi Rowland, > > I tried that but didn't work. > # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. > # CRC32 9033b998 > dn: olcDatabase={1}hdb > objectClass: olcDatabaseConfig > objectClass: olcHdbConfig > olcDatabase: {1}hdb > olcDbDirectory: /var/lib/ldap > olcSuffix: dc=testdom > olcAccess: {0}to > attrs=sambaNTPassword,sambaPwdLastSet,sambaPwdMustChange by > dn="cn=admin,dc=testdom" write by se...

Hi All Experts, I am about to extend our production Samba4 schema to add a few intra-organizational attributes (Employee ID,Passport No., Date of Joining, Date of Leaving) . How can I make change in my samba4 schema. I have already make a post in the forum, but got no reply. Sorry for posting again. But precaution should be taken in to prevent the server from any damage. Kindly help. With

...tion lost) # and finaly the search for "sambaDomainName and sambaSID" # samba do not search for single attributes, # instead all attributes from an objectclass ### $ cat olcloglevel.ldif dn: cn=config changetype: modify replace: olcloglevel olcloglevel: 256 - $ cat olcdbindex.ldif dn: olcDatabase={1}hdb,cn=config changetype: modify replace: olcDbIndex olcDbIndex: cn eq,sub olcDbIndex: dc eq olcDbIndex: default eq olcDbIndex: dhcpClassData eq olcDbIndex: dhcpHWAddress eq olcDbIndex: displayName eq,sub olcDbIndex: gidNumber eq olcDbIndex: givenName eq,sub olcDbIndex: loginShell eq olcDbIndex:...

Hi Harry, sadmin and tadmin are both admin logins. I was trying to domain join with both. sadmin is in ldap The olcdbindex.ldif gave this error SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "olcDatabase={1}hdb,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional info: index attribute "dhcpClassData" undefined I did the indexing and also the log level Here is what I got with tail -f /var/log/syslog|sed -nre 's/^.*( slapd.*$)/\1/p' net getloca...

...ap://sam3dc.mydomain . > > Let me run through what I did , > /etc/ldap/ldap.conf: > BASE dc=mydomain > URI ldap://sam3dc.mydomain > TLS_CACERT /etc/ldap/ca_certs.pem > > Imported the samba.ldif from the 3.6.25 binaries. > > Imported the indices > > dn: olcDatabase={1}hdb,cn=config > changetype: modify > add: olcDbIndex > olcDbIndex: ou eq > olcDbIndex: mail eq > olcDbIndex: surname eq > olcDbIndex: givenname eq > olcDbIndex: loginShell eq > olcDbIndex: uniqueMember eq,pres > olcDbIndex: sambaSID eq > olcDbIndex: sambaPrimaryGrou...

...e are the outputs. I've attached them as logs with this email too. root at sam3dc:/tmp/ldifs-gr# ldapmodify -Y external -H ldapi:/// -f olcdbindex.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "olcDatabase={1}hdb,cn=config" root at sam3dc:/tmp/ldifs-gr# service slapd stop * Stopping OpenLDAP slapd [ OK ] root at sam3dc:/tmp/ldifs-gr# slapindex -v -n 1 WARNING! Runnig as root! There's a fair chance slapd will fail t...

...e not optimized the ldap server, so you do not get > > > > any output without searchbase, aka -b <DN>. You may set it in the > > > > frontend database. Should look like: > > # grep -Hri defaultsearch /etc/ldap/slapd.d/* > > /etc/ldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif:olcDefaul > > tSearchBase: dc=europa,dc=xx > > > > DO NOT EDIT cn=config BY HAND. USE THE LDAP* COMMANDS. > > > >> root at pdc:~# ldapsearch -xLLL -H ldapi:/// > >> '(&(cn=*$)(objectclass=sambasamaccount))' -b > >> o...

On 11.10.2016 17:22, Harry Jede via samba wrote: > Am Dienstag, 11. Oktober 2016 schrieben Sie: >> On 11.10.2016 13:52, Harry Jede via samba wrote: >>> On 10:43:49 wrote Gavrilov Aleksey via samba: >>> Until now, you have destroyed your domain. >>> Is the ldap directory on localhost in production or is this pc in a >>> test lab? >> a copy of the

Hi Harry, When I install slapd , I didn't get the option to use MDB, so used hdb I went through your suggestions and cleaned up the smb.conf. Also added the unixidpool ldif dn: sambaDomainName=mydomain,dc=mydomain sambaDomainName: mydomain sambaSID: S-1-5-21-3936576374-1604348213-1812434911 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain objectClass: sambaUnixIdPool

Dear samba users, I have very strange problem. I have Samba PDC up and running, but only thing is missing. I cannot see any Domain Groups at all. Here is my config: Debian Squeeze: ii samba 2:3.5.6~dfsg-3squeeze8 SMB/CIFS file, print, and login server for Unix ii samba-common 2:3.5.6~dfsg-3squeeze8 common files used by both the Samba