[Fedora-directory-users] help about RedHat Directory Server
by Linux Kid
I need help about how to users in Redhat Directory Server.
1. First to Add on a system with a command line [useradd] and then add in
RDS
2. First add in RDS and then with useradd because i am getting this error.
[root@station4 ~]# su - ali
id: cannot find name for group ID 501
[ali@station4 ~]$
where station4 is client , and home directory of RDS server is mounted here.
and that user is added in server.
So why i am getting this error, kindly waiting for a fast reply.
Regards
Linux Kid
17 years, 3 months
[Fedora-directory-users] RE: ds newbie question
by Jonathan Loh
Ok here we are, for folks who've just joined the fray:
I had a FC3 now updated to an FC6 box
PIII(800) 512Mb Memory 16gb (I was off by a factor of 10 when I initially
reported the problem) 2 to 3 users (this is a test machine)
Under FC3 no apparent errors. The admin server just wouldn't take my password.
Under FC6 it balks saying there is a lack of memory. The exact message is:
GC Warning: Out of Memory! Returning NIL!
OK. But according to the documentation this is enough memory for the system.
http://www.redhat.com/docs/manuals/dir-server/install/7.1/ch.prereq.prere...
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
17 years, 3 months
[Fedora-directory-users] Standalone Windows Console?
by Glenn
Netscape Directory had a standalone application that gave Windows users
access to the directory console. The 4.2 version of this app does not seem
to work with Red Hat Directory Server 7.1SP3, and I'm wondering if there is a
standalone console available that will. Thanks. -Glenn.
17 years, 3 months
[Fedora-directory-users] Fedora Directory Server as OS authentication
by Sigurður Bjarnason
Hi all
I have been testing the Fedora Directory server as central authentication for Redhat server environment, it works ok with the authentication but I need to know if there is any other way of managing users centrally and then with tool that can also manage access rights to the clients as well.
Or is there maybe a simple way of using FDS in co-op with access rights program like SUDO ..or other ?.. or is using FDS not the recommended way to go here ?
Please comment on this and give me suggestions I sure don't want to invent the wheel all over again!!
Regards
Siggi
17 years, 3 months
[Fedora-directory-users] make dies with NSS problems
by Eric A. Hall
Trying to build fds104 and NSS produces pages of errors. At the end of it
all is the following:
mod_nss.c:434: error: expected '{' at end of input
make[2]: *** [mod_nss.lo] Error 1
make[2]: Leaving directory
`/tmp/dsbuild-fds104/ds/mod_nss/work/mod_nss-1.0.5'
make[1]: *** [build-work/mod_nss-1.0.5/Makefile] Error 2
make[1]: Leaving directory `/tmp/dsbuild-fds104/ds/mod_nss'
make: *** [dep-../../ds/mod_nss] Error 2
Is this a known problem in the current release? Any workarounds?
Thanks
17 years, 3 months
[Fedora-directory-users] ACL migration from OpenLDAP to FDS
by Taymour A. El Erian
Hi,
We have OpenLDAP installation which runs Qmail, Horde/IMP, FreeRADIUS.
We are looking into moving to FDS and had converted the schemas and
populated the database with sample entries. The problem is I do not know
how to migrate the current ACLs in OpenLDAP configuration files (we use
OpenLDAP 2.0.x)
--
Taymour A El Erian
System Division Manager
RHCE, LPIC, CCNA, MCSE, CNA
TE Data
E-mail: taymour.elerian(a)tedata.net
Web: www.tedata.net
Tel: +(202)-3320700
Fax: +(202)-3320800
Ext: 1101
17 years, 3 months
Re: [Fedora-directory-users] can't lookup UNIX group Domain Admins
by listman
Craig White wrote ..
> On Fri, 2006-12-15 at 22:24 -0800, listman wrote:
> > >> On Fri, 2006-12-15 at 16:35 -0800, listman wrote:
> > >>> Can some one please point me in the right direction to fix this?
> I’ve
> > >>> searched samba group and the only thing I can find is something about
> > >>> having the right scripts but they don’t tell you where to
> get them or
> > >>> how
> > >>> to run them.
> > >>> Any help would be greatly appreciated.
> > >> ----
> > >> sounds like you are looking for smbldap-tools from idealx
> > >>
> > >> Perhaps you are using packaging from a distribution that offers these
> > >> tools or start here if that is indeed what you are looking for...
> > >>
> > >> http://sourceforge.net/projects/smbldap-tools
> > >>
> > >> Craig
> > >>
> > > Thanks Craig
> > > That does explain the scripts that I read about but it's not helping
> my
> > > problem any.
> > > I'm going through the samba doc on the FDS site and keep running into
> > > problems here and no one seems to know the answer. I have installed
> > > everything I need, configurd samba, ldap, bind, and everything else
> > > refrenced from the FDS site. I'm missing something thats isn't covered
> on
> > > the site but I dont know enough to figure out what it is. Heres my
> > > smb.conf file if that helps any..
> > >
> > > [global]
> > > workgroup = DEPFYFFER
> > > security = user
> > > passdb backend = ldapsam:ldap://depfyffer.com
> > > ldap admin dn = cn=Directory Manager
> > > ldap suffix = dc=depfyffer,dc=com
> > > ldap user suffix = ou=People
> > > ldap machine suffix = ou=Computers
> > > ldap group suffix = ou=Groups
> > >
> > > add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
> > > add user script = /usr/local/sbin/smbldap-useradd -m "%u"
> > > ldap delete dn = Yes
> > > #delete user script = /usr/local/sbin/smbldap-userdel "%u"
> > > add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> > > #delete group script = /usr/local/sbin/smbldap-groupdel "%g"
> > > add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
> "%g"
> > > delete user from group script = /usr/local/sbin/smbldap-groupmod -x
> "%u"
> > > "%g"
> > > set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
> "%u"
> > > add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
> > >
> > > log file = /var/log/%m.log
> > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > >
> > > os level = 33
> > > domain logons = yes
> > > domain master = yes
> > > local master = yes
> > > preferred master = yes
> > >
> > > wins support = yes
> > >
> > > logon home = \\%L\%u\profiles
> > > logon path = \\%L\profiles\%u
> > > logon drive = H:
> > >
> > > template shell = /bin/false
> > > winbind use default domain = no
> > >
> > > [netlogon]
> > > path = /var/lib/samba/netlogon
> > > read only = yes
> > > browsable = no
> > >
> > > [profiles]
> > > path = /var/lib/samba/profiles
> > > read only = no
> > > create mask = 0600
> > > directory mask = 0700
> > >
> > > [homes]
> > > browsable = no
> > > writable = yes
> > >
> >
> > This may help also??
> >
> > [root@depfyffer log]# smbpasswd -D 10 -a -m
> > Netbios name list:-
> > my_netbios_names[0]="DEPFYFFER"
> > Attempting to register passdb backend ldapsam
> > Successfully added passdb backend 'ldapsam'
> > Attempting to register passdb backend ldapsam_compat
> > Successfully added passdb backend 'ldapsam_compat'
> > Attempting to register passdb backend NDS_ldapsam
> > Successfully added passdb backend 'NDS_ldapsam'
> > Attempting to register passdb backend NDS_ldapsam_compat
> > Successfully added passdb backend 'NDS_ldapsam_compat'
> > Attempting to register passdb backend smbpasswd
> > Successfully added passdb backend 'smbpasswd'
> > Attempting to register passdb backend tdbsam
> > Successfully added passdb backend 'tdbsam'
> > Attempting to find an passdb backend to match ldapsam:ldap://depfyffer.com
> > (ldapsam)
> > Found pdb backend ldapsam
> > smbldap_search_domain_info: Searching
> > for:[(&(objectClass=sambaDomain)(sambaDomainName=DEPFYFFER))]
> > smbldap_search_ext: base => [dc=depfyffer,dc=com], filter =>
> > [(&(objectClass=sambaDomain)(sambaDomainName=DEPFYFFER))], scope => [2]
> > The connection to the LDAP server was closed
> > smb_ldap_setup_connection: ldap://depfyffer.com
> > smbldap_open_connection: connection opened
> > ldap_connect_system: Binding to ldap server ldap://depfyffer.com as
> > "cn=Directory Manager"
> > ldap_connect_system: succesful connection to the LDAP server
> > ldap_connect_system: LDAP server does not support paged results
> > The LDAP server is succesfully connected
> > smbldap_get_single_attribute: [sambaAlgorithmicRidBase] = [<does not
> exist>]
> > pdb backend ldapsam:ldap://depfyffer.com has a valid init
> > smbldap_search_ext: base => [dc=depfyffer,dc=com], filter =>
> > [(&(uid=root$)(objectclass=sambaSamAccount))], scope => [2]
> > ldapsam_getsampwnam: Unable to locate user [root$] count=0
> > Failed to modify password entry for user root$
> ----
> assuming that you have installed smbldap-tools installed and configured
> properly (assuming facts not in evidence from the above), you would need
> to run smblpdap_populate which will automatically populate your LDAP
> with the needed configuration entries for Samba to work properly.
>
> Official Samba documentation lists the idealx tools (smbldap-tools)
> information here...
> http://samba.org/samba/docs/man/Samba-Guide/happy.html#sbeidealx
>
> and consider this section on making happy users...
> http://samba.org/samba/docs/man/Samba-Guide/happy.html#id2574922
>
> Craig
Thanks again Craig,
It looks like I'm going to have to start fresh and just try the idealx route. Maybe I can learn enough about samba and ldap that route then move on to FDS after that. FDS seems a little too much for me, I think my biggest downfall is never being exposed to ldap, I've used samba quit a bit but never in this extent.
Thanks again for all the pointers.. see ya next time.
17 years, 3 months
[Fedora-directory-users] can't lookup UNIX group Domain Admins
by listman
Can some one please point me in the right direction to fix this? Ive
searched samba group and the only thing I can find is something about
having the right scripts but they dont tell you where to get them or how
to run them.
Any help would be greatly appreciated.
17 years, 3 months
[Fedora-directory-users] Re: Fedora-directory-users Digest, Vol 19, Issue 17
by Jonathan Loh
Richard wrote:
>Please post your admin server access and error log files, and the output
>of startconsole -D
Did you want the whole access log? pretty big.
727 lines in ~40 mins.
Though now I'm noticing a bunch of lines with err=32. Here's a snippet:
> [15/Dec/2006:10:39:59 -0800] conn=0 op=15 SRCH base="o=NetscapeRoot" scope=0
filter="(objectClass=*)" attrs=ALL
> [15/Dec/2006:10:39:59 -0800] conn=0 op=14 RESULT err=0 tag=103 nentries=0
etime=0
> [15/Dec/2006:10:39:59 -0800] conn=0 op=15 RESULT err=32 tag=101 nentries=0
etime=0
> [15/Dec/2006:10:39:59 -0800] conn=0 op=16 ADD dn="o=NetscapeRoot"
> [15/Dec/2006:10:39:59 -0800] conn=0 op=16 RESULT err=0 tag=105 nentries=0
etime=0
Here's my errors file:
> Fedora-Directory/1.0.4 B2006.312.435
> alphascorp.lchq.us:389 (/opt/fedora-ds/slapd-alphascorp)
> [15/Dec/2006:10:39:57 -0800] - Fedora-Directory/1.0.4 B2006.312.435 starting
up
> [15/Dec/2006:10:39:58 -0800] - slapd started. Listening on All Interfaces
port 389 for LDAP requests
Thats is it, nothing much.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
17 years, 3 months