Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
tir, 14.06.2005 kl. 22.57 skrev Jason Signalness: [...] The files /usr/lib/libldap.so and /usr/include/ldap.h ARE PRESENT and /usr/lib is in my LD_LIBRARY_PATH. These are not the libraries/headers from OpenLDAP, but rather from Solaris. Is this a problem? This is indeed a problem. You need the OpenLDAP libraries and headers. I don't know if they're available for Solaris in pkg form, but the source installs out of the box into /usr/local, so shouldn't conflict with the Solaris stuff. smbd only needs them for client operations; it shouldn't matter what LDAP server you use (as long as the schema is included, of course). Also, a truss on an execution of the resulting smbd indicates that smbd is looking for /opt/btifs/samba/lib/pdb/ldapsam.so, which is NOT there. I don't have an ldapsam.so anywhere on my RHAS3 Linux machine. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
Tony, That's what I needed to know! The OpenLDAP libraries and headers must be present. The Solaris libraries will not work. And when one compiles Samba on Solaris with LDAP support, one must make sure that the OpenLDAP libraries and headers are found by the compiler before the Solaris ones are found. Here's how I solved my problems: 1) Build OpenLDAP client and libraries. I didn't need slapd, so I didn't build it. ./configure --prefix=/opt/btifs/openldap --enable-slapd=no make depend make make install 2) Set up environment and build Samba export CPPFLAGS=-I/opt/btifs/openldap/include export LD_LIBRARY_PATH=/opt/btifs/openldap/lib:/usr/lib:/usr/local/lib ./configure --prefix=/opt/btifs/samba --with-ldapsam make make install Before, I thought that the Solaris LDAP libraries and header files would work. They will not. I'm up and running. Thanks for the help! -Jason Tony Earnshaw wrote: tir, 14.06.2005 kl. 22.57 skrev Jason Signalness: [...] The files /usr/lib/libldap.so and /usr/include/ldap.h ARE PRESENT and /usr/lib is in my LD_LIBRARY_PATH. These are not the libraries/headers from OpenLDAP, but rather from Solaris. Is this a problem? This is indeed a problem. You need the OpenLDAP libraries and headers. I don't know if they're available for Solaris in pkg form, but the source installs out of the box into /usr/local, so shouldn't conflict with the Solaris stuff. smbd only needs them for client operations; it shouldn't matter what LDAP server you use (as long as the schema is included, of course). Also, a truss on an execution of the resulting smbd indicates that smbd is looking for /opt/btifs/samba/lib/pdb/ldapsam.so, which is NOT there. I don't have an ldapsam.so anywhere on my RHAS3 Linux machine. --Tonni -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ldapsam, Sun JES Directory Server, Solaris 9
Hello, Help!! I'm struggling with ldapsam. I'm trying to configure Samba to use our LDAP directory (Sun's directory server) for the storage of Samba user accounts. It already stores our unix system accounts. I have successfully imported the schema file into our directory server and have compiled samba with the --prefix=/opt/btifs/samba --with-ldapsam options. I did not notice any errors during compile. When I go to start Samba (smbd -D), the daemon dies quickly and this error is written to the log: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 09:09:02, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam_compat found [2005/06/14 09:09:02, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam_compat failed! Here is my smb.conf file: [global] workgroup = BTIWG1 netbios name = FS1V encrypt passwords = Yes allow trusted domains = No log level = 1 guest account = nobody map to guest = Bad User # passdb backend = ldapsam:ldap://ce.btinet.net # ldap admin dn = cn=Directory Manager # ldap suffix = ou=People,o=tildebob.com,o=usergroups [btifs] path = /opt/btifs read only = No browseable = No hosts allow = . . . hosts deny = ALL guest ok = no Do I need to install some client libraries for this to work? Or did the compilation not work as expected? Any hints or suggestions would be a great help! Thanks, -- Jason, Systems Administrator Basin Telecommunications, Inc. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
tir, 14.06.2005 kl. 17.47 skrev Jason Signalness: Help!! I'm struggling with ldapsam. I'm trying to configure Samba to use our LDAP directory (Sun's directory server) for the storage of Samba user accounts. It already stores our unix system accounts. I have successfully imported the schema file into our directory server and have compiled samba with the --prefix=/opt/btifs/samba --with-ldapsam options. I did not notice any errors during compile. When I go to start Samba (smbd -D), the daemon dies quickly and this error is written to the log: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 09:09:02, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam_compat found [2005/06/14 09:09:02, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam_compat failed! Here is my smb.conf file: [global] workgroup = BTIWG1 netbios name = FS1V encrypt passwords = Yes allow trusted domains = No log level = 1 guest account = nobody map to guest = Bad User # passdb backend = ldapsam:ldap://ce.btinet.net # ldap admin dn = cn=Directory Manager # ldap suffix = ou=People,o=tildebob.com,o=usergroups Why did you comment out all the stuff you need? Even if you hadn't, your ldap admin dn = cn=Directory Manager wouldn't work, it's not qualified with the rest of the suffix. Also, the ldap suffix is probably wrong. In fact, your whole DIT is probably incorrectly implemented :( You'd also be missing the machine, group and user suffixes, unless they're under the ldap suffix. --Tonni -- [btifs] path = /opt/btifs read only = No browseable = No hosts allow = . . . hosts deny = ALL guest ok = no Do I need to install some client libraries for this to work? Or did the compilation not work as expected? Any hints or suggestions would be a great help! Thanks, -- Jason, Systems Administrator Basin Telecommunications, Inc. -- -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
Tony Earnshaw wrote: tir, 14.06.2005 kl. 17.47 skrev Jason Signalness: Help!! I'm struggling with ldapsam. I'm trying to configure Samba to use our LDAP directory (Sun's directory server) for the storage of Samba user accounts. It already stores our unix system accounts. I have successfully imported the schema file into our directory server and have compiled samba with the --prefix=/opt/btifs/samba --with-ldapsam options. I did not notice any errors during compile. When I go to start Samba (smbd -D), the daemon dies quickly and this error is written to the log: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 09:09:02, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam_compat found [2005/06/14 09:09:02, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam_compat failed! Here is my smb.conf file: [global] workgroup = BTIWG1 netbios name = FS1V encrypt passwords = Yes allow trusted domains = No log level = 1 guest account = nobody map to guest = Bad User # passdb backend = ldapsam:ldap://ce.btinet.net # ldap admin dn = cn=Directory Manager # ldap suffix = ou=People,o=tildebob.com,o=usergroups Why did you comment out all the stuff you need? Even if you hadn't, your ldap admin dn = cn=Directory Manager wouldn't work, it's not qualified with the rest of the suffix. Also, the ldap suffix is probably wrong. In fact, your whole DIT is probably incorrectly implemented :( You'd also be missing the machine, group and user suffixes, unless they're under the ldap suffix. --Tonni -- Tonni, I commented out the three lines to see if the error went away. It did not. smbd dies no matter what is in the smb.conf file, as far as I can tell. I realize those options are likely not exactly what is needed. I'm trying to find better (than the man page or Ch. 10 in the HOWTO) documentation on what the various smb.conf ldap directives do. If you know of any, please point them out. Thanks for the reply. -Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
Tony Earnshaw wrote: tir, 14.06.2005 kl. 17.47 skrev Jason Signalness: Help!! I'm struggling with ldapsam. I'm trying to configure Samba to use our LDAP directory (Sun's directory server) for the storage of Samba user accounts. It already stores our unix system accounts. I have successfully imported the schema file into our directory server and have compiled samba with the --prefix=/opt/btifs/samba --with-ldapsam options. I did not notice any errors during compile. When I go to start Samba (smbd -D), the daemon dies quickly and this error is written to the log: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 09:09:02, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam_compat found [2005/06/14 09:09:02, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam_compat failed! Here is my smb.conf file: [global] workgroup = BTIWG1 netbios name = FS1V encrypt passwords = Yes allow trusted domains = No log level = 1 guest account = nobody map to guest = Bad User # passdb backend = ldapsam:ldap://ce.btinet.net # ldap admin dn = cn=Directory Manager # ldap suffix = ou=People,o=tildebob.com,o=usergroups Why did you comment out all the stuff you need? Even if you hadn't, your ldap admin dn = cn=Directory Manager wouldn't work, it's not qualified with the rest of the suffix. Also, the ldap suffix is probably wrong. In fact, your whole DIT is probably incorrectly implemented :( You'd also be missing the machine, group and user suffixes, unless they're under the ldap suffix. --Tonni -- You are right, our test LDAP DIT is a little messy, and is not organized like our production directories at the moment. But it should work. And yes our users and groups are under the ldap suffix in the DIT. Here is an updated smb.conf file that has what I believe are the correct options: [global] workgroup = BTIWG1 netbios name = FS1V encrypt passwords = Yes allow trusted domains = No log level = 1 guest account = nobody map to guest = Bad User passdb backend = ldapsam:ldap://ce.btinet.net ldap admin dn = uid=smbadmin,ou=People,o=btidemo.net,o=usergroups ldap suffix = ou=People,o=admins,o=usergroups smbd still dies immediately with the errors: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 14:01:58, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam found [2005/06/14 14:01:58, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam:ldap://ce.btinet.net failed! Thanks, Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
On Tue, Jun 14, 2005 at 02:11:40PM -0500, Jason Signalness wrote: snip/ smbd still dies immediately with the errors: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 14:01:58, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam found Has your samba LDAP support compiled in? [2005/06/14 14:01:58, 1] passdb/pdb_interface.c:make_pdb_context_list(825) Loading ldapsam:ldap://ce.btinet.net failed! Thanks, Jason Cheers Geert Stappers signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
Geert Stappers wrote: On Tue, Jun 14, 2005 at 02:11:40PM -0500, Jason Signalness wrote: snip/ smbd still dies immediately with the errors: smbd version 3.0.14a started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/06/14 14:01:58, 0] passdb/pdb_interface.c:make_pdb_methods_name(721) No builtin nor plugin backend for ldapsam found Has your samba LDAP support compiled in? I have done a bit more investigating. It doesn't appear LDAP support is compiling properly, though I don't know why. I noticed this in the output of configure --prefix=/opt/btifs/samba --with-ldapsam: . . . checking for LDAP support... auto checking ldap.h usability... yes checking ldap.h presence... yes checking for ldap.h... yes checking lber.h usability... yes checking lber.h presence... yes checking for lber.h... yes checking for ber_scanf in -llber... no checking for ldap_init in -lldap... yes checking for ldap_domain2hostlist... no checking for ldap_set_rebind_proc... yes checking whether ldap_set_rebind_proc takes 3 arguments... 3 checking for ldap_initialize... no configure: WARNING: libldap is needed for LDAP support . . . The files /usr/lib/libldap.so and /usr/include/ldap.h ARE PRESENT and /usr/lib is in my LD_LIBRARY_PATH. These are not the libraries/headers from OpenLDAP, but rather from Solaris. Is this a problem? Also, a truss on an execution of the resulting smbd indicates that smbd is looking for /opt/btifs/samba/lib/pdb/ldapsam.so, which is NOT there. Thanks, -Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam, Sun JES Directory Server, Solaris 9
tir, 14.06.2005 kl. 20.14 skrev Jason Signalness:
[...]
I commented out the three lines to see if the error went away. It did
not. smbd dies no matter what is in the smb.conf file, as far as I can
tell.
I realize those options are likely not exactly what is needed. I'm
trying to find better (than the man page or Ch. 10 in the HOWTO)
documentation on what the various smb.conf ldap directives do. If you
know of any, please point them out.
What is the base dn (rootdn, according to slapd.conf) of your directory
tree (DIT)? What you have posted is not good, you could better begin by
setting up a tree as in the OpenLDAP Admin Guide(s) at www.openldap.org.
What you have indicates (doesn't prove) that you don't know what you're
doing.
That's the first step :)
I suggest that you use a suffix of dc=tildebob,dc=com for the suffix (if
that domain belongs to you, otherwise use a more private suffix).
As rootdn: cn=manager,dc=tildebob,dc=com, password secret.
That you stop slapd and rm * the contents of your ldap base directory.
Thtat you start slapd (however you do that). Actually the slapd user
should be a non-privileged user whom you've already put into
/etc/passwd, together with his group.
That you then add your base dn, your organization and cn=manager ldif as
described in the OL admin guide for quick start, *adapting the ldif to
your actual suffix*. (Otherwise it can't possibly work).
After that *works* - test with ldapsearch -x, ('man ldapsearch'), you
adapt your smb.conf
# passdb backend = ldapsam:ldap://ce.btinet.net
# ldap admin dn = cn=Directory Manager
# ldap suffix = ou=People,o=tildebob.com,o=usergroups
to the new parameters.
After that, you have to read and follow to the letter the Samba HOWTO
docs further as to employing the idealx scripts. These should always be
the latest version, regardless of your Samba version.
Whatever: LDAP comes first, get that working first, without Samba or
anything else.
--Tonni
--
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
