On Apr 29, 2012, at 3:27 AM, stefano malini <lozingalo(a)gmail.com> wrote:
Hi,
other check:
using
sudo strace /usr/sbin/slapindex
i found the line:
open("/var/lib/ldap/DUMMY", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = -1
EACCES (Permission denied)
but in that directory there is not not "DUMMY"
What can i do? am blocked on this point
Thanks
Clearly the higher level directory permissions are wrong. Fix them.
--Quanah
On 04/29/2012 11:02 AM, Jonathan Clarke wrote:
> On 29 avr. 2012, at 10:27, stefano malini<lozingalo(a)gmail.com> wrote:
>
>> I used slapindex also, the output is:
>>
>> stefano@amahoro:~$ /usr/sbin/slapindex
>> /etc/ldap/slapd.conf: line 20: invalid path: Permission denied
>> slapindex: bad configuration file!
>
> Try running slapindex as the user "openldap". Also, make sure that you run
slapd as that user too.
>
> Jonathan
>
>> This is my slapd.conf
>>
>> #Basics
>> include /etc/ldap/schema/core.schema
>> include /etc/ldap/schema/cosine.schema
>> include /etc/ldap/schema/nis.schema
>> include /etc/ldap/schema/inetorgperson.schema
>> include /etc/ldap/schema/samba.schema
>>
>> pidfile /var/run/slapd/slapd.pid
>> argsfile /var/run/slapd/slapd.args
>> loglevel 256
>>
>> modulepath /usr/lib/ldap
>> moduleload back_hdb
>>
>> #Database configuration
>> database hdb
>> suffix "dc=amahoro,dc=bi"
>> rootdn "cn=Manager,dc=amahoro,dc=bi"
>> rootpw {SSHA}XBLZ+TknuZHW3dirN2SE2fj3mYka3tkG
>> directory /var/lib/ldap<----------------------------- LINE 20
>> index uid,uidNumber,gidNumber,memberUid eq
>> index cn,mail,surname,givenname eq,subinitial
>> index sambaSID eq
>> index sambaPrimaryGroupSID eq
>>
>>
>> #ACLs
>> access to attrs=userPassword
>> by anonymous auth
>> by self write
>> by * none
>>
>> access to *
>> by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read
>> by self write
>> by * none
>>
>>
>> These are the permissions of /var/lib/ldap/are
>>
>> drwxr-x--- 2 openldap openldap 4096 Apr 29 09:57 ldap
>>
>> -rw-r--r-- 1 openldap openldap 4096 Apr 29 09:57 alock
>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 cn.bdb
>> -rw------- 1 openldap openldap 24576 Apr 29 09:57 __db.001
>> -rw------- 1 openldap openldap 352256 Apr 29 09:57 __db.002
>> -rw------- 1 openldap openldap 2629632 Apr 29 09:57 __db.003
>> -rw------- 1 openldap openldap 163840 Apr 29 09:57 __db.004
>> -rw------- 1 openldap openldap 876544 Apr 29 09:57 __db.005
>> -rw------- 1 openldap openldap 32768 Apr 29 09:57 __db.006
>> -rw-r--r-- 1 openldap openldap 96 Apr 23 17:34 DB_CONFIG
>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 dn2id.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 gidNumber.bdb
>> -rw------- 1 openldap openldap 32768 Apr 28 14:23 id2entry.bdb
>> -rw------- 1 openldap openldap 10485760 Apr 29 09:57 log.0000000001
>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 mail.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 14:00 memberUid.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 11:52 objectClass.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 sambaSID.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 sn.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 12:18 uid.bdb
>> -rw------- 1 openldap openldap 8192 Apr 28 14:23 uidNumber.bdb
>>
>> Whato do you think?
>>
>> Thanks
>>
>>
>>
>>
>> On 04/28/2012 08:33 PM, stefano malini wrote:
>>> anyone?
>>>
>>> On 04/28/2012 11:30 AM, stefano malini wrote:
>>>> Hi,
>>>> i cannot end the populating process using smbldap-populate due to this
>>>> errors:
>>>>
>>>> root@amahoro:~# smbldap-populate
>>>> Populating LDAP directory for domain AMAHORO
>>>> (S-1-5-21-251852451-2940789264-3475694606)
>>>> (using builtin directory structure)
>>>>
>>>> entry dc=amahoro,dc=bi already exist.
>>>> entry ou=Users,dc=amahoro,dc=bi already exist.
>>>> entry ou=Groups,dc=amahoro,dc=bi already exist.
>>>> entry ou=Computers,dc=amahoro,dc=bi already exist.
>>>> entry ou=Idmap,dc=amahoro,dc=bi already exist.
>>>> adding new entry: uid=root,ou=Users,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 58.
>>>> adding new entry: uid=nobody,ou=Users,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 89.
>>>> adding new entry: cn=Domain Admins,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 101.
>>>> adding new entry: cn=Domain Users,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 112.
>>>> adding new entry: cn=Domain Guests,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 123.
>>>> adding new entry: cn=Domain Computers,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 134.
>>>> adding new entry: cn=Administrators,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 179.
>>>> adding new entry: cn=Account Operators,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 201.
>>>> adding new entry: cn=Print Operators,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 212.
>>>> adding new entry: cn=Backup Operators,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 223.
>>>> adding new entry: cn=Replicators,ou=Groups,dc=amahoro,dc=bi
>>>> failed to add entry: index generation failed at
>>>> /usr/sbin/smbldap-populate line 498,<GEN1> line 234.
>>>> entry sambaDomainName=AMAHORO,dc=amahoro,dc=bi already exist. Updating
>>>> it...
>>>>
>>>> Please provide a password for the domain root:
>>>> /usr/sbin/smbldap-passwd: user root doesn't exist
>>>>
>>>> i don't find the error "index generation failed" on
internet. Do you
>>>> know the problem?
>>>>
>>>> Thanks
>>
>