Dear OpenChange / Samab4 Users
First of all I want to thanks to all Samba4 and OpenChange developers for this project! I'm sure that once those projects will be stable enough I will replace it with my current Micro$oft infrastructure. I have been playing a little with samba4 and openchange during this week and I willing to write a fully document HOWTO install for those who not sure how. But before I can handle this I need some help from you guys to help me out. All the work was done on the wonderful upcoming Debian distribution name Lenny (pair of binoculars with feet from the Toy Story movie J ). Lenny is still in RC1 mode but I found it stable enough to run even in a production environment. I have used the AMD64 distribution version which can be downloaded at http://cdimage.debian.org/cdimage/lenny_di_rc1/amd64/iso-cd/debian-testing-amd64-netinst.iso After installation all the gcc, binutils and all other dependencies I have compile Samba4 git head version (Version 4.0.0alpha6-GIT-138283c) (Checkout was done in 16/12/2008). This was quite easy, no special problem. I haven manage to compile it debian style which mean using the --enable-fhs and some other configuration options. I build my own DEB file and packed all the files together. Since I wanted to use OpenLDAP as my backend server I install the OpenLDAP using apt-get. SLAPD version which is installed is 2.4.11-1. Then I started my provisions backed as appears in Samba4 Wiki. I notice some bug in the provision script (file /usr/lib/python2.5/site-packages/samba/provision.py in my DEB File near line 1378). I had to fix the path for the ad2oLschema command. After that I run the ./setup/provision-backend --realm=edu.local --domain=edu --ldap-admin-pass=admin --ldap-backend-type=openldap --server-role='domain controller' --host-name=DC. Output was: Converted 536 records (skipped 13) with 0 failures Your openldap Backend for Samba4 is now configured, and is ready to be started Server Role: domain controller Hostname: dc DNS Domain: edu.local Base DN: DC=edu,DC=local LDAP admin user: samba-admin LDAP admin password: admin Start slapd with: slapd -f /var/lib/samba-4.0/ldap/slapd.conf -h ldapi://%2Fvar%2Flib%2Fsamba-4.0%2Fldap%2Fldapi Run provision with: --ldap-backend=ldapi --ldap-backend-type=openldap --password=manager11 --username=samba-admin I started the LDAP server as the script suggested, not before I change the modules.conf of the LDAP Server (/var/lib/samba-4.0/ldap/modules.conf in my configuration). I don't know way the modules.conf doesn't include the following modules already inside it, I guess that maybe Andrew Bartlett (Which I must say seems to know everything!!! based on his answers everywhere on the internet) assume you should compile your OpenLDAP by yourslef with the modules included in the slapd binary file. For me I manage to run the OpenLDAP server with no problem after adding the following to the modules.conf file: moduleload refint moduleload memberof moduleload back_hdb moduleload syncprov Next task was to run the setup/provision command. Again this was easy, no problem and my samab4 server was almost done and ready. I restarted my OpenLDAP server with debug on (using –d-1) and run the e "smbd -i -M single -d3". Server was up but still minor problem accord. I notice in the debug windows that some directories couldn't be found. Don't know why the "make install" didn't created the following directories: /var/run/samba /var/run/samba/ntp_signd /var/run/samba/winbindd /var/lib/samba/winbindd_privileged chmod 750 /var/lib/samba/winbindd_privileged I run the ./configure like 4 times and it seems to me like a bug in this version. Any way I fixed that – and also update my DEB file. SO NOW I HAVE samba4 server running. Manage to add user, add Windows XP to the domain, create a login script, change the GPO – works Like Charm. Andrew Bartlett and Samba4 Developer – U R COOOOL! My next task was to create my own DEB file for OpenChange! – I already started to think about collaboration with WebMail and openchange (squirrelmail or RoundCube could be nice tools for this). So I used the lastest snapshot from the openchange SVN (r937) and installed some other C++, C dependencies as appear in there HowTO.txt file (in the doc directory). Compile was easy. But I had to change some issue with the $PKG_CONFIG_PATH. To my observation it seems that the $PKG_CONFIG_PATH environment set is being rewritten . So no matter what you will have in the PKG_CONFIG_PATH the ./configure will tell you – you don't have samab4 installed. Fix that by edit the file configure after running autogen. Should appear in line 1970. Mines look like this: old_PKG_CONFIG_PATH="$PKG_CONFIG_PATH" PKG_CONFIG_PATH="$PKG_CONFIG_PATH:$sambaprefix/lib/pkgconfig" (I add the $PKG_CONFIG_PATH) if test -n "$PKG_CONFIG" && \ Now I compile the package, copy the man files, copy the setup folder (after compile) to my package since the "make install" don't do. I also copied the files and directory inside the python folder to my /usr/lib/python2.5/site-packages/ folder. Finally I have my DEB file!!!!! So I installed it and was excited to try it out. What Next? Well I'm not sure the HOWTO seems to me very old. To my understating I should now run the ./openchange_provision command. So LDAP will have the schema update for exchange. But if someone know about previous step please let me know. So I started the ./openchange_provision. I remember that for creating the schema I used the samba-admin user as Andrew Bartlett point out. I looked in the slapd.conf to make sure samba-admin as full permission on the LDAP tree and yes – it do has! So my command was as follow: ./openchange_provision --password=admin --username=samba-admin --simple-bind-dn=cn=samba-admin,cn=samba Look quite nice right? But then here I'm stuck. While running this I'm getting the following: Dev:/usr/share/openchange/setup# ./openchange_provision --password=admin --username=samba-admin --simple-bind-dn=cn=samba-admin,cn=samba NOTE: This operation can take several minutes [+] Step 1: Register Exchange OIDs [+] Step 2: Add new Exchange classes and attributes to Samba schema Traceback (most recent call last): File "./openchange_provision", line 53, in <module> openchange.provision(setup_path, lp, creds, firstorg=opts.firstorg, firstou=opts.firstou) File "/usr/lib/python2.5/site-packages/openchange/provision.py", line 309, in provision install_schemas(setup_path, names, lp, creds) File "/usr/lib/python2.5/site-packages/openchange/provision.py", line 144, in install_schemas "SCHEMADN": names.schemadn File "/usr/lib/python2.5/site-packages/samba/provision.py", line 163, in setup_add_ldif ldb.add_ldif(data) File "/usr/lib/python2.5/site-packages/samba/__init__.py", line 188, in add_ldif self.add(msg) _ldb.LdbError: (19, 'LDAP error 19 LDAP_CONSTRAINT_VIOLATION - <entryDN: no user modification allowed> <>') In the OpenLDAP log (running –d-1 debug level) I getting the following ber_scanf fmt (}) ber: >>> dnPrettyNormal: <CN=ms-Exch-Active-Directory-Connector,CN=Schema,CN=Configuration,DC=edu,DC=local> <<< dnPrettyNormal: <cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local>, <cn=ms-exch-active-directory-connector,cn=schema,cn=configuration,dc=edu,dc=local> >>> dnPretty: <CN=ms-Exch-Active-Directory-Connector,CN=Schema,CN=Configuration,DC=edu,DC=local> <<< dnPretty: <cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local> >>> dnNormalize: <cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local> <<< dnNormalize: <cn=ms-exch-active-directory-connector,cn=schema,cn=configuration,dc=edu,dc=local> >>> dnPretty: <CN=Class-Schema,CN=Schema,CN=Configuration,DC=edu,DC=local> <<< dnPretty: <cn=Class-Schema,cn=Schema,cn=Configuration,dc=edu,dc=local> >>> dnNormalize: <cn=Class-Schema,cn=Schema,cn=Configuration,dc=edu,dc=local> <<< dnNormalize: <cn=class-schema,cn=schema,cn=configuration,dc=edu,dc=local> >>> dnPretty: <CN=ms-Exch-Active-Directory-Connector,CN=Schema,CN=Configuration,DC=edu,DC=local> <<< dnPretty: <cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local> >>> dnNormalize: <cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local> <<< dnNormalize: <cn=ms-exch-active-directory-connector,cn=schema,cn=configuration,dc=edu,dc=local> bdb_dn2entry("cn=ms-exch-active-directory-connector,cn=schema,cn=configuration,dc=edu,dc=local") => hdb_dn2id("cn=ms-exch-active-directory-connector,cn=schema,cn=configuration,dc=edu,dc=local") <= hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990) hdb_referrals: tag=104 target="cn=ms-Exch-Active-Directory-Connector,cn=Schema,cn=Configuration,dc=edu,dc=local" matched="cn=Schema,cn=Configuration,dc=edu,dc=local" send_ldap_result: conn=3 op=60 p=3 send_ldap_response: msgid=61 tag=105 err=19 ber_flush2: 51 bytes to sd 28 connection_get(30): got connid=5 connection_read(30): checking for input on id=5 ber_get_next ber_get_next on fd 30 failed errno=0 (Success) connection_closing: readying conn=5 sd=30 for close connection_close: conn=5 sd=30 connection_get(29): got connid=4 connection_read(29): checking for input on id=4 ber_get_next ber_get_next on fd 29 failed errno=0 (Success) connection_closing: readying conn=4 sd=29 for close connection_close: conn=4 sd=29 connection_get(28): got connid=3 connection_read(28): checking for input on id=3 ber_get_next ber_get_next on fd 28 failed errno=0 (Success) connection_closing: readying conn=3 sd=28 for close connection_close: conn=3 sd=28 I used ldapsearch and LDP.exe from Microsoft Support Tools and look under the Schema. Indeed the cn=ms-exch-active-directory-connector doesn't exist in my OpenLDAP, but isn't this what the openchange_provision need to do? Does someone can let me know where I go worng? 5 hours searching and nothing! Thanks!!! Sassy Natan
_______________________________________________ devel mailing list [email protected] http://mailman.openchange.org/listinfo/devel
