[FUG-BR] Samba e Ldap

Matheus Cucoloto matheuscucoloto em gmail.com
Quarta Janeiro 23 10:23:21 BRST 2008 

Ae galéra, pesquisei muito ja e não consegui achar o caminho da pedra
para resolver este problema:
Quando gero o populate acontece o seguinte problema

# smbldap-populate
Populating LDAP directory for domain DOMINIO
(S-1-5-21-2976607633-1561974291-3445042700)
(using builtin directory structure)

entry dc=dominio,dc=com,dc=br already exist.
entry ou=People,dc=dominio,dc=com,dc=br already exist.
entry ou=Group,dc=dominio,dc=com,dc=br already exist.
entry ou=Computers,dc=dominio,dc=com,dc=br already exist.
adding new entry: ou=Idmap,dc=dominio,dc=com,dc=br
entry uid=root,ou=People,dc=dominio,dc=com,dc=br already exist.
entry uid=nobody,ou=People,dc=dominio,dc=com,dc=br already exist.
adding new entry: cn=Domain Admins,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Domain Users,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Domain Guests,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Domain Computers,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Administrators,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Account Operators,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Print Operators,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Backup Operators,ou=Group,dc=dominio,dc=com,dc=br
adding new entry: cn=Replicators,ou=Group,dc=domino,dc=com,dc=br
entry cn=NextFreeUnixId,dc=dominio,dc=com,dc=br already exist. Updating it...

failed to modify entry: attribute 'sambaNextRid' not allowed at
/usr/local/sbin/smbldap-populate line 492, <GEN1> line 241.

Please provide a password for the domain root:
Changing UNIX and samba passwords for root
New password:
Retype new password:
When run by root:
    smbpasswd [options] [username]
otherwise:
    smbpasswd [options]

options:
  -L                   local mode (must be first option)
  -h                   print this usage message
  -s                   use stdin for password prompt
  -c smb.conf file     Use the given path to the smb.conf file
  -D LEVEL             debug level
  -r MACHINE           remote machine
  -U USER              remote username
extra options when run by root or in local mode:
  -a                   add user
  -d                   disable user
  -e                   enable user
  -i                   interdomain trust account
  -m                   machine trust account
  -n                   set no password
  -W                   use stdin ldap admin password
  -w PASSWORD          ldap admin password
  -x                   delete user
  -R ORDER             name resolve order
Failed to modify UNIX password: attribute 'shadowLastChange' not
allowed at /usr/local/sbin/smbldap-passwd line 285, <STDIN> line 2.


Aqui eu tento criar uma maquina nova (nao retorna nada)

# smbldap-useradd -w NOME-DA-MAQUINA2

Aqui eu tento cria um usuario e nao consigo retorna o erro abaixo

# smbldap-useradd -m -a NOME-DO-USUARIO2
Cannot confirm uidNumber 1001 is free: checking for the next one
Can't call method "get_value" on an undefined value at
/usr/local/sbin/smbldap-useradd line 204.

# smbldap-useradd -m -a NOME-DO-USUARIO2
Can't call method "get_value" on an undefined value at
/usr/local/sbin/smbldap-useradd line 204.

# smbldap-passwd NOME-DO-USUARIO2
/usr/local/sbin/smbldap-passwd: user NOME-DO-USUARIO2 doesn't exist

Aqui eu tento alterar a senha de um usuario ja cadastrado no ldap
através do base.ldif
# smbldap-passwd NOME-DO-USUARIO
Changing UNIX password for NOME-DO-USUARIO
New password:
Retype new password:
Failed to modify UNIX password: attribute 'shadowLastChange' not
allowed at /usr/local/sbin/smbldap-passwd line 285, <STDIN> line 2.


Dando uma espiada no debug.log aparece isso:

Jan 23 12:16:10 thayse slapd[31124]: conn=48 op=3 MOD
dn="uid=NOME-DO-USUARIO,ou=People,dc=dominio,dc=com,dc=br"
Jan 23 12:16:10 thayse slapd[31124]: conn=48 op=3 MOD
attr=userPassword shadowLastChange shadowMax
Jan 23 12:16:10 thayse slapd[31124]: Entry
(uid=NOME-DO-USUARIO,ou=People,dc=dominio,dc=com,dc=br), attribute
'shadowLastChange' not allowed
Jan 23 12:16:10 thayse slapd[31124]: entry failed schema check:
attribute 'shadowLastChange' not allowed
Jan 23 12:16:10 thayse slapd[31124]: conn=48 op=3 RESULT tag=103
err=65 text=attribute 'shadowLastChange' not allowed
Jan 23 12:16:10 thayse slapd[31124]: conn=48 op=4 UNBIND
Jan 23 12:16:10 thayse slapd[31124]: conn=48 fd=11 closed


Ajuda please!

-- 
Matheus Cucoloto
System Admin.
Net Admin.

Mais detalhes sobre a lista de discussão freebsd