Re: Error adding users in Gosa (wheezy-test 130817)

To: debian-edu@lists.debian.org
Subject: Re: Error adding users in Gosa (wheezy-test 130817)
From: Giorgio Pioda <gfwp@ticino.com>
Date: Tue, 20 Aug 2013 07:30:49 +0200
Message-id: <[🔎] 20130820053049.GA3417@macchianera.pioderia.lan>
In-reply-to: <[🔎] 20130820052216.GP1809@ulrik.uio.no>
References: <[🔎] E1VAzpJ-0000Ho-2r@microbel.pvv.ntnu.no> <[🔎] 20130818125135.GG1809@ulrik.uio.no> <[🔎] 20130819134035.GA4079@schweer-online.local> <[🔎] 20130820052216.GP1809@ulrik.uio.no>

On Tue, Aug 20, 2013 at 07:22:16AM +0200, Petter Reinholdtsen wrote:
> [Wolfgang Schweer]
> > Setting up LDAP from scratch (as outlined in
> > ldap-debian-edu-install) on a beta0 based installation, the first
> > user isn't able to set a user's password if the changes (ldapi
> > instead of ldap, ssl usage commented out) to ldap-debian-edu-install
> > are applied. Reverting the changes and starting once again from
> > scratch, a working system is set up again.
> 
> I believe I found the problem, and just uploaded a fix to wheezy-test.
> 
> I believe the problem was that the fix ldap->ldapi in
> /etc/samba/smb-debian-edu-ldapbootstrap.conf got the net command
> working and samba generating SIDs which was stored in LDAP, as
> intended in the code.  Just as Mike hoped.  But then the temp config
> was removed, connection to LDAP was cut (by removing the secrets.tdb
> file and a new SID generated and stored in our LDAP objects (and not
> the one generated by samba initially).  This SID did not match the
> initial SID stored in LDAP, and confused gosa and samba a lot.
> 
> Check out wheezy-test, and see if it solve the problem for you.
> 
> This was the change I did:
> 
> Index: ldap-tools/ldap-debian-edu-install
> ===================================================================
> --- ldap-tools/ldap-debian-edu-install  (revision 82147)
> +++ ldap-tools/ldap-debian-edu-install  (revision 82148)
> @@ -454,6 +454,9 @@
>      # and generate a sambaSID for <DOMAIN>.
>      net -s /etc/samba/smb-debian-edu-ldapbootstrap.conf getlocalsid &> /dev/null
>  
> +    echo "info: Fetching SMB domain SID."
> +    SAMBASID=`net -s /etc/samba/smb.conf getlocalsid SKOLELINUX 2>/dev/null | awk '{ print $6 }'`
> +
>      # start from scratch with secrets.tdb...
>      rm -f /var/lib/samba/secrets.tdb
>  
> @@ -469,8 +472,6 @@
>      chmod 0600 /etc/smbldap-tools/smbldap_bind.conf
>      sed -i "s:\$SAMBAPWD:$SAMBAPWD:g" /etc/smbldap-tools/smbldap_bind.conf
>  
> -    echo "info: Fetching SMB domain SID."
> -    SAMBASID=`net -s /etc/samba/smb.conf getlocalsid SKOLELINUX 2>/dev/null | awk '{ print $6 }'`
>      if [ -z "$SAMBASID" ] ; then
>        echo "error: unable to fetch Samba SID"
>        exit 1
> 

Do I have to restart from scratch if I need to use samba ? 


-- 
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Uff. +41 91 735 62 48

Reply to:

Follow-Ups:
- Re: Error adding users in Gosa (wheezy-test 130817)
  - From: Petter Reinholdtsen <pere@hungry.com>

References:
- Error adding users in Gosa (wheezy-test 130817)
  - From: Arne Sørli <arne.sorli@kongsberg.frisurf.no>
- Re: Error adding users in Gosa (wheezy-test 130817)
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: Error adding users in Gosa (wheezy-test 130817)
  - From: Wolfgang Schweer <wschweer@arcor.de>
- Re: Error adding users in Gosa (wheezy-test 130817)
  - From: Petter Reinholdtsen <pere@hungry.com>

Prev by Date: Re: Error adding users in Gosa (wheezy-test 130817)
Next by Date: Re: Error adding users in Gosa (wheezy-test 130817)
Previous by thread: Re: Error adding users in Gosa (wheezy-test 130817)
Next by thread: Re: Error adding users in Gosa (wheezy-test 130817)
Index(es):
- Date
- Thread