probleme ldap

probleme ldap - Réseaux - Réseaux grand public / SoHo

Marsh Posté le 10-12-2008 à 12:54:01    

bonjour  
je souhaiterais installer un Pdc.
 j ai installer samba qui fonctionne sans probléme, par la suite j'ai installer LDAP ,et je l'ai configurerselon le site et le tuto de damstux, quand je lance la commande net getlocalsid j ai bien le SID du domaine mais par contre quand je lance la commande smbldap-populate la j ai une erreur .
 
voici le rapport de syslog

Code :
  1. Dec 10 12:28:36 ldapsrv slapd[11388]: conn=0 op=34 do_add: invalid dn (sambaDomainName=panoranet,dc=panoranet,dc=local)


 
merci a vous tous pour votre aide car je ne sais vraiment plus quoi faire  
 
voici le smb.conf

Code :
  1. [global]
  2. ### A changer: pas d'espace, ni point === >
  3. workgroup = panoranet
  4. ### A changer, mettre le meme nom que le nom de votre machine === >
  5. netbios name = ldapsrv
  6. server string = PDC Samba
  7. domain master = Yes
  8. local master = Yes
  9. domain logons = Yes
  10. os level = 40
  11. #passwd program = /usr/sbin/smbldap-passwd ?u %u
  12. ldap passwd sync = Yes
  13. passdb backend = tdbsam
  14. #ldapsam:ldap://127.0.0.1/
  15. #tdbsam
  16. ### A changer === >
  18. ldap admin dn = cn=admin,dc=panoranet,dc=local
  20. ### A changer === >
  21. ldap suffix = dc=panoranet,dc=local
  22. ldap group suffix = ou=Groups
  23. ldap user suffix = ou=Users
  24. ldap machine suffix = ou=Machines
  25. add user script = /usr/sbin/smbldap-useradd -m "%u"
  26. ldap delete dn = Yes
  27. delete user script = /usr/sbin/smbldap-userdel "%u"
  28. add machine script = /usr/sbin/smbldap-useradd -w "%u"
  29. add group script = /usr/sbin/smbldap-groupadd -p "%g"
  30. #delete group script = /usr/sbin/smbldap-groupdel "%g"
  31. add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
  32. delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
  33. set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
  34. logon path = \\%L\profile\%U
  35. logon drive = P:
  36. logon home = \\%L\%U
  37. socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  38. case sensitive = No
  39. default case = lower
  40. preserve case = yes
  41. short preserve case = Yes
  42. #character set = iso8859-1
  43. #domain admin group = @admin
  44. dns proxy = No
  46. ### A changer si vous n'utilisez pas ce réseau === >
  47. log file = /var/log/syslog
  48. hosts allow = 10.0.3.
  49. nt acl support = Yes
  50. msdfs root = Yes
  51. hide files = /desktop.ini/ntuser.ini/NTUSER.*/
  52. ### FIN DE LA PARTIE GLOBALE #####
  54. ###patages####
  55. [homes]
  56. comment = Home Directories
  57. browseable = no
  58. writable = yes
  60. [public]
  61. # Partage du dossier public, visible et accessible par tout le monde
  62. comment = Repertoire public sur serveur
  63. writable = yes
  64. path = /srv/samba/public
  65. guest ok = yes
  67. [private]
  68. # Partage du dossier private, visible et pas accessible
  69. # par tout le monde (seulement utilisateur du domaine authentifie)
  70. comment = Repertoire private du serveur
  71. path = /srv/samba/private
  72. valid users = @dom_users
  73. writable = yes
  74. browseable = yes
  75. guest ok = no


 
le ldap.conf

Code :
  1. # This is the main slapd configuration file. See slapd.conf(5) for more
  2. # info on the configuration options.
  4. #######################################################################
  5. # Global Directives:
  7. # Features to permit
  8. #allow bind_v2
  10. # Schema and objectClass definitions
  11. ######## Schéma par défaut
  12. include         /etc/ldap/schema/core.schema
  13. include         /etc/ldap/schema/cosine.schema
  14. include         /etc/ldap/schema/nis.schema
  15. include         /etc/ldap/schema/inetorgperson.schema
  17. include         /etc/ldap/schema/samba.schema
  20. # Schema check allows for forcing entries to
  21. # match schemas for their objectClasses's
  22. schemacheck     on
  24. # Where the pid file is put. The init.d script
  25. # will not stop the server if you change this.
  26. pidfile         /var/run/slapd/slapd.pid
  28. # List of arguments that were passed to the server
  29. argsfile        /var/run/slapd.args
  31. # Read slapd.conf(5) for possible values
  32. loglevel        296
  34. # Where the dynamically loaded modules are stored
  35. modulepath      /usr/lib/ldap
  36. moduleload      back_bdb
  38. #######################################################################
  39. # Specific Backend Directives for bdb:
  40. # Backend specific directives apply to this backend until another
  41. # 'backend' directive occurs
  42. backend         bdb
  43. checkpoint 512 30
  46. #######################################################################
  47. # Specific Directives for database #1, of type bdb:
  48. # Database specific directives apply to this databasse until another
  49. # 'database' directive occurs
  50. database        bdb
  52. # The base of your directory in database #1
  53. ######## Donnez le nom de votre base LDAP (normalement debconf a rajouté pour vous cette ligne)
  54. suffix          "dc=admin,dc=local"
  55. rootdn          "cn=admin,dc=panoranet,dc=local"
  56. rootpw          {SSHA}OpRnByQyJ7h0SnbvJyb9qMiz3bQaSo/y
  58. # Where the database file are physically stored for database #1
  59. directory       "/var/lib/ldap"
  60. index           objectClass eq
  61. lastmod         on
  64. # The userPassword by default can be changed
  65. # by the entry owning it if they are authenticated.
  66. # Others should not be able to see it, except the
  67. # admin entry below
  68. # These access lines apply to database #1 only
  69. access to attrs=userPassword
  70.         by dn="cn=admin,dc=panoranet,dc=local" write
  71.         by anonymous auth
  72.         by self write
  73.         by * none
  76. access to dn.base="" by * read
  78. # The admin dn has full write access, everyone else
  79. # can read everything.
  80. access to *
  81.         by dn="cn=admin,dc=panoranet,dc=local" write
  82.         by * read


 
le smbldap.conf

Code :
  1. ################################
  2. #
  3. # General Configuration
  4. #
  5. ####################################
  6. SID="S-1-5-21-858057350-1229567032-2341775246"
  7. sambaDomain="panoranet"
  9. ####################################
  10. #
  11. # LDAP Configuration
  12. #
  13. ####################################
  14. slaveLDAP="127.0.0.1"
  15. slavePort="389"
  16. masterLDAP="127.0.0.1"
  17. # Master LDAP port
  18. masterPort="389"
  19. ldapTLS="0"
  20. verify=""
  21. cafile=""
  22. clientcert=""
  23. clientkey=""
  24. suffix="dc=panoranet,dc=local"
  25. usersdn="ou=Users,${suffix}"
  26. computersdn="ou=Machines,${suffix}"
  27. groupsdn="ou=Groups,${suffix}"
  28. idmapdn="ou=Idmap,${suffix}"
  29. sambaUnixIdPooldn="sambaDomainName=panoranet,${suffix}"
  30. scope="sub"
  31. hash_encrypt="SSHA"
  32. crypt_salt_format=""
  33. ################################
  34. #
  35. # Unix Accounts Configuration
  36. #
  37. ################################
  39. # Default Login Shell
  40. userLoginShell="/bin/bash"
  41. # Home directory
  42. userHome="/home/%U"
  43. userHomeDirectoryMode="700"
  44. userGecos="System User"
  45. # Default User (POSIX and Samba) GID
  46. defaultUserGid="513"
  47. # Default Computer (Samba) GID
  48. defaultComputerGid="515"
  49. skeletonDir="/etc/skel"
  50. defaultMaxPasswordAge="45"
  51. userSmbHome="\\%L\%U"
  52. userProfile="\\%L\profile\%U"
  53. userHomeDrive="P:"
  54. userScript=""
  55. mailDomain=""
  56. with_smbpasswd="0"
  57. smbpasswd="/usr/bin/smbpasswd"
  58. with_slappasswd="0"
  59. slappasswd="/usr/sbin/slappasswd"


 
et enfin le smbldap_bind.conf

Code :
  1. slaveDN="cn=admin,dc=panoranet,dc=local"
  2. slavePw="******"
  3. masterDN="cn=admin,dc=panoranet,dc=local"
  4. masterPw="******"

Reply

Marsh Posté le 10-12-2008 à 12:54:01   

Reply

Marsh Posté le 10-12-2008 à 17:42:55    

j ai donc decider de tt recommencer à zero j ai 2 petit probléme  :lol:  :lol: le premier c quand je lance la commande netgetlocalsid il me marque

Code :
  1. root@ldapsrv:/etc/ldap/slapd.d# net getlocalsid
  2. [2008/12/10 17:33:44,  0] lib/smbldap_util.c:smbldap_search_domain_info(310)
  3.   smbldap_search_domain_info: Adding domain info for PANORANET failed with NT_STATUS_UNSUCCESSFUL
  4. SID for domain LDAPSRV is: S-1-5-21-4270510118-49238045-3292731435


je ne sais pas ce que cest que NT_STATUS_UNSUCCESSFUL j aurais donc besoin de votre aide pour m aider  
le second probléme viens de la commande smbldap-populate

Code :
  1. entry dc=panoranet,dc=local already exist.
  2. entry ou=Users,dc=panoranet,dc=local already exist.
  3. entry ou=Groups,dc=panoranet,dc=local already exist.
  4. entry ou=Computers,dc=panoranet,dc=local already exist.
  5. entry ou=Idmap,dc=panoranet,dc=local already exist.
  6. adding new entry: uid=root,ou=Users,dc=panoranet,dc=local
  7. failed to add entry: objectClass: value #4 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 58.
  8. adding new entry: uid=nobody,ou=Users,dc=panoranet,dc=local
  9. failed to add entry: objectClass: value #4 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 89.
  10. adding new entry: cn=Domain Admins,ou=Groups,dc=panoranet,dc=local
  11. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 101.
  12. adding new entry: cn=Domain Users,ou=Groups,dc=panoranet,dc=local
  13. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 112.
  14. adding new entry: cn=Domain Guests,ou=Groups,dc=panoranet,dc=local
  15. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 123.
  16. adding new entry: cn=Domain Computers,ou=Groups,dc=panoranet,dc=local
  17. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 134.
  18. adding new entry: cn=Administrators,ou=Groups,dc=panoranet,dc=local
  19. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 179.
  20. adding new entry: cn=Account Operators,ou=Groups,dc=panoranet,dc=local
  21. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 201.
  22. adding new entry: cn=Print Operators,ou=Groups,dc=panoranet,dc=local
  23. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 212.
  24. adding new entry: cn=Backup Operators,ou=Groups,dc=panoranet,dc=local
  25. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 223.
  26. adding new entry: cn=Replicators,ou=Groups,dc=panoranet,dc=local
  27. failed to add entry: objectClass: value #2 invalid per syntax at /usr/sbin/smbldap-populate line 499, <GEN1> line 234.
  28. adding new entry: sambaDomainName=panoranet,dc=panoranet,dc=local
  29. failed to add entry: invalid DN at /usr/sbin/smbldap-populate line 499, <GEN1> line 242.


quand je vais regarder dans les log je voie marquer ceci

Code :
  1. Dec 10 17:36:49 ldapsrv slapd[20055]: conn=48 op=2 do_search: invalid dn (sambaDomainName=GUEPE,(null))
  2. Dec 10 17:36:49 ldapsrv slapd[20055]: <= bdb_equality_candidates: (uid) not indexed
  3. Dec 10 17:36:49 ldapsrv slapd[20055]: conn=49 op=2 do_search: invalid dn (sambaDomainName=GUEPE,(null))
  4. Dec 10 17:36:49 ldapsrv slapd[20055]: <= bdb_equality_candidates: (uid) not indexed


j ai verifier tt les fichier de configuration samba.conf, ldap.conf, smbldap.conf, smbldap_bind.conf et je n'arrive pas à trouver d ou pe bien venir se domaine guepe
 
merci de votre aide à tous

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed