search for: updatedn

...m as bdc (samba 3.0.21c) with slave ldap server (both samba and ldap are running on same machine). on the master ldap server i have rootdn "cn=manager,dc=mydomain,dc=com" and if i setup on the slave ldap server rootdn "cn=manager,dc=mydomain,dc=com" and in the slave ldap server, updatedn points to rootdn of the slave ldap server. ie updatedn is "cn=manager,dc=msdpl,dc=com" so my query is can both master and slave rootdn be same. Regards Niranjan

Hello everybody,, This time i want to replicate PDC to BDC when there's is any changes on PDC, here is my conf. on /etc/openldap/slapd.conf LDAP Server master moduleload syncprov overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 LDAP Server mirror moduleload syncprov syncrepl rid=001 provider=ldap://ldap.domain.com:389 bindmethod=simple

I have the PDC/BDC with a master slave LDAP directory set up and operating. One problem is that I've only been able to get the LDAP Master/Slave replication working if I use Manager as the binddn for the replication. I'm using the IDEALX smbldap tools. If I use another user I get a ERROR: Insufficient access: no write access to entry error and a .rej file is created. Each entry shows

...2.2.15 Samba 3.0.7 (no winbindd) I've got a stupid problem with referrals that I can't seem to ferret out. Each Samba DC has a localhost-based LDAP replica for scalability (my idea anyway). So the only way they will talk to the Master is if there is need for an update. Ok. If I make the updatedn the same as the rootdn of the replica, it updates the local database; *NOT* what I want obviously, but at least I know Samba is talking to *something* and being successful with say a workstation join. If I make the updatedn the known DN that slurpd will use (NOT the rootdn of the replica) Samba do...

Hi, I have a setup with two CentOS 5 machines running OpenLDAP 2.3.x, right now the primary uses slurpd to send the updates to the second server, and the second server is using "updatedn" to allow updates (from what I understand! I'm no OpenLDAP guru here.) Clients are using pam_ldap and nss_ldap to get the users and authenticate them in LDAP. Right now hosts query only the primary LDAP server, that is the address set on the "host" variable of /etc/ldap.conf. Cha...

...create an dynamic dns system by using the nsupdate (or Net::DNS) trough a non-passphrase protected ssh session. I've keygen'ed an extra key, with no passphrase and using it, i execute a litte script on the server, which updates te DNS records. (something like this: ssh pickup /usr/local/bin/updatedns 10.1.2.3) This al works fine and dandy. I would like to protect this scheme more by using the command="<command>" feature, the only problem is that i can't use an ip-number in authorized_keys (because i do not know it). In an interactive shell, the env variable 'SSH_CLIEN...

...index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub # The following part is for slave slapd updatedn "cn=Manager,dc=cas,dc=edu,dc=au" updateref <ldaps://cassia.cas.edu.au> ldaps://cassia.cas.edu.au ============================== BDC: smb.conf -------------------- # Global parameters [global] unix charset = LOCALE workgroup = CAS netbios name = cashew server string = CAS S...

...* by dn="cn=repl,dc=felix,dc=local" write # database definition replogfile /var/lib/ldap/slurpd/slurpd.log replica uri=ldap://felixols01.felix.local:389 binddn="cn=repl,dc=felix,dc=local" bindmethod=simple credentials=topsecret tls=no In slapd.conf of my slave server i added: updatedn "cn=repl,dc=felix,dc=local" updateref ldap://felixsch01.felix.local I copied all database files from master to slave. Then i started all services in the following order: - ldapserver on slave - ldapserver on master - slurpd on master I checked replication. Everything was working i added...

OK - I'm actually functioning but I'm afraid and I want to fill in a knowledge gap - perhaps a slight gap in the How-To Book or my ability to soak in its' wisdom. LDAP up and working on two machines, master & slave and changes made in master can be found by ldapsearch on slave faster than two up arrows and a return (gosh, it only took me 10 days but the light bulb has definitely

...n pop up on the list occasionally but have never seen a definitive answer. When using a BDC what do I use for the "ldap admin dn =" ? The BDC is also a Slave LDAP server and the ldapsam is pointing to localhost. I have heard that you should not use the manager dn, but should use the updatedn specified in the slapd.conf file. This error might be caused by the above question. On my BDC's I occasionally see these errors. [2004/01/07 21:53:55, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1173) ldapsam_modify_entry: Failed to modify user dn= uid=troon$,ou=Computers,dc=aib,dc=com wit...

...ain,dc=com credential=secret smb.conf: idmap uid = 10000-650000 idmap gid = 10000-650000 winbind enum users = yes winbind enum groups = yes idmap backend = ldap:ldap://localhost ldap admin dn = "cn=admin,dc=domain,dc=com" ldap suffix = "dc=com,dc=com" secondary: slapd.conf: updatedn cn=admin,dc=domain,dc=com updateref ldap://primary smb.conf: idmap uid = 10000-650000 idmap gid = 10000-650000 winbind enum users = yes winbind enum groups = yes idmap backend = ldap:ldap://localhost ldap admin dn = "cn=admin,dc=domain,dc=com" ldap suffix = "dc=com,dc=com" (I...

...lid users = %S create mode = 0640 directory mode = 0750 [netlogon] comment = Network Logon Service path = /usr/local/samba/netlogon guest ok = no writable = no share modes = no #slapd.conf (the BDC is also a slave of the master LDAP Server) updatedn uid=Administrator,ou=users,dc=myorg,dc=org updateref ldap://server.myorg.org:389 access to attr=userPassword,lmPassword,ntPassword by dn=uid=Administrator,ou=users,dc=myorg,dc=org write by self write by anonymous auth by * none access to attr=shadowLastChange...

...chema/nis.schema include /usr/local/etc/openldap/schema/samba.schema database ldbm suffix "dc=tow,dc=net" rootdn "cn=admin,dc=tow,dc=net" rootpw {SSHA}bbcOI00dfOOJdNCsuFfWf8forJC/Q2P8 directory /usr/local/var/openldap-slurp/wareham updatedn "cn=admin,dc=tow,dc=net" updateref "ldap://172.16.0.3" schemacheck on lastmod on # Indices to maintain #index objectClass eq index objectClass,uid,uidNumber,gidNumber eq #index cn,mail,surname,givenname e...

I have successfully joined the XP machine to the domain. The strange part is, that it only wanted to be joined if it connected to the PDC and not the BDC. The way it is set-up is that the XP machine and a BDC is in one branch and the PDC is in another. Every time I would try to connect via the BDC, it would return a value ACCESS DENIED I stopped the smb service on the BDC, and got it to

...er configuration #replogfile /var/openldap/openldap-slurp #replica-pidfile /var/openldap/slurpd.pid #replica host=slave.example.com:389 # binddn="cn=admin,dc=example,dc=org" # bindmethod=simple credentials=secret # slave server(s) configuration #updatedn "cn=admin,dc=example,dc=org" #updateref ldap://master.example.org David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane, Suite 1208 New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c)

...tpw ******** directory /var/lib/ldap index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub updatedn "cn=Manager,dc=elysion,dc=lan" updateref ldap://zeus.elysion.lan 2. SAMBA Configuration files ######################## /etc/samba/smb.conf on ZEUS (PDC) ######################## [global] workgroup = ELYSION netbios name = ZEUS server string = PDC printcap name = /etc/printcap load prin...

...index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub ## for testing I open ACL wide open access to * by dn="cn=Manager,dc=tuluc,dc=com" write by dn="cn=replicator,dc=tuluc,dc=com" write by * read updatedn "cn=replicator,dc=tuluc,dc=com" updateref ldap://192.168.5.3 loglevel 65535 3. Log from the master slurpd begin replication thread for 192.168.4.2:389 Initializing session to 192.168.4.2:389 ldap_create bind to 192.168.4.2:389 as cn=replicator,dc=tuluc,dc=com (simple) ldap_simple_bind_s...

Hi, I have just put Samba3alpha23 on my Suse 8.1 box and and implement the new goup structure in LDAP. All works fine expect when you log in a a user other than root on the windows box. The error is : [2003/04/08 13:30:19, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(2198) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Insufficient access)ldapsam_open: cannot access