Tuxist
16.03.08, 13:13
Ldap Benutzer anmeldung auf dem server und mit linux clients funktioniert nur mit windows clients kann zwar den cumputer in die domäne hinzufügen mehr aber auch nicht. Anmelden der benutzer schlägt fehl.
ar 16 13:51:59 wehrwolf slapd[6233]: sql_select option missing
Mar 16 13:51:59 wehrwolf slapd[6233]: auxpropfunc error no mechanism available
Mar 16 13:51:59 wehrwolf slapd[6233]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Mar 16 13:51:59 wehrwolf slapd[6233]: auxpropfunc error invalid parameter supplied
Mar 16 13:51:59 wehrwolf slapd[6233]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server...
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not search LDAP server - Server is unavailable
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server...
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: could not search LDAP server - Server is unava
smb.conf:
testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[public]"
Processing section "[Musik]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = WEHRWOLFLOCAL
server string = Samba Server %v
interfaces = eth1, lo
passdb backend = ldapsam:ldap://127.0.0.1/
passwd program = /usr/sbin/smbldap-passwd %u
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin//smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = startup.bat
logon path = \\%L\Profiles\%U
logon drive = p:
logon home =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=Manager,dc=wehrwolf,dc=local
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=wehrwolf,dc=local
ldap ssl = no
ldap user suffix = ou=Users
utmp = Yes
idmap backend = ldap://127.0.0.1
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
hosts allow = ALL
cups options = raw
[homes]
path = /home/%U
valid users = %S
read only = No
inherit permissions = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
[profiles]
path = /home/samba/profiles
read only = No
create mask = 0600
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[public]
comment = Public halt
path = /home/public
valid users = "@Domain Users"
force group = "@Domain Users"
[Musik]
path = /home/Musik
guest ok = Yes
wehrwolf:~#
slapd.conf
# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.
################################################## #####################
# Global Directives:
# Features to permit
allow bind_v2
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd/slapd.args
# Read slapd.conf(5) for possible values
loglevel 0
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_bdb
# The maximum number of entries that is returned for a search operation
sizelimit 500
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
backend bdb
checkpoint 512 30
database bdb
# The base of your directory in database #1
suffix dc=wehrwolf,dc=local
rootdn cn=Manager,dc=wehrwolf,dc=local
rootpw {SSHA}secret
# Where the database file are physically stored for database #1
directory "/var/lib/ldap"
# Number of objects that can be locked at the same time.
dbconfig set_lk_max_objects 1500
# Number of locks (both requested and granted)
dbconfig set_lk_max_locks 1500
# Number of lockers
dbconfig set_lk_max_lockers 1500
lastmod on
# Where to store the replica logs for database #1
# replogfile /var/lib/ldap/replog
access to attrs=userPassword,shadowLastChange
by dn="cn=Manager,dc=wehrwolf,dc=local" write
by anonymous auth
by self write
by * none
# The admin dn has full write access, everyone else
# can read everything.
access to *
by dn="cn=Manager,dc=wehrwolf,dc=local" write
by * read
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
access to attrs=userPassword,sambaNTPassword,sambaLMPassword
by self write
by anonymous auth
by * none
access to *
by * read
ar 16 13:51:59 wehrwolf slapd[6233]: sql_select option missing
Mar 16 13:51:59 wehrwolf slapd[6233]: auxpropfunc error no mechanism available
Mar 16 13:51:59 wehrwolf slapd[6233]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Mar 16 13:51:59 wehrwolf slapd[6233]: auxpropfunc error invalid parameter supplied
Mar 16 13:51:59 wehrwolf slapd[6233]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server...
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:51:59 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not search LDAP server - Server is unavailable
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server...
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:00 wehrwolf slapd[6233]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: could not connect to any LDAP server as cn=manager,dc=wehrwolf,dc=local - Can't contact LDAP server
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Mar 16 13:52:01 wehrwolf slapd[6233]: nss_ldap: could not search LDAP server - Server is unava
smb.conf:
testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[printers]"
Processing section "[public]"
Processing section "[Musik]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = WEHRWOLFLOCAL
server string = Samba Server %v
interfaces = eth1, lo
passdb backend = ldapsam:ldap://127.0.0.1/
passwd program = /usr/sbin/smbldap-passwd %u
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin//smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = startup.bat
logon path = \\%L\Profiles\%U
logon drive = p:
logon home =
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=Manager,dc=wehrwolf,dc=local
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=wehrwolf,dc=local
ldap ssl = no
ldap user suffix = ou=Users
utmp = Yes
idmap backend = ldap://127.0.0.1
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
hosts allow = ALL
cups options = raw
[homes]
path = /home/%U
valid users = %S
read only = No
inherit permissions = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
[profiles]
path = /home/samba/profiles
read only = No
create mask = 0600
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[public]
comment = Public halt
path = /home/public
valid users = "@Domain Users"
force group = "@Domain Users"
[Musik]
path = /home/Musik
guest ok = Yes
wehrwolf:~#
slapd.conf
# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.
################################################## #####################
# Global Directives:
# Features to permit
allow bind_v2
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd/slapd.args
# Read slapd.conf(5) for possible values
loglevel 0
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_bdb
# The maximum number of entries that is returned for a search operation
sizelimit 500
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
backend bdb
checkpoint 512 30
database bdb
# The base of your directory in database #1
suffix dc=wehrwolf,dc=local
rootdn cn=Manager,dc=wehrwolf,dc=local
rootpw {SSHA}secret
# Where the database file are physically stored for database #1
directory "/var/lib/ldap"
# Number of objects that can be locked at the same time.
dbconfig set_lk_max_objects 1500
# Number of locks (both requested and granted)
dbconfig set_lk_max_locks 1500
# Number of lockers
dbconfig set_lk_max_lockers 1500
lastmod on
# Where to store the replica logs for database #1
# replogfile /var/lib/ldap/replog
access to attrs=userPassword,shadowLastChange
by dn="cn=Manager,dc=wehrwolf,dc=local" write
by anonymous auth
by self write
by * none
# The admin dn has full write access, everyone else
# can read everything.
access to *
by dn="cn=Manager,dc=wehrwolf,dc=local" write
by * read
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
access to attrs=userPassword,sambaNTPassword,sambaLMPassword
by self write
by anonymous auth
by * none
access to *
by * read