First of all. Thanks for the response.
I'm totally new to LDAP (so, excuse me if I ask for nonsenses) and, to
be honest, I don't know which method uses my distro (Debian 6) for
configuration. On every documentation I see, they use
/etc/slapd/slapd.conf, but in my case that file doesn't exist.
Therefore, I'm using /usr/share/slapd/slapd.conf (The only slapd.conf I find).
However, this is the /etc/ldap structure, so, it might be
/etc/ldap/slapd.d method:
├── ldap.conf
├── sasl2
├── schema
│ ├── collective.schema
│ ├── corba.schema
│ ├── core.ldif
│ ├── core.schema
│ ├── cosine.ldif
│ ├── cosine.schema
│ ├── duaconf.schema
│ ├── dyngroup.schema
│ ├── inetorgperson.ldif
│ ├── inetorgperson.schema
│ ├── java.schema
│ ├── misc.schema
│ ├── nis.ldif
│ ├── nis.schema
│ ├── openldap.ldif
│ ├── openldap.schema
│ ├── pmi.schema
│ ├── ppolicy.schema
│ └── README
└── slapd.d
├── cn=config
│ ├── cn=module{0}.ldif
│ ├── cn=schema
│ │ ├── cn={0}core.ldif
│ │ ├── cn={1}cosine.ldif
│ │ ├── cn={2}nis.ldif
│ │ └── cn={3}inetorgperson.ldif
│ ├── cn=schema.ldif
│ ├── olcBackend={0}hdb.ldif
│ ├── olcDatabase={0}config.ldif
│ ├── olcDatabase={-1}frontend.ldif
│ └── olcDatabase={1}hdb.ldif
└── cn=config.ldif
2012/1/3, Buchan Milne <bgmilne(a)staff.telkomsa.net>:
On Monday, 2 January 2012 12:23:57 Adrián Arévalo Tirado wrote:
> OpenLDAP version: 2.4.23-7.2
> Samba Version: 2:3.5.6
> Operating System Debian 6.0 "Squeeze"
>
> Hello everybody.
>
> I'm trying to install a Samba + LDAP PDC but when I try to create the
> database with smbldap-populate I get this error:
>
> ---------------------------------------------------------------------------
> -----
>
> Populating LDAP directory for domain empresa
> (S-1-5-21-802753395-3202467916-1484007712)
> (using builtin directory structure)
>
> entry dc=empresa,dc=com already exist.
> entry ou=Users,dc=empresa,dc=com already exist.
> entry ou=Groups,dc=empresa,dc=com already exist.
> entry ou=Computers,dc=empresa,dc=com already exist.
> entry ou=Idmap,dc=empresa,dc=com already exist.
> adding new entry: uid=root,ou=Users,dc=empresa,dc=com
> failed to add entry: objectClass: value #4 invalid per syntax at
> /usr/sbin/smbldap-populate line 498, <GEN1> line 58.
Around line 199 of my version of smbldap-populate (which may be different),
I
have stuff like this:
$entries.="\ndn: uid=$adminName,$config{usersdn}
cn: $adminName
sn: $adminName
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
objectClass: shadowAccount
[...]
Value 4 would be:
objectClass: sambaSAMAccount
> adding new entry: cn=Domain Admins,ou=Groups,dc=empresa,dc=com
> failed to add entry: objectClass: value #2 invalid per syntax at
> /usr/sbin/smbldap-populate line 498, <GEN1> line 101.
And at line 287 I have:
dn: cn=Domain Admins,$config{groupsdn}
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: Domain Admins
Value 2 would be:
objectClass: sambaGroupMapping
So, this really looks like a very basic error, either in whatever
documentation you are following, or your following of it. You cannot store
Samba users in LDAP without having loaded the samba schema.
> Please provide a password for the domain root:
> /usr/sbin/smbldap-passwd: user root doesn't exist
>
> ---------------------------------------------------------------------------
> ------- In the log file I get this other error:
> ---------------------------------------------------------------------------
> -------
>
> slapd[1369]: conn=1005 op=28 do_search: invalid dn:
> "sambaDomainName=empresa,dc=empresa,dc=com"
>
> slapd[1369]: conn=1005 op=29 do_add: invalid dn
> (sambaDomainName=empresa,dc=empresa,dc=com)
>
> ---------------------------------------------------------------------------
This is a better hint ...
> ------- I included in slapd.conf the samba.schema.
Does your system use slapd.conf for configuration, or the back-config /
cn=config / /etc/ldap/slapd.d method?
Because, your LDAP server definitely doesn't have the schema definitions it
should have. You could of course verify that yourself by searching under
cn=Subschema ...
> Any ideas? I've been looking for any solution for 4 days and nobody seems
> to know anything.
Well, it shouldn't have been too difficult to:
1)Find what data it is trying to add
2)Checking that you have the relevant schema to support the use of the
attributes, and objectclass values, that are failing.
Regards,
Buchan