[FUG-BR] Problemas com a configuração do LDAP
Miguel Martins
migueljr01 em gmail.com
Quinta Janeiro 22 14:40:46 BRST 2009
sauron# ldapadd -x -D cn=root,dc=assesc,dc=edu,dc=br -W -f /root/base.ldif
Enter LDAP Password:
adding new entry "ou=People,dc=assesc,dc=edu,dc=br"
adding new entry "ou=Group,dc=assesc,dc=edu,dc=br"
ldapadd: attributeDescription "dn": (possible missing newline after line 4
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 11
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 16
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 21
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 32
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 43
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 54
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 65
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 72
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 77
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 89
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 101
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 109
of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
adding new entry "ou=Computers,dc=assesc,dc=edu,dc=br"
ldapadd: Invalid syntax (21)
additional info: objectClass: value #1 invalid per syntax
sauron#
2009/1/22 Flavio Junior <billpp em gmail.com>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Miguel,
>
> Continua o MESMO ERRO na MESMA LINHA ?
>
> Manda no e-mail sempre o comando e o erro, pra gente ter uma ideia do
> que ta fazendo.
>
> - --
>
> Flávio do Carmo Júnior aka waKKu
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: http://getfiregpg.org
>
> iEYEARECAAYFAkl4nwkACgkQgyuXjr6dykt9NACgk2XzRC7UQ82E9XCtPFw1KQGf
> V+kAn16gze1NMd+UkpUHJTI/ClCKLDUI
> =vm02
> -----END PGP SIGNATURE-----
>
> On Thu, Jan 22, 2009 at 2:21 PM, Miguel Martins <migueljr01 em gmail.com>
> wrote:
> > Verifiquei o NIS.SCHEMA esta lah retirei as linhas "userPassword:
> {crypt}*"
> > e continua...
> >
> >
> > sauron# cat /usr/local/etc/openldap/slapd.conf
> > include /usr/local/etc/openldap/schema/core.schema
> > include /usr/local/etc/openldap/schema/cosine.schema
> > include /usr/local/etc/openldap/schema/inetorgperson.schema
> > include /usr/local/etc/openldap/schema/nis.schema
> > include /usr/local/etc/openldap/schema/samba.schema
> > include /usr/local/etc/openldap/schema/bind.schema
> >
> > referral ldap://localhost
> >
> > # Load dynamic backend modules:
> > modulepath /usr/local/libexec/openldap
> > moduleload back_bdb
> > moduleload back_ldap
> >
> > pidfile /var/run/openldap/slapd.pid
> > argsfile /var/run/openldap/slapd.args
> >
> > # Banco de dados LDAP
> > database bdb
> > suffix "dc=assesc,dc=edu,dc=br"
> >
> > # Definimos a conta administradora como "root"
> > rootdn "cn=root,dc=assesc,dc=edu,dc=br"
> >
> > # A senha deve ser gerada com o slappaswd.
> >
> > ##Ex: # slappasswd
> > ## New password:
> > ## Re-enter new password:
> > ## {SSHA}e7C9/YlcGzCsk7gCkzVzhYFNB/4DzcGB
> >
> > rootpw {SSHA}kGX3aMbe9pQHzoGeYvOe0j4MNAln6OYQ
> >
> > # Caminho para a base de dados LDAP
> > directory /var/db/openldap-data
> >
> > password-hash {CRYPT}
> > password-crypt-salt-format "$1$.8s"
> >
> > #indices para otimizar acesso
> > index objectClass,uidNumber,gidNumber eq
> > index cn,sn,uid,displayName pres,sub,eq
> > index memberUid,mail,givenname eq
> > index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
> > index default sub
> >
> > # ACLs
> > access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> > by self write
> > by anonymous auth
> > by * none
> >
> > access to *
> > by * read
> >
> > sauron#
> > sauron# ls /usr/local/etc/openldap/schema/
> > README cosine.schema
> > java.schema.default openldap.schema.default
> > bind.schema cosine.schema.default
> > misc.schema ppolicy.schema
> > corba.schema dyngroup.schema
> > misc.schema.default ppolicy.schema.default
> > corba.schema.default dyngroup.schema.default
> > nis.schema samba.schema
> > core.ldif inetorgperson.schema
> > nis.schema.default
> > core.schema inetorgperson.schema.default
> > openldap.ldif
> > core.schema.default java.schema
> > openldap.schema
> > sauron#
> > sauron# more base.ldif
> > dn: dc=assesc,dc=edu,dc=br
> > dc: ASSESC
> > objectClass: top
> > objectClass: domain
> >
> > dn: ou=People,dc=assesc,dc=edu,dc=br
> > ou: People
> > objectClass: top
> > objectClass: organizationalUnit
> >
> > dn: ou=Group,dc=assesc,dc=edu,dc=br
> > ou: Group
> > objectClass: top
> > objectClass: organizationalUnit
> >
> > dn: ou=Computers,dc=assesc,dc=edu,dc=br
> > ou: Computers
> > objectClass: top
> > objectClass: organizationalUnit
> >
> > dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
> > objectClass: posixGroup
> > objectClass: top
> > cn: wheel
> > gidNumber: 0
> > memberUid: root
> > memberUid: miguel
> >
> > dn: cn=nogroup,ou=Group,dc=assesc,dc=edu,dc=br
> > objectClass: posixGroup
> > objectClass: top
> > cn: nogroup
> > gidNumber: 65533
> >
> > dn: cn=nobody,ou=Group,dc=assesc,dc=edu,dc=br
> > objectClass: posixGroup
> > objectClass: top
> > cn: nobody
> > gidNumber: 65534
> >
> > dn: uid=root,ou=People,dc=assesc,dc=edu,dc=br
> > uid: root
> > cn: Charlie &
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > loginShell: /bin/csh
> > uidNumber: 0
> > gidNumber: 0
> > homeDirectory: /root
> > gecos: Charlie &
> >
> > dn: uid=nobody,ou=People,dc=assesc,dc=edu,dc=br
> > uid: nobody
> > cn: Unprivileged user
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > loginShell: /usr/sbin/nologin
> > uidNumber: 65534
> > gidNumber: 65534
> > homeDirectory: /nonexistent
> > gecos: Unprivileged user
> >
> > dn: uid=miguel,ou=People,dc=assesc,dc=edu,dc=br
> > uid: miguel
> > cn: Miguel Martins Jr
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > loginShell: /bin/csh
> > uidNumber: 1001
> > gidNumber: 0
> > homeDirectory: /home/miguel
> > gecos: Miguel Martins Jr
> >
> > dn: uid=sauron,ou=Computers,dc=assesc,dc=edu,dc=br
> > uid: sauron
> > cn: Servidor
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > loginShell: /usr/bin/nologin
> > uidNumber: 200
> > gidNumber: 200
> > homeDirectory: noexistent
> > gecos: Servidor
> >
> > dn: cn=NextFreeUnixId,dc=assesc,dc=edu,dc=br
> > objectClass: inetOrgPerson
> > objectClass: sambaUnixIdPool
> > uidNumber: 1000
> > gidNumber: 1000
> > cn: NextFreeUnixId
> > sn: NextFreeUnixId
> >
> > dn: zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: assesc.edu.br
> > zoneName: assesc.edu.br
> >
> > dn: relativeDomainName=assesc.com.br,zoneName=assesc.com.br
> > ,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: assesc.edu.br
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600
> 604800
> > 86400
> > NSRecord: ns1.assesc.edu.br.
> > NSRecord: ns2.assesc.edu.br.
> > ARecord: 192.168.3.254
> > MXRecord: 10 mail.assesc.edu.br.
> >
> > dn: relativeDomainName=@,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: @
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600
> 604800
> > 86400
> > NSRecord: ns1.assesc.edu.br.
> > NSRecord: ns2.assesc.edu.br.
> > ARecord: 192.168.3.254
> > MXRecord: 10 mail.assesc.edu.br.
> >
> > dn: relativeDomainName=ns1,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: ns1
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > ARecord: 192.168.3.254
> >
> > dn: relativeDomainName=ns2,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: ns2
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > ARecord: 200.135.16.114
> >
> > dn: relativeDomainName=mail,zoneName=assesc.com.br
> ,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: mail
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > ARecord: 192.168.3.254
> >
> > dn: relativeDomainName=sauron,zoneName=assesc.com.br
> ,dc=assesc,dc=edu,dc=br
> > objectClass: top
> > objectClass: dNSZone
> > relativeDomainName: sauron
> > zoneName: assesc.edu.br
> > dNSTTL: 3600
> > dNSClass: IN
> > ARecord: 192.168.3.254
> >
> >
> >
> > 2009/1/22 Flavio Junior <billpp em gmail.com>
> >
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> MIguel,
> >>
> >> Teu erro esta nas entradas de grupo, essa por exemplo:
> >>
> >> dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
> >> objectClass: posixGroup
> >> objectClass: top
> >> cn: wheel
> >> userPassword: {crypt}*
> >> gidNumber: 0
> >> memberUid: root
> >> memberUid: miguel
> >>
> >> Pode ser a falta do schema "nis.schema" no teu ldap, pode ser por
> >> causa do conteudo do userPassword...
> >>
> >> remove a linha userPassword e tenta de novo, mas antes confirma o
> >> nis.schema no slapd.conf
> >>
> >> - --
> >>
> >> Flávio do Carmo Júnior aka waKKu
> >>
> >>
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
Mais detalhes sobre a lista de discussão freebsd