[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: cannot populate with smbldap-populate
Hi,
please take a look of my permissions:
ls -l /var
drwxr-xr-x 13 openldap openldap 4096 Mar 20 09:47 var
ls -l /var/lib
drwxr-xr-x 31 openldap openldap 4096 Apr 28 16:38 lib
ls -l /var/lib/ldap
drwxr-xr-x 2 openldap openldap 4096 Apr 30 08:31 ldap
ls -l /var/lib/ldap/
root@amahoro:/# ls -l /var/lib/ldap/
total 11580
-rw-r----- 1 openldap openldap 4096 Apr 30 08:31 alock
-rw------- 1 openldap openldap 8192 Apr 29 11:47 cn.bdb
-rw------- 1 openldap openldap 24576 Apr 30 08:31 __db.001
-rw------- 1 openldap openldap 352256 Apr 30 08:38 __db.002
-rw------- 1 openldap openldap 2629632 Apr 30 08:38 __db.003
-rw------- 1 openldap openldap 163840 Apr 30 08:38 __db.004
-rw------- 1 openldap openldap 876544 Apr 30 08:38 __db.005
-rw------- 1 openldap openldap 32768 Apr 30 08:38 __db.006
-rw-r--r-- 1 openldap openldap 96 Apr 23 17:34 DB_CONFIG
-rw------- 1 openldap openldap 8192 Apr 28 14:23 dn2id.bdb
-rw------- 1 openldap openldap 8192 Apr 29 11:47 gidNumber.bdb
-rw------- 1 openldap openldap 32768 Apr 28 14:23 id2entry.bdb
-rw------- 1 openldap openldap 10485760 Apr 30 08:30 log.0000000001
-rw------- 1 openldap openldap 8192 Apr 29 11:47 mail.bdb
-rw------- 1 openldap openldap 8192 Apr 28 14:00 memberUid.bdb
-rw------- 1 openldap openldap 8192 Apr 28 11:52 objectClass.bdb
-rw------- 1 openldap openldap 8192 Apr 29 11:47 sambaSID.bdb
-rw------- 1 openldap openldap 8192 Apr 29 11:47 sn.bdb
-rw------- 1 openldap openldap 8192 Apr 29 11:47 uid.bdb
-rw------- 1 openldap openldap 8192 Apr 29 11:47 uidNumber.bdb
Are ok?
On 4/30/12, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
>
>
> On Apr 29, 2012, at 3:27 AM, stefano malini <lozingalo@gmail.com> wrote:
>
>> Hi,
>> other check:
>>
>> using
>> sudo strace /usr/sbin/slapindex
>> i found the line:
>> open("/var/lib/ldap/DUMMY", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) =
>> -1 EACCES (Permission denied)
>> but in that directory there is not not "DUMMY"
>>
>> What can i do? am blocked on this point
>>
>> Thanks
>
> Clearly the higher level directory permissions are wrong. Fix them.
>
> --Quanah
>
>
>> On 04/29/2012 11:02 AM, Jonathan Clarke wrote:
>>> On 29 avr. 2012, at 10:27, stefano malini<lozingalo@gmail.com> wrote:
>>>
>>>> I used slapindex also, the output is:
>>>>
>>>> stefano@amahoro:~$ /usr/sbin/slapindex
>>>> /etc/ldap/slapd.conf: line 20: invalid path: Permission denied
>>>> slapindex: bad configuration file!
>>>
>>> Try running slapindex as the user "openldap". Also, make sure that you
>>> run slapd as that user too.
>>>
>>> Jonathan
>>>
>>>> This is my slapd.conf
>>>>
>>>> #Basics
>>>> include /etc/ldap/schema/core.schema
>>>> include /etc/ldap/schema/cosine.schema
>>>> include /etc/ldap/schema/nis.schema
>>>> include /etc/ldap/schema/inetorgperson.schema
>>>> include /etc/ldap/schema/samba.schema
>>>>
>>>> pidfile /var/run/slapd/slapd.pid
>>>> argsfile /var/run/slapd/slapd.args
>>>> loglevel 256
>>>>
>>>> modulepath /usr/lib/ldap
>>>> moduleload back_hdb
>>>>
>>>> #Database configuration
>>>> database hdb
>>>> suffix "dc=amahoro,dc=bi"
>>>> rootdn "cn=Manager,dc=amahoro,dc=bi"
>>>> rootpw {SSHA}XBLZ+TknuZHW3dirN2SE2fj3mYka3tkG
>>>> directory /var/lib/ldap<----------------------------- LINE 20
>>>> index uid,uidNumber,gidNumber,memberUid eq
>>>> index cn,mail,surname,givenname eq,subinitial
>>>> index sambaSID eq
>>>> index sambaPrimaryGroupSID eq
>>>>
>>>>
>>>> #ACLs
>>>> access to attrs=userPassword
>>>> by anonymous auth
>>>> by self write
>>>> by * none
>>>>
>>>> access to *
>>>> by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read
>>>> by self write
>>>> by * none
>>>>
>>>>
>>>> These are the permissions of /var/lib/ldap/are
>>>>
>>>> drwxr-x--- 2 openldap openldap 4096 Apr 29 09:57 ldap
>>>>
>>>> -rw-r--r-- 1 openldap openldap 4096 Apr 29 09:57 alock
>>>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 cn.bdb
>>>> -rw------- 1 openldap openldap 24576 Apr 29 09:57 __db.001
>>>> -rw------- 1 openldap openldap 352256 Apr 29 09:57 __db.002
>>>> -rw------- 1 openldap openldap 2629632 Apr 29 09:57 __db.003
>>>> -rw------- 1 openldap openldap 163840 Apr 29 09:57 __db.004
>>>> -rw------- 1 openldap openldap 876544 Apr 29 09:57 __db.005
>>>> -rw------- 1 openldap openldap 32768 Apr 29 09:57 __db.006
>>>> -rw-r--r-- 1 openldap openldap 96 Apr 23 17:34 DB_CONFIG
>>>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 dn2id.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 gidNumber.bdb
>>>> -rw------- 1 openldap openldap 32768 Apr 28 14:23 id2entry.bdb
>>>> -rw------- 1 openldap openldap 10485760 Apr 29 09:57 log.0000000001
>>>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 mail.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 14:00 memberUid.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 11:52 objectClass.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 sambaSID.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 sn.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 uid.bdb
>>>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 uidNumber.bdb
>>>>
>>>> Whato do you think?
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>>
>>>> On 04/28/2012 08:33 PM, stefano malini wrote:
>>>>> anyone?
>>>>>
>>>>> On 04/28/2012 11:30 AM, stefano malini wrote:
>>>>>> Hi,
>>>>>> i cannot end the populating process using smbldap-populate due to
>>>>>> this
>>>>>> errors:
>>>>>>
>>>>>> root@amahoro:~# smbldap-populate
>>>>>> Populating LDAP directory for domain AMAHORO
>>>>>> (S-1-5-21-251852451-2940789264-3475694606)
>>>>>> (using builtin directory structure)
>>>>>>
>>>>>> entry dc=amahoro,dc=bi already exist.
>>>>>> entry ou=Users,dc=amahoro,dc=bi already exist.
>>>>>> entry ou=Groups,dc=amahoro,dc=bi already exist.
>>>>>> entry ou=Computers,dc=amahoro,dc=bi already exist.
>>>>>> entry ou=Idmap,dc=amahoro,dc=bi already exist.
>>>>>> adding new entry: uid=root,ou=Users,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 58.
>>>>>> adding new entry: uid=nobody,ou=Users,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 89.
>>>>>> adding new entry: cn=Domain Admins,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 101.
>>>>>> adding new entry: cn=Domain Users,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 112.
>>>>>> adding new entry: cn=Domain Guests,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 123.
>>>>>> adding new entry: cn=Domain Computers,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 134.
>>>>>> adding new entry: cn=Administrators,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 179.
>>>>>> adding new entry: cn=Account Operators,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 201.
>>>>>> adding new entry: cn=Print Operators,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 212.
>>>>>> adding new entry: cn=Backup Operators,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 223.
>>>>>> adding new entry: cn=Replicators,ou=Groups,dc=amahoro,dc=bi
>>>>>> failed to add entry: index generation failed at
>>>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 234.
>>>>>> entry sambaDomainName=AMAHORO,dc=amahoro,dc=bi already exist.
>>>>>> Updating
>>>>>> it...
>>>>>>
>>>>>> Please provide a password for the domain root:
>>>>>> /usr/sbin/smbldap-passwd: user root doesn't exist
>>>>>>
>>>>>> i don't find the error "index generation failed" on internet. Do you
>>>>>> know the problem?
>>>>>>
>>>>>> Thanks
>>>>
>>>
>>
>