Ubuntu
ubuntu-docs package

Samba and LDAP walk-through bugs

Bug #704433 reported by Karl Kuehn
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Server Guide
Expired
Undecided
Unassigned
ubuntu-docs (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: ubuntu-docs

Ubuntu Server 10.04 LTS 32-bit
Samba 3.4.7
OpenLDAP 2.4.21

I've been working through the Samba and LDAP documentation, setting up a new server from scratch, and I'm currently on my fifth attempt. I'm not sure if I'm missing something at the core level or not, but I figured I'd at least chime in. In finding the fixes for these issues, I've come across a multitude of forum posts and google hits regarding the same problems.

So far, here are the consistent bugs that I've encountered(the solution on #1 isn't mine, but I've pasted it in, anyways. #2 was pretty obvious to me):

1) [ldap_bind: Invalid credentials (49)] - After much googling and frustration, I found ONE guy who was able to figure out how to get past this, based on a howtoforge tutorial listed in his post. The problem has to do with the cleartext password in the config file.

The solution was found here:

http://ubuntuforums.org/showthread.php?t=1515119

In a nutshell, the admin password needs to be converted to MD5 and readded.

run slappasswd -h {MD5}
copy that into the following config file and run ldapadd on the file:

dn: cn=config
changetype: modify

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=admin,cn=config

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {MD5}your password here

dn: olcDatabase={0}config,cn=config
changetype: modify
delete: olcAccess

2) [INDEX ALREADY EXISTS] - For the samba setup, the walkthough at https://help.ubuntu.com/10.04/serverguide/C/samba-ldap.html seems pretty good, aside from the following:
    * The step adding the samba indexes to the ldap db using ldapmodify from the copied-in samba_indexes.ldif file fails because there's already an index for 'uidNumber'. To fix this issue, just remove the line in samba_indexes.ldif that adds the uidNumber eq index and run the ldapmodify command again. Make sure to use ldapsearch to verify that the indexes got added. (ldapsearch -xLLL -D cn=admin,cn=config -x -b cn=config -W olcDatabase={1}hdb)

Thanks, keep up the great work!

Karl

Tags: serverguide
Connor Imes (ckimes)
tags: added: serverguide
Revision history for this message
Connor Imes (ckimes) wrote :

The Ubuntu Documentation team has moved the serverguide out of the ubuntu-docs source, it is now under the serverguide project. Moving this bug accordingly.

Changed in ubuntu-docs (Ubuntu):
status: New → Invalid
Revision history for this message
Connor Imes (ckimes) wrote :

Thanks for your bug report. These docs have undergone some review and rework in 11.10. It looks like the second point you made has been cleared up. The server team did not change anything in the docs relating to converting passwords to md5 (probably shouldn't be needed if you're using smbpasswd). Can you please let us know if this is still causing problems for you? Thanks in advance.

Changed in serverguide:
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for Ubuntu Server Guide because there has been no activity for 60 days.]

Changed in serverguide:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.