[FUG-BR] Erro na inicialização do ldap
ThOLOko
tholoko em gmail.com
Terça Junho 17 16:05:41 BRT 2008
mude para:
/etc/nsswitch.conf
#group: compat
group: files ldap winbind
group_compat: nis
hosts: files dns
networks: files
#passwd: compat
passwd: files ldap winbind
shadow: files ldap winbind
passwd_compat: nis
shells: files
Não sei, mas depois de uma certa versao do samba precisa por o winbind para
"conversar" com o ldap + samba.
Abraços!
2008/6/17 Jose Raimundo da S. Barbosa <jose.barbosa em cpaa.embrapa.br>:
> Oi..
>
> esta assim..
>
> /etc/nsswitch.conf
> #group: compat
> group: files ldap
> group_compat: nis
> hosts: files dns
> networks: files
> #passwd: compat
> passwd: files ldap
> passwd_compat: nis
> shells: files
>
> > Como está o seu /etc/nsswitch.conf ?
> >
> >
> >
> > On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa <
> > jose.barbosa em cpaa.embrapa.br> wrote:
> >
> >> ola colegas, acabei de instalar e configurar um servidor LDAP. Parece
> >> que
> >> tudo ta funcionando legal: construi a base LDAP, importei minha base de
> >> usuário para dentro dele, estou consultando a base, etc. Mas agora vou
> >> partir para a integracao com o SAMBA, postfix, etc. Só que consultando
> >> meu
> >> /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP:
> >>
> >> Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP
> >> server - Server is unavailable
> >> Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing
> >> Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism
> >> available
> >>
> >> fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e
> >> startei
> >> novamente...reparei que a partir de entao ele leva uns 30 segundos para
> >> entrar no ar...dai visualizei novamente o log messages e a mensagem
> >> acima
> >> consta no arquivo.
> >>
> >> Alguma idéia?
> >>
> >> Acabei de instalar o FreeBSD 7.0
> >>
> >> nss_ldap.conf
> >> --------------
> >> @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $
> >> #
> >> # This is the configuration file for the LDAP nameservice
> >> # switch library and the LDAP PAM module.
> >> #
> >> # PADL Software
> >> # http://www.padl.com
> >> #
> >>
> >> host 127.0.0.1
> >> base dc=cpaa,dc=embrapa,dc=br
> >> uri ldap://cegonha.cpaa.embrapa.br/
> >> ldap_version 3
> >>
> >>
> >> slapd.conf
> >> ------------
> >> #
> >> # See slapd.conf(5) for details on configuration options.
> >> # This file should NOT be world readable.
> >> #
> >> include /usr/local/etc/openldap/schema/core.schema
> >> include /usr/local/etc/openldap/schema/cosine.schema
> >> include /usr/local/etc/openldap/schema/nis.schema
> >> include /usr/local/etc/openldap/schema/inetorgperson.schema
> >> include /usr/local/etc/openldap/schema/qmail.schema
> >> include /usr/local/etc/openldap/schema/samba.schema
> >>
> >> # Ativando suporte a TLS
> >> TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem
> >> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem
> >> TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem
> >> #TLSCipherSuite HIGH:MEDIUM:+SSLv2
> >>
> >> # Define global ACLs to disable default read access.
> >>
> >> # Do not enable referrals until AFTER you have a working directory
> >> # service AND an understanding of referrals.
> >> #referral ldap://root.openldap.org
> >>
> >> pidfile /var/run/openldap/slapd.pid
> >> argsfile /var/run/openldap/slapd.args
> >>
> >> # Load dynamic backend modules:
> >> modulepath /usr/local/libexec/openldap
> >> moduleload back_bdb
> >> # moduleload back_ldap
> >> # moduleload back_ldbm
> >> # moduleload back_passwd
> >> # moduleload back_shell
> >>
> >> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> >> by dn="cn=root,dc=embrapa,dc=br" write
> >> by anonymous auth
> >> by self write
> >> by * none
> >>
> >> access to attrs=uidNumber,gidNumber
> >> by dn="cn=root,dc=embrapa,dc=br" write
> >> by * read
> >>
> >> access to *
> >> by dn="cn=root,dc=embrapa,dc=br" write
> >> by self write
> >> by * read
> >>
> >> database bdb
> >> suffix "dc=embrapa,dc=br"
> >> rootdn "cn=root,dc=embrapa,dc=br"
> >>
> >> rootpw secret
> >> # The database directory MUST exist prior to running slapd AND
> >> # should only be accessible by the slapd and slap tools.
> >> # Mode 700 recommended.
> >> directory /var/db/openldap-data
> >> # Indices to maintain
> >> index objectClass eq
> >> index uid pres,eq,sub
> >> index gidNumber eq
> >> index uidNumber eq
> >> index cn pres,eq,sub
> >> index memberuid pres,eq,sub
> >> index mail pres,eq,sub
> >> index mailAlternateAddress pres,eq,sub
> >> index sn pres,eq,sub
> >> #index displayName pres,eq,sub
> >> #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
> >> #index default sub
> >>
> >>
> >>
> >> -------------------------
> >> Histórico: http://www.fug.com.br/historico/html/freebsd/
> >> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >>
> >
> >
> >
> > --
> > ThOLOko
> > ThOmaz BeLgine
> > email: tholoko em gmail.com
> > msn: tholoko em hotmail.com
> > -FrEEBSD-
> > UniX TeaM
> > BeFree => BeFreeBSD
> > http://www.itexplorer.com.br
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >
>
>
> --
> José Raimundo da S. Barbosa
> Embrapa Amazonia Ocidental
> Setor de Informação
> Fone: (92) 3621-0350)
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
--
ThOLOko
ThOmaz BeLgine
email: tholoko em gmail.com
msn: tholoko em hotmail.com
-FrEEBSD-
UniX TeaM
BeFree => BeFreeBSD
http://www.itexplorer.com.br
Mais detalhes sobre a lista de discussão freebsd