Re: [Samba] Samba + OpenLdap replication problem

Mon, 04 Oct 2004 06:17:32 -0700

Paul Gienger wrote:

not sure if I can ask here, because this sounds to me more an OpenLdap than a Samba problem, but it involves samba too.


Nope, it's just openldap at this point. It's hard to say exactly what your issue is without knowing how your slapd.conf files are set up. 

Thanks Paul. Here are slapd.conf files on master and slave servers


********************
****** MASTER ******
********************


# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/redhat/autofs.schema

allow bind_v2

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

#######################################################################
# ldbm and/or bdb database definitions
#######################################################################

database        ldbm
suffix          "dc=mydomain,dc=myorg,dc=it"
rootdn          "cn=Manager,dc=mydomain,dc=myorg,dc=it"

# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          mypass

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap

# Indices to maintain for this database
index objectClass               eq
index cn                        pres,sub,eq
index sn                        pres,sub,eq
index uid                       pres,sub,eq
index displayName               pres,sub,eq
index uidNumber                 eq
index gidNumber                 eq
index memberUid                 eq
index sambaSID                  eq
index sambaPrimaryGroupSID      eq
index sambaDomainName           eq
index default                   sub

#############################
# Replicas of this database #
#############################

replogfile /var/log/slurpd.replog

replica host=bdc.mydomain.myorg.it:389
        tls=no
        binddn="cn=replicator,dc=mydomain,dc=myorg,dc=it"
        bindmethod=simple
        credentials=password

access  to dn=".*,dc=mydomain,dc=myorg,dc=it"
        by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"      write
        by self                                                 write
        by *                                                    read
access  to dn="dc=mydomain,dc=myorg,dc=it"
        by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"      write
        by self                                                 write
        by *                                                    read




********************
****** SLAVE *******
********************


# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/redhat/autofs.schema

allow bind_v2

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

#######################################################################
# ldbm and/or bdb database definitions
#######################################################################

database        ldbm
suffix          "dc=mydomain,dc=myorg,dc=it"
rootdn          "cn=Manager,dc=mydomain,dc=myorg,dc=it"

# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          mypass

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap/replica
updatedn        "cn=Manager,dc=mydomain,dc=myorg,dc=it"
updateref       ldap://bdc.mydomain.myorg.it

# Indices to maintain for this database
index objectClass               eq
index cn                        pres,sub,eq
index sn                        pres,sub,eq
index uid                       pres,sub,eq
index displayName               pres,sub,eq
index uidNumber                 eq
index gidNumber                 eq
index memberUid                 eq
index sambaSID                  eq
index sambaPrimaryGroupSID      eq
index sambaDomainName           eq
index default                   sub


#############################
# Replicas of this database #
#############################

access  to dn=".*,dc=mydomain,dc=myorg,dc=it"
        by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"      write
        by self                                                 write
        by anonymous                                            auth
        by *                                                    none
access  to dn="dc=mydomain,dc=myorg,dc=it"
        by self                                                 write
        by dn="cn=replicator,dc=mydomain,dc=myorg,dc=it"      write
        by *                                                    read




Thanks in advance for any help

Bye... Mattia
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to