probleme ldap

probleme ldap - Réseaux - Réseaux grand public / SoHo

Marsh Posté le 10-12-2008 à 12:54:01    

bonjour  
je souhaiterais installer un Pdc.
 j ai installer samba qui fonctionne sans probléme, par la suite j'ai installer LDAP ,et je l'ai configurerselon le site et le tuto de damstux, quand je lance la commande net getlocalsid j ai bien le SID du domaine mais par contre quand je lance la commande smbldap-populate la j ai une erreur .
 
voici le rapport de syslog

Code :
  1. Dec 10 12:28:36 ldapsrv slapd[11388]: conn=0 op=34 do_add: invalid dn (sambaDomainName=panoranet,dc=panoranet,dc=local)


 
merci a vous tous pour votre aide car je ne sais vraiment plus quoi faire  
 
voici le smb.conf

Code :
  1. [global]
  2. ### A changer: pas d'espace, ni point === >
  3. workgroup = panoranet
  4. ### A changer, mettre le meme nom que le nom de votre machine === >
  5. netbios name = ldapsrv
  6. server string = PDC Samba
  7. domain master = Yes
  8. local master = Yes
  9. domain logons = Yes
  10. os level = 40
  11. #passwd program = /usr/sbin/smbldap-passwd ?u %u
  12. ldap passwd sync = Yes
  13. passdb backend = tdbsam
  14. #ldapsam:ldap://127.0.0.1/
  15. #tdbsam
  16. ### A changer === >
  17. ldap admin dn = cn=admin,dc=panoranet,dc=local
  18. ### A changer === >
  19. ldap suffix = dc=panoranet,dc=local
  20. ldap group suffix = ou=Groups
  21. ldap user suffix = ou=Users
  22. ldap machine suffix = ou=Machines
  23. add user script = /usr/sbin/smbldap-useradd -m "%u"
  24. ldap delete dn = Yes
  25. delete user script = /usr/sbin/smbldap-userdel "%u"
  26. add machine script = /usr/sbin/smbldap-useradd -w "%u"
  27. add group script = /usr/sbin/smbldap-groupadd -p "%g"
  28. #delete group script = /usr/sbin/smbldap-groupdel "%g"
  29. add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
  30. delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
  31. set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
  32. logon path = \\%L\profile\%U
  33. logon drive = P:
  34. logon home = \\%L\%U
  35. socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  36. case sensitive = No
  37. default case = lower
  38. preserve case = yes
  39. short preserve case = Yes
  40. #character set = iso8859-1
  41. #domain admin group = @admin
  42. dns proxy = No
  43. ### A changer si vous n'utilisez pas ce réseau === >
  44. log file = /var/log/syslog
  45. hosts allow = 10.0.3.
  46. nt acl support = Yes
  47. msdfs root = Yes
  48. hide files = /desktop.ini/ntuser.ini/NTUSER.*/
  49. ### FIN DE LA PARTIE GLOBALE #####
  50. ###patages####
  51. [homes]
  52. comment = Home Directories
  53. browseable = no
  54. writable = yes
  55. [public]
  56. # Partage du dossier public, visible et accessible par tout le monde
  57. comment = Repertoire public sur serveur
  58. writable = yes
  59. path = /srv/samba/public
  60. guest ok = yes
  61. [private]
  62. # Partage du dossier private, visible et pas accessible
  63. # par tout le monde (seulement utilisateur du domaine authentifie)
  64. comment = Repertoire private du serveur
  65. path = /srv/samba/private
  66. valid users = @dom_users
  67. writable = yes
  68. browseable = yes
  69. guest ok = no


 
le ldap.conf

Code :
  1. # This is the main slapd configuration file. See slapd.conf(5) for more
  2. # info on the configuration options.
  3. #######################################################################
  4. # Global Directives:
  5. # Features to permit
  6. #allow bind_v2
  7. # Schema and objectClass definitions
  8. ######## Schéma par défaut
  9. include         /etc/ldap/schema/core.schema
  10. include         /etc/ldap/schema/cosine.schema
  11. include         /etc/ldap/schema/nis.schema
  12. include         /etc/ldap/schema/inetorgperson.schema
  13. include         /etc/ldap/schema/samba.schema
  14. # Schema check allows for forcing entries to
  15. # match schemas for their objectClasses's
  16. schemacheck     on
  17. # Where the pid file is put. The init.d script
  18. # will not stop the server if you change this.
  19. pidfile         /var/run/slapd/slapd.pid
  20. # List of arguments that were passed to the server
  21. argsfile        /var/run/slapd.args
  22. # Read slapd.conf(5) for possible values
  23. loglevel        296
  24. # Where the dynamically loaded modules are stored
  25. modulepath      /usr/lib/ldap
  26. moduleload      back_bdb
  27. #######################################################################
  28. # Specific Backend Directives for bdb:
  29. # Backend specific directives apply to this backend until another
  30. # 'backend' directive occurs
  31. backend         bdb
  32. checkpoint 512 30
  33. #######################################################################
  34. # Specific Directives for database #1, of type bdb:
  35. # Database specific directives apply to this databasse until another
  36. # 'database' directive occurs
  37. database        bdb
  38. # The base of your directory in database #1
  39. ######## Donnez le nom de votre base LDAP (normalement debconf a rajouté pour vous cette ligne)
  40. suffix          "dc=admin,dc=local"
  41. rootdn          "cn=admin,dc=panoranet,dc=local"
  42. rootpw          {SSHA}OpRnByQyJ7h0SnbvJyb9qMiz3bQaSo/y
  43. # Where the database file are physically stored for database #1
  44. directory       "/var/lib/ldap"
  45. index           objectClass eq
  46. lastmod         on
  47. # The userPassword by default can be changed
  48. # by the entry owning it if they are authenticated.
  49. # Others should not be able to see it, except the
  50. # admin entry below
  51. # These access lines apply to database #1 only
  52. access to attrs=userPassword
  53.         by dn="cn=admin,dc=panoranet,dc=local" write
  54.         by anonymous auth
  55.         by self write
  56.         by * none
  57. access to dn.base="" by * read
  58. # The admin dn has full write access, everyone else
  59. # can read everything.
  60. access to *
  61.         by dn="cn=admin,dc=panoranet,dc=local" write
  62.         by * read


 
le smbldap.conf

Code :
  1. ################################
  2. #
  3. # General Configuration
  4. #
  5. ####################################
  6. SID="S-1-5-21-858057350-1229567032-2341775246"
  7. sambaDomain="panoranet"
  8. ####################################
  9. #
  10. # LDAP Configuration
  11. #
  12. ####################################
  13. slaveLDAP="127.0.0.1"
  14. slavePort="389"
  15. masterLDAP="127.0.0.1"
  16. # Master LDAP port
  17. masterPort="389"
  18. ldapTLS="0"
  19. verify=""
  20. cafile=""
  21. clientcert=""
  22. clientkey=""
  23. suffix="dc=panoranet,dc=local"
  24. usersdn="ou=Users,${suffix}"
  25. computersdn="ou=Machines,${suffix}"
  26. groupsdn="ou=Groups,${suffix}"
  27. idmapdn="ou=Idmap,${suffix}"
  28. sambaUnixIdPooldn="sambaDomainName=panoranet,${suffix}"
  29. scope="sub"
  30. hash_encrypt="SSHA"
  31. crypt_salt_format=""
  32. ################################
  33. #
  34. # Unix Accounts Configuration
  35. #
  36. ################################
  37. # Default Login Shell
  38. userLoginShell="/bin/bash"
  39. # Home directory
  40. userHome="/home/%U"
  41. userHomeDirectoryMode="700"
  42. userGecos="System User"
  43. # Default User (POSIX and Samba) GID
  44. defaultUserGid="513"
  45. # Default Computer (Samba) GID
  46. defaultComputerGid="515"
  47. skeletonDir="/etc/skel"
  48. defaultMaxPasswordAge="45"
  49. userSmbHome="\\%L\%U"
  50. userProfile="\\%L\profile\%U"
  51. userHomeDrive="P:"
  52. userScript=""
  53. mailDomain=""
  54. with_smbpasswd="0"
  55. smbpasswd="/usr/bin/smbpasswd"
  56. with_slappasswd="0"
  57. slappasswd="/usr/sbin/slappasswd"


 
et enfin le smbldap_bind.conf

Code :
  1. slaveDN="cn=admin,dc=panoranet,dc=local"
  2. slavePw="******"
  3. masterDN="cn=admin,dc=panoranet,dc=local"
  4. masterPw="******"

Reply

Marsh Posté le 10-12-2008 à 12:54:01   

Reply

Marsh Posté le 10-12-2008 à 17:42:55    

j ai donc decider de tt recommencer à zero j ai 2 petit probléme  :lol:  :lol: le premier c quand je lance la commande netgetlocalsid il me marque

Code :
  1. root@ldapsrv:/etc/ldap/slapd.d# net getlocalsid
  2. [2008/12/10 17:33:44,  0] lib/smbldap_util.c:smbldap_search_domain_info(310)
  3.   smbldap_search_domain_info: Adding domain info for PANORANET failed with NT_STATUS_UNSUCCESSFUL
  4. SID for domain LDAPSRV is: S-1-5-21-4270510118-49238045-3292731435


je ne sais pas ce que cest que NT_STATUS_UNSUCCESSFUL j aurais donc besoin de votre aide pour m aider  
le second probléme viens de la commande smbldap-populate

Code :
  1. entry dc=panoranet,dc=local already exist.
  2. entry ou=Users,dc=panoranet,dc=local already exist.
  3. entry ou=Groups,dc=panoranet,dc=local already exist.
  4. entry ou=Computers,dc=panoranet,dc=local already exist.
  5. entry ou=Idmap,dc=panoranet,dc=local already exist.
  6. adding new entry: uid=root,ou=Users,dc=panoranet,dc=local
  7. failed to add entry: objectClass: value #4 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 58.
  8. adding new entry: uid=nobody,ou=Users,dc=panoranet,dc=local
  9. failed to add entry: objectClass: value #4 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 89.
  10. adding new entry: cn=Domain Admins,ou=Groups,dc=panoranet,dc=local
  11. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 101.
  12. adding new entry: cn=Domain Users,ou=Groups,dc=panoranet,dc=local
  13. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 112.
  14. adding new entry: cn=Domain Guests,ou=Groups,dc=panoranet,dc=local
  15. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 123.
  16. adding new entry: cn=Domain Computers,ou=Groups,dc=panoranet,dc=local
  17. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 134.
  18. adding new entry: cn=Administrators,ou=Groups,dc=panoranet,dc=local
  19. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 179.
  20. adding new entry: cn=Account Operators,ou=Groups,dc=panoranet,dc=local
  21. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 201.
  22. adding new entry: cn=Print Operators,ou=Groups,dc=panoranet,dc=local
  23. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 212.
  24. adding new entry: cn=Backup Operators,ou=Groups,dc=panoranet,dc=local
  25. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 223.
  26. adding new entry: cn=Replicators,ou=Groups,dc=panoranet,dc=local
  27. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 234.
  28. adding new entry: sambaDomainName=panoranet,dc=panoranet,dc=local
  29. failed to add entry: invalid DN at /usr/sbin/smbldap-populate line 499, <GEN1> line 242.


quand je vais regarder dans les log je voie marquer ceci

Code :
  1. Dec 10 17:36:49 ldapsrv slapd[20055]: conn=48 op=2 do_search: invalid dn (sambaDomainName=GUEPE,(null))
  2. Dec 10 17:36:49 ldapsrv slapd[20055]: <= bdb_equality_candidates: (uid) not indexed
  3. Dec 10 17:36:49 ldapsrv slapd[20055]: conn=49 op=2 do_search: invalid dn (sambaDomainName=GUEPE,(null))
  4. Dec 10 17:36:49 ldapsrv slapd[20055]: <= bdb_equality_candidates: (uid) not indexed


j ai verifier tt les fichier de configuration samba.conf, ldap.conf, smbldap.conf, smbldap_bind.conf et je n'arrive pas à trouver d ou pe bien venir se domaine guepe
 
merci de votre aide à tous

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed