[FUG-BR] Problemas com a configuração do LDAP
Miguel Martins
migueljr01 em gmail.com
Quinta Janeiro 22 14:58:26 BRST 2009
Descobri....
São os espaços após as instruções.....
2009/1/22 Miguel Martins <migueljr01 em gmail.com>
> sauron# ldapadd -x -D cn=root,dc=assesc,dc=edu,dc=br -W -f /root/base.ldif
> Enter LDAP Password:
> adding new entry "ou=People,dc=assesc,dc=edu,dc=br"
>
> adding new entry "ou=Group,dc=assesc,dc=edu,dc=br"
>
> ldapadd: attributeDescription "dn": (possible missing newline after line 4
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 11
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 16
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 21
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 32
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 43
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 54
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 65
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 72
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 77
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line 89
> of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line
> 101 of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> ldapadd: attributeDescription "dn": (possible missing newline after line
> 109 of entry "ou=Computers,dc=assesc,dc=edu,dc=br"?)
> adding new entry "ou=Computers,dc=assesc,dc=edu,dc=br"
> ldapadd: Invalid syntax (21)
> additional info: objectClass: value #1 invalid per syntax
>
> sauron#
>
>
>
> 2009/1/22 Flavio Junior <billpp em gmail.com>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Miguel,
>>
>> Continua o MESMO ERRO na MESMA LINHA ?
>>
>> Manda no e-mail sempre o comando e o erro, pra gente ter uma ideia do
>> que ta fazendo.
>>
>> - --
>>
>> Flávio do Carmo Júnior aka waKKu
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (MingW32)
>> Comment: http://getfiregpg.org
>>
>> iEYEARECAAYFAkl4nwkACgkQgyuXjr6dykt9NACgk2XzRC7UQ82E9XCtPFw1KQGf
>> V+kAn16gze1NMd+UkpUHJTI/ClCKLDUI
>> =vm02
>> -----END PGP SIGNATURE-----
>>
>> On Thu, Jan 22, 2009 at 2:21 PM, Miguel Martins <migueljr01 em gmail.com>
>> wrote:
>> > Verifiquei o NIS.SCHEMA esta lah retirei as linhas "userPassword:
>> {crypt}*"
>> > e continua...
>> >
>> >
>> > sauron# cat /usr/local/etc/openldap/slapd.conf
>> > include /usr/local/etc/openldap/schema/core.schema
>> > include /usr/local/etc/openldap/schema/cosine.schema
>> > include /usr/local/etc/openldap/schema/inetorgperson.schema
>> > include /usr/local/etc/openldap/schema/nis.schema
>> > include /usr/local/etc/openldap/schema/samba.schema
>> > include /usr/local/etc/openldap/schema/bind.schema
>> >
>> > referral ldap://localhost
>> >
>> > # Load dynamic backend modules:
>> > modulepath /usr/local/libexec/openldap
>> > moduleload back_bdb
>> > moduleload back_ldap
>> >
>> > pidfile /var/run/openldap/slapd.pid
>> > argsfile /var/run/openldap/slapd.args
>> >
>> > # Banco de dados LDAP
>> > database bdb
>> > suffix "dc=assesc,dc=edu,dc=br"
>> >
>> > # Definimos a conta administradora como "root"
>> > rootdn "cn=root,dc=assesc,dc=edu,dc=br"
>> >
>> > # A senha deve ser gerada com o slappaswd.
>> >
>> > ##Ex: # slappasswd
>> > ## New password:
>> > ## Re-enter new password:
>> > ## {SSHA}e7C9/YlcGzCsk7gCkzVzhYFNB/4DzcGB
>> >
>> > rootpw {SSHA}kGX3aMbe9pQHzoGeYvOe0j4MNAln6OYQ
>> >
>> > # Caminho para a base de dados LDAP
>> > directory /var/db/openldap-data
>> >
>> > password-hash {CRYPT}
>> > password-crypt-salt-format "$1$.8s"
>> >
>> > #indices para otimizar acesso
>> > index objectClass,uidNumber,gidNumber eq
>> > index cn,sn,uid,displayName pres,sub,eq
>> > index memberUid,mail,givenname eq
>> > index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
>> > index default sub
>> >
>> > # ACLs
>> > access to attrs=userPassword,sambaLMPassword,sambaNTPassword
>> > by self write
>> > by anonymous auth
>> > by * none
>> >
>> > access to *
>> > by * read
>> >
>> > sauron#
>> > sauron# ls /usr/local/etc/openldap/schema/
>> > README cosine.schema
>> > java.schema.default openldap.schema.default
>> > bind.schema cosine.schema.default
>> > misc.schema ppolicy.schema
>> > corba.schema dyngroup.schema
>> > misc.schema.default ppolicy.schema.default
>> > corba.schema.default dyngroup.schema.default
>> > nis.schema samba.schema
>> > core.ldif inetorgperson.schema
>> > nis.schema.default
>> > core.schema inetorgperson.schema.default
>> > openldap.ldif
>> > core.schema.default java.schema
>> > openldap.schema
>> > sauron#
>> > sauron# more base.ldif
>> > dn: dc=assesc,dc=edu,dc=br
>> > dc: ASSESC
>> > objectClass: top
>> > objectClass: domain
>> >
>> > dn: ou=People,dc=assesc,dc=edu,dc=br
>> > ou: People
>> > objectClass: top
>> > objectClass: organizationalUnit
>> >
>> > dn: ou=Group,dc=assesc,dc=edu,dc=br
>> > ou: Group
>> > objectClass: top
>> > objectClass: organizationalUnit
>> >
>> > dn: ou=Computers,dc=assesc,dc=edu,dc=br
>> > ou: Computers
>> > objectClass: top
>> > objectClass: organizationalUnit
>> >
>> > dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
>> > objectClass: posixGroup
>> > objectClass: top
>> > cn: wheel
>> > gidNumber: 0
>> > memberUid: root
>> > memberUid: miguel
>> >
>> > dn: cn=nogroup,ou=Group,dc=assesc,dc=edu,dc=br
>> > objectClass: posixGroup
>> > objectClass: top
>> > cn: nogroup
>> > gidNumber: 65533
>> >
>> > dn: cn=nobody,ou=Group,dc=assesc,dc=edu,dc=br
>> > objectClass: posixGroup
>> > objectClass: top
>> > cn: nobody
>> > gidNumber: 65534
>> >
>> > dn: uid=root,ou=People,dc=assesc,dc=edu,dc=br
>> > uid: root
>> > cn: Charlie &
>> > objectClass: account
>> > objectClass: posixAccount
>> > objectClass: top
>> > loginShell: /bin/csh
>> > uidNumber: 0
>> > gidNumber: 0
>> > homeDirectory: /root
>> > gecos: Charlie &
>> >
>> > dn: uid=nobody,ou=People,dc=assesc,dc=edu,dc=br
>> > uid: nobody
>> > cn: Unprivileged user
>> > objectClass: account
>> > objectClass: posixAccount
>> > objectClass: top
>> > loginShell: /usr/sbin/nologin
>> > uidNumber: 65534
>> > gidNumber: 65534
>> > homeDirectory: /nonexistent
>> > gecos: Unprivileged user
>> >
>> > dn: uid=miguel,ou=People,dc=assesc,dc=edu,dc=br
>> > uid: miguel
>> > cn: Miguel Martins Jr
>> > objectClass: account
>> > objectClass: posixAccount
>> > objectClass: top
>> > loginShell: /bin/csh
>> > uidNumber: 1001
>> > gidNumber: 0
>> > homeDirectory: /home/miguel
>> > gecos: Miguel Martins Jr
>> >
>> > dn: uid=sauron,ou=Computers,dc=assesc,dc=edu,dc=br
>> > uid: sauron
>> > cn: Servidor
>> > objectClass: account
>> > objectClass: posixAccount
>> > objectClass: top
>> > loginShell: /usr/bin/nologin
>> > uidNumber: 200
>> > gidNumber: 200
>> > homeDirectory: noexistent
>> > gecos: Servidor
>> >
>> > dn: cn=NextFreeUnixId,dc=assesc,dc=edu,dc=br
>> > objectClass: inetOrgPerson
>> > objectClass: sambaUnixIdPool
>> > uidNumber: 1000
>> > gidNumber: 1000
>> > cn: NextFreeUnixId
>> > sn: NextFreeUnixId
>> >
>> > dn: zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: assesc.edu.br
>> > zoneName: assesc.edu.br
>> >
>> > dn: relativeDomainName=assesc.com.br,zoneName=assesc.com.br
>> > ,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: assesc.edu.br
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600
>> 604800
>> > 86400
>> > NSRecord: ns1.assesc.edu.br.
>> > NSRecord: ns2.assesc.edu.br.
>> > ARecord: 192.168.3.254
>> > MXRecord: 10 mail.assesc.edu.br.
>> >
>> > dn: relativeDomainName=@,zoneName=assesc.com.br,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: @
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > SOARecord: ns1.assesc.edu.br. hostmaster.assesc.edu.br. 1 10800 3600
>> 604800
>> > 86400
>> > NSRecord: ns1.assesc.edu.br.
>> > NSRecord: ns2.assesc.edu.br.
>> > ARecord: 192.168.3.254
>> > MXRecord: 10 mail.assesc.edu.br.
>> >
>> > dn: relativeDomainName=ns1,zoneName=assesc.com.br
>> ,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: ns1
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > ARecord: 192.168.3.254
>> >
>> > dn: relativeDomainName=ns2,zoneName=assesc.com.br
>> ,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: ns2
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > ARecord: 200.135.16.114
>> >
>> > dn: relativeDomainName=mail,zoneName=assesc.com.br
>> ,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: mail
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > ARecord: 192.168.3.254
>> >
>> > dn: relativeDomainName=sauron,zoneName=assesc.com.br
>> ,dc=assesc,dc=edu,dc=br
>> > objectClass: top
>> > objectClass: dNSZone
>> > relativeDomainName: sauron
>> > zoneName: assesc.edu.br
>> > dNSTTL: 3600
>> > dNSClass: IN
>> > ARecord: 192.168.3.254
>> >
>> >
>> >
>> > 2009/1/22 Flavio Junior <billpp em gmail.com>
>> >
>> >> -----BEGIN PGP SIGNED MESSAGE-----
>> >> Hash: SHA1
>> >>
>> >> MIguel,
>> >>
>> >> Teu erro esta nas entradas de grupo, essa por exemplo:
>> >>
>> >> dn: cn=wheel,ou=Group,dc=assesc,dc=edu,dc=br
>> >> objectClass: posixGroup
>> >> objectClass: top
>> >> cn: wheel
>> >> userPassword: {crypt}*
>> >> gidNumber: 0
>> >> memberUid: root
>> >> memberUid: miguel
>> >>
>> >> Pode ser a falta do schema "nis.schema" no teu ldap, pode ser por
>> >> causa do conteudo do userPassword...
>> >>
>> >> remove a linha userPassword e tenta de novo, mas antes confirma o
>> >> nis.schema no slapd.conf
>> >>
>> >> - --
>> >>
>> >> Flávio do Carmo Júnior aka waKKu
>> >>
>> >>
>> > -------------------------
>> > Histórico: http://www.fug.com.br/historico/html/freebsd/
>> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>> >
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>
>
Mais detalhes sobre a lista de discussão freebsd