[FUG-BR] Problemas com a configuração do LDAP
Flavio Junior
billpp em gmail.com
Quinta Janeiro 22 14:30:00 BRST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Miguel,
Continua o MESMO ERRO na MESMA LINHA ?
Manda no e-mail sempre o comando e o erro, pra gente ter uma ideia do
que ta fazendo.
- --
Flávio do Carmo Júnior aka waKKu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: http://getfiregpg.org
iEYEARECAAYFAkl4nwkACgkQgyuXjr6dykt9NACgk2XzRC7UQ82E9XCtPFw1KQGf
V+kAn16gze1NMd+UkpUHJTI/ClCKLDUI
=vm02
-----END PGP SIGNATURE-----
On Thu, Jan 22, 2009 at 2:21 PM, Miguel Martins <migueljr01 em gmail.com> wrote:
> Verifiquei o NIS.SCHEMA esta lah retirei as linhas "userPassword: {crypt}*"
> e continua...
>
>
> sauron# cat /usr/local/etc/openldap/slapd.conf
> include /usr/local/etc/openldap/schema/core.schema
> include /usr/local/etc/openldap/schema/cosine.schema
> include /usr/local/etc/openldap/schema/inetorgperson.schema
> include /usr/local/etc/openldap/schema/nis.schema
> include /usr/local/etc/openldap/schema/samba.schema
> include /usr/local/etc/openldap/schema/bind.schema
>
> referral ldap://localhost
>
> # Load dynamic backend modules:
> modulepath /usr/local/libexec/openldap
> moduleload back_bdb
> moduleload back_ldap
>
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
>
> # Banco de dados LDAP
> database bdb
> suffix "dc=assesc,dc=edu,dc=br"
>
> # Definimos a conta administradora como "root"
> rootdn "cn=root,dc=assesc,dc=edu,dc=br"
>
> # A senha deve ser gerada com o slappaswd.
>
> ##Ex: # slappasswd
> ## New password:
> ## Re-enter new password:
> ## {SSHA}e7C9/YlcGzCsk7gCkzVzhYFNB/4DzcGB
>
> rootpw {SSHA}kGX3aMbe9pQHzoGeYvOe0j4MNAln6OYQ
>
> # Caminho para a base de dados LDAP
> directory /var/db/openldap-data
>
> password-hash {CRYPT}
> password-crypt-salt-format "$1$.8s"
>
> #indices para otimizar acesso
> index objectClass,uidNumber,gidNumber eq
> index cn,sn,uid,displayName pres,sub,eq
> index memberUid,mail,givenname eq
> index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
> index default sub
>
> # ACLs
> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> by self write
> by anonymous auth
> by * none
>
> access to *
> by * read
>
> sauron#
> sauron# ls /usr/local/etc/openldap/schema/
> README cosine.schema
> java.schema.default openldap.schema.default
> bind.schema cosine.schema.default
> misc.schema ppolicy.schema
> corba.schema dyngroup.schema
> misc.schema.default ppolicy.schema.default
> corba.schema.default dyngroup.schema.default
> nis.schema samba.schema
> core.ldif inetorgperson.schema
> nis.schema.default
> core.schema inetorgperson.schema.default
> openldap.ldif
> core.schema.default java.schema
> openldap.schema
> sauron#
> sauron# more base.ldif
> dn: dc=assesc,dc=edu,dc=br
> dc: ASSESC
> objectClass: top
> objectClass: domain
>
> dn: ou=People,dc=assesc,dc=edu,dc=br
> ou: People
> objectClass: top
> objectClass: organizationalUnit
>
> dn: ou=Group,dc=assesc,dc=edu,dc=br
> ou: Group
> objectClass: top
> objectClass: organizationalUnit
>
> dn: ou=Computers,dc=assesc,dc=edu,dc=br
> ou: Computers
> objectClass: top
> objectClass: organizationalUnit
>
> dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
> objectClass: posixGroup
> objectClass: top
> cn: wheel
> gidNumber: 0
> memberUid: root
> memberUid: miguel
>
> dn: cn=nogroup,ou=Group,dc=assesc,dc=edu,dc=br
> objectClass: posixGroup
> objectClass: top
> cn: nogroup
> gidNumber: 65533
>
> dn: cn=nobody,ou=Group,dc=assesc,dc=edu,dc=br
> objectClass: posixGroup
> objectClass: top
> cn: nobody
> gidNumber: 65534
>
> dn: uid=root,ou=People,dc=assesc,dc=edu,dc=br
> uid: root
> cn: Charlie &
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> loginShell: /bin/csh
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Charlie &
>
> dn: uid=nobody,ou=People,dc=assesc,dc=edu,dc=br
> uid: nobody
> cn: Unprivileged user
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> loginShell: /usr/sbin/nologin
> uidNumber: 65534
> gidNumber: 65534
> homeDirectory: /nonexistent
> gecos: Unprivileged user
>
> dn: uid=miguel,ou=People,dc=assesc,dc=edu,dc=br
> uid: miguel
> cn: Miguel Martins Jr
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> loginShell: /bin/csh
> uidNumber: 1001
> gidNumber: 0
> homeDirectory: /home/miguel
> gecos: Miguel Martins Jr
>
> dn: uid=sauron,ou=Computers,dc=assesc,dc=edu,dc=br
> uid: sauron
> cn: Servidor
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> loginShell: /usr/bin/nologin
> uidNumber: 200
> gidNumber: 200
> homeDirectory: noexistent
> gecos: Servidor
>
> dn: cn=NextFreeUnixId,dc=assesc,dc=edu,dc=br
> objectClass: inetOrgPerson
> objectClass: sambaUnixIdPool
> uidNumber: 1000
> gidNumber: 1000
> cn: NextFreeUnixId
> sn: NextFreeUnixId
>
> dn: zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: assesc.edu.br
> zoneName: assesc.edu.br
>
> dn: relativeDomainName=assesc.com.br,zoneName=assesc.com.br
> ,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: assesc.edu.br
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600 604800
> 86400
> NSRecord: ns1.assesc.edu.br.
> NSRecord: ns2.assesc.edu.br.
> ARecord: 192.168.3.254
> MXRecord: 10 mail.assesc.edu.br.
>
> dn: relativeDomainName=@,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: @
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600 604800
> 86400
> NSRecord: ns1.assesc.edu.br.
> NSRecord: ns2.assesc.edu.br.
> ARecord: 192.168.3.254
> MXRecord: 10 mail.assesc.edu.br.
>
> dn: relativeDomainName=ns1,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: ns1
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> ARecord: 192.168.3.254
>
> dn: relativeDomainName=ns2,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: ns2
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> ARecord: 200.135.16.114
>
> dn: relativeDomainName=mail,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: mail
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> ARecord: 192.168.3.254
>
> dn: relativeDomainName=sauron,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> objectClass: top
> objectClass: dNSZone
> relativeDomainName: sauron
> zoneName: assesc.edu.br
> dNSTTL: 3600
> dNSClass: IN
> ARecord: 192.168.3.254
>
>
>
> 2009/1/22 Flavio Junior <billpp em gmail.com>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> MIguel,
>>
>> Teu erro esta nas entradas de grupo, essa por exemplo:
>>
>> dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
>> objectClass: posixGroup
>> objectClass: top
>> cn: wheel
>> userPassword: {crypt}*
>> gidNumber: 0
>> memberUid: root
>> memberUid: miguel
>>
>> Pode ser a falta do schema "nis.schema" no teu ldap, pode ser por
>> causa do conteudo do userPassword...
>>
>> remove a linha userPassword e tenta de novo, mas antes confirma o
>> nis.schema no slapd.conf
>>
>> - --
>>
>> Flávio do Carmo Júnior aka waKKu
>>
>>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
Mais detalhes sobre a lista de discussão freebsd