On Fri, 2005-11-18 at 14:05 +0000, Tony Austin wrote: > > On Fri, 2005-11-18 at 13:32 +0000, Tony Austin wrote: > >> I am following the instruction in Samba by Example chapter 6 on a RHEL4 > >> server. Everything seems OK until I get to 6.3.5.7, which says to do > >> the > >> following:- > >> > >> root# getent passwd | grep Adminstrator > >> > >> which returns nothing, indicating that the nsswitch (nss_ldap libary) is > >> not working. > >> > >> I cannot find anything in any of the log files to give my a clue nor any > >> hints on how to debug this. > >> > >> Any suggestions? > >> > > ---- > > redhat? version? > > > > Enterprise Linux El version 4 64-bit ---- thanks - that helps ---- > > > does 'by Example' really suggest using ldbm? > > > > No. It's my first go with LDAP and I copied it from a working RHEL3 config. ---- ldbm will probably ultimately make you crazy. Continue playing with ldbm if you wish but consider using bdb instead... the following changes would need to be made
to slapd.conf ------------- # just below schema includes... allow bind_v2 bind_anon_dn # at the bottom of the file # Set the entry cache size to 5000. # cachesize 5000 # Set transactional checkpoint. # checkpoint 512 720 create a file called DB_CONFIG and put it into your ldap-data directory (/var/lib/ldap as defined in your supplied information) # # Set the database in memory cache size. # set_cachesize 0 52428800 0 # Automatically remove log files that are no longer needed. set_flags DB_LOG_AUTOREMOVE # # Set database flags. # (for database loading/reindexing) #set_flags DB_TXN_NOSYNC #set_flags DB_TXN_NOT_DURABLE # Set log values. # set_lg_regionmax 1048576 set_lg_max 10485760 set_lg_bsize 2097152 ----- and whether you use ldbm or bdb...make sure that /etc/openldap/ldap.conf has at the very least... HOST 127.0.0.1 BASE dc=phoenixinteriorsltd,dc=com ----- you need to be able to at least perform the search as I showed you. ldapsearch -x -h localhost \ -D 'cn=Manager,dc=phoenixinteriorsltd,dc=com' \ -W '(objectclass=*)' and get results? ---- did you set rootdn password properly? from command line... # slappasswd -s my_password {SSHA}e+sgS1WyGdXLEd7K+rVK3H/swmsS81Sg and copy/paste that into slapd.conf rootpw {SSHA}e+sgS1WyGdXLEd7K+rVK3H/swmsS81Sg ----- > > > can you perform base search from command line? > > > > ldapsearch -x -h localhost \ > > -D 'cn=Manager,dc=phoenixinteriorsltd,dc=com' \ > > -W '(objectclass=*)' > > > > and get results? > > > > No. I get:- > > [EMAIL PROTECTED] ldapsearch -x -h localhost -D > 'cn=Manager,dc=phoenixinteriorsltd,dc=com' -W '(objectclass=*)' > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <> with scope sub > # filter: (objectclass=*) > # requesting: ALL > # > > # search result > search: 2 > result: 32 No such object > > # numResponses: 1 > > But I do get results with:- > > [EMAIL PROTECTED] ldapsearch -x -b "dc=phoenixinteriorsltd,dc=com" > "(ObjectClass=*)" > # extended LDIF > # > # LDAPv3 > # base <dc=phoenixinteriorsltd,dc=com> with scope sub > # filter: (ObjectClass=*) > # requesting: ALL > # > > # phoenixinteriorsltd.com > dn: dc=phoenixinteriorsltd,dc=com ---- OK - either an authentication problem or a lack of data problem...let's set up ldap logging. **** add these two lines to /etc/syslog.conf **** local4.* /var/log/slapd.log # service syslog restart **** change loglevel in slapd.conf to 256 **** ( I see you've already set it to 256 ) # service ldap restart Now ldap stuff logs to /var/log/slapd.log Now you can try to connect and review slapd logs to see what it's doing. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba