Re: Error adding users in Gosa (wheezy-test 130817)
On Tue, Aug 20, 2013 at 07:22:16AM +0200, Petter Reinholdtsen wrote:
> [Wolfgang Schweer]
> > Setting up LDAP from scratch (as outlined in
> > ldap-debian-edu-install) on a beta0 based installation, the first
> > user isn't able to set a user's password if the changes (ldapi
> > instead of ldap, ssl usage commented out) to ldap-debian-edu-install
> > are applied. Reverting the changes and starting once again from
> > scratch, a working system is set up again.
>
> I believe I found the problem, and just uploaded a fix to wheezy-test.
>
> I believe the problem was that the fix ldap->ldapi in
> /etc/samba/smb-debian-edu-ldapbootstrap.conf got the net command
> working and samba generating SIDs which was stored in LDAP, as
> intended in the code. Just as Mike hoped. But then the temp config
> was removed, connection to LDAP was cut (by removing the secrets.tdb
> file and a new SID generated and stored in our LDAP objects (and not
> the one generated by samba initially). This SID did not match the
> initial SID stored in LDAP, and confused gosa and samba a lot.
>
> Check out wheezy-test, and see if it solve the problem for you.
>
> This was the change I did:
>
> Index: ldap-tools/ldap-debian-edu-install
> ===================================================================
> --- ldap-tools/ldap-debian-edu-install (revision 82147)
> +++ ldap-tools/ldap-debian-edu-install (revision 82148)
> @@ -454,6 +454,9 @@
> # and generate a sambaSID for <DOMAIN>.
> net -s /etc/samba/smb-debian-edu-ldapbootstrap.conf getlocalsid &> /dev/null
>
> + echo "info: Fetching SMB domain SID."
> + SAMBASID=`net -s /etc/samba/smb.conf getlocalsid SKOLELINUX 2>/dev/null | awk '{ print $6 }'`
> +
> # start from scratch with secrets.tdb...
> rm -f /var/lib/samba/secrets.tdb
>
> @@ -469,8 +472,6 @@
> chmod 0600 /etc/smbldap-tools/smbldap_bind.conf
> sed -i "s:\$SAMBAPWD:$SAMBAPWD:g" /etc/smbldap-tools/smbldap_bind.conf
>
> - echo "info: Fetching SMB domain SID."
> - SAMBASID=`net -s /etc/samba/smb.conf getlocalsid SKOLELINUX 2>/dev/null | awk '{ print $6 }'`
> if [ -z "$SAMBASID" ] ; then
> echo "error: unable to fetch Samba SID"
> exit 1
>
Do I have to restart from scratch if I need to use samba ?
--
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Uff. +41 91 735 62 48
Reply to: