~Gh05t~
22.04.08, 15:27
Hi all,
ich hab seit einiger Zeit einen LDAP-Server zur Authentifitiertung (also mit PAM) laufen.
Den wollte ich nun auch für mein Samba einsetzten, leider funktioniert das nicht.
Ich bin nach diesem Tutorial vorgegangen: http://howtoforge.com/openldap-samba-domain-controller-ubuntu7.10
Ich nutze zwar Debian, aber das macht wohl kaum einen Unterschied (andere Tutorials haben ähnliche Instruktionen).
Mein Problem: Sobald ich smbldap-populate aufrufe bekomme ich folgende Ausgabe:
# smbldap-populate -u 30000 -g 30000
Populating LDAP directory for domain debianserver (S-1-5-21-2600048555-3088347004-2613447377)
(using builtin directory structure)
entry dc=debianserver already exist.
entry ou=People,dc=debianserver already exist.
entry ou=Groups,dc=debianserver already exist.
entry ou=Computers,dc=debianserver already exist.
entry ou=Users,dc=debianserver already exist.
entry uid=root,ou=People,dc=debianserver already exist.
entry uid=nobody,ou=People,dc=debianserver already exist.
adding new entry: cn=Domain Admins,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 95.
adding new entry: cn=Domain Users,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 106.
adding new entry: cn=Domain Guests,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 117.
adding new entry: cn=Domain Computers,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 128.
adding new entry: cn=Administrators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 173.
adding new entry: cn=Account Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 195.
adding new entry: cn=Print Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 206.
adding new entry: cn=Backup Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 217.
adding new entry: cn=Replicators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 228.
entry sambaDomainName=homenet,dc=debianserver already exist. Updating it...
Please provide a password for the domain root:
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
/usr/sbin/smbldap-passwd: user root doesn't exist
Das Anlegen eines Benutzers geht danach ähnlich schief:
# smbldap-useradd -a -m -M testadr -c "Samba-Testuser" smbtest
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/smbldap_tools.pm line 879.
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
Can't call method "get_value" on an undefined value at /usr/sbin/smbldap-useradd line 204.
Meine smbldap-tools-config sieht so aus:
# cat /etc/smbldap-tools/smbldap.conf | egrep -v "^#.*|^$"
SID="S-1-5-21-2600048555-3088347004-2613447377"
sambaDomain="homenet"
ldapTLS="0"
suffix="dc=debianserver"
sambaUnixIdPooldn="sambaDomainName=homenet,${suffix}"
hash_encrypt="MD5"
userSmbHome=
userProfile=
userHomeDrive=
userScript=
mailDomain="debianserver"
und hier noch meine sldapd.conf:
cat /etc/ldap/slapd.conf | egrep -v "^#.*|^$"
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/rfc2307bis.schema
include /etc/ldap/schema/samba.schema
include /etc/ldap/schema/misc.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel none
modulepath /usr/lib/ldap
moduleload back_hdb
sizelimit 500
tool-threads 1
backend hdb
database hdb
suffix "dc=debianserver"
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index objectClass eq
lastmod on
checkpoint 512 30
access to attrs=userPassword,sambaNTPassword,sambaLMPassword ,shadowLastChange
by dn="cn=admin,dc=debianserver" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=debianserver" write
by * read
TLSCertificateFile /etc/ldap/certs/ldap.cert
TLSCertificateKeyFile /etc/ldap/certs/ldap.key
TLSCACertificateFile /etc/ldap/certs/ca.cert
# apt-show-versions slapd ldapscripts smbldap-tools ldap-utils
ldap-utils/testing uptodate 2.4.7-6.1
ldapscripts/testing uptodate 1.7.1-2
slapd/testing uptodate 2.4.7-6.1
smbldap-tools/testing uptodate 0.9.4-1
Hat jemand einen Tip für mich was da das Problem sein könnte?
ich hab seit einiger Zeit einen LDAP-Server zur Authentifitiertung (also mit PAM) laufen.
Den wollte ich nun auch für mein Samba einsetzten, leider funktioniert das nicht.
Ich bin nach diesem Tutorial vorgegangen: http://howtoforge.com/openldap-samba-domain-controller-ubuntu7.10
Ich nutze zwar Debian, aber das macht wohl kaum einen Unterschied (andere Tutorials haben ähnliche Instruktionen).
Mein Problem: Sobald ich smbldap-populate aufrufe bekomme ich folgende Ausgabe:
# smbldap-populate -u 30000 -g 30000
Populating LDAP directory for domain debianserver (S-1-5-21-2600048555-3088347004-2613447377)
(using builtin directory structure)
entry dc=debianserver already exist.
entry ou=People,dc=debianserver already exist.
entry ou=Groups,dc=debianserver already exist.
entry ou=Computers,dc=debianserver already exist.
entry ou=Users,dc=debianserver already exist.
entry uid=root,ou=People,dc=debianserver already exist.
entry uid=nobody,ou=People,dc=debianserver already exist.
adding new entry: cn=Domain Admins,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 95.
adding new entry: cn=Domain Users,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 106.
adding new entry: cn=Domain Guests,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 117.
adding new entry: cn=Domain Computers,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 128.
adding new entry: cn=Administrators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 173.
adding new entry: cn=Account Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 195.
adding new entry: cn=Print Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 206.
adding new entry: cn=Backup Operators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 217.
adding new entry: cn=Replicators,ou=Groups,dc=debianserver
failed to add entry: no structural object class provided at /usr/sbin/smbldap-populate line 499, <GEN1> line 228.
entry sambaDomainName=homenet,dc=debianserver already exist. Updating it...
Please provide a password for the domain root:
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
/usr/sbin/smbldap-passwd: user root doesn't exist
Das Anlegen eines Benutzers geht danach ähnlich schief:
# smbldap-useradd -a -m -M testadr -c "Samba-Testuser" smbtest
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/smbldap_tools.pm line 879.
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 453.
Can't call method "get_value" on an undefined value at /usr/sbin/smbldap-useradd line 204.
Meine smbldap-tools-config sieht so aus:
# cat /etc/smbldap-tools/smbldap.conf | egrep -v "^#.*|^$"
SID="S-1-5-21-2600048555-3088347004-2613447377"
sambaDomain="homenet"
ldapTLS="0"
suffix="dc=debianserver"
sambaUnixIdPooldn="sambaDomainName=homenet,${suffix}"
hash_encrypt="MD5"
userSmbHome=
userProfile=
userHomeDrive=
userScript=
mailDomain="debianserver"
und hier noch meine sldapd.conf:
cat /etc/ldap/slapd.conf | egrep -v "^#.*|^$"
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/rfc2307bis.schema
include /etc/ldap/schema/samba.schema
include /etc/ldap/schema/misc.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel none
modulepath /usr/lib/ldap
moduleload back_hdb
sizelimit 500
tool-threads 1
backend hdb
database hdb
suffix "dc=debianserver"
directory "/var/lib/ldap"
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
index objectClass eq
lastmod on
checkpoint 512 30
access to attrs=userPassword,sambaNTPassword,sambaLMPassword ,shadowLastChange
by dn="cn=admin,dc=debianserver" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=debianserver" write
by * read
TLSCertificateFile /etc/ldap/certs/ldap.cert
TLSCertificateKeyFile /etc/ldap/certs/ldap.key
TLSCACertificateFile /etc/ldap/certs/ca.cert
# apt-show-versions slapd ldapscripts smbldap-tools ldap-utils
ldap-utils/testing uptodate 2.4.7-6.1
ldapscripts/testing uptodate 1.7.1-2
slapd/testing uptodate 2.4.7-6.1
smbldap-tools/testing uptodate 0.9.4-1
Hat jemand einen Tip für mich was da das Problem sein könnte?