Hello all,
I have been having a hard time for days trying to setup OpenLDAP and Samba
PDC. I followed the tutorial @ http://www.kernel-panic.it/openbsd/pdc/
The LDAP directory seems to be properly populated as all searches work
fine. However using "getent passwd" only returns local accounts and not
LDAP.
getent group however seems to return a subset of LDAP groups, when I set
the basedn in ypldap to"dc=domain,dc=tld" :
_squid:*:515
_openldap:*:544
_dbus:*:572
_cups:*:541
smb:*:512
_lighttpd:*:585
Domain Admins:*:512:root,lfurrea,darwin
Domain Users:*:513:lfurrea,darwin
Should I be able to see realtime output from slapd log when doing a getent
passwd, or getent group?
I see output when doing regular searches but not when using the getent
tools.
I've been struggling with this for several days now, so I would appreciate
any pointers in order to be able to move forward in the troubleshooting
process, because I am out of ideas.
Here is what I have for ypldap.conf
# $OpenBSD: ypldap.conf,v 1.1 2011/07/07 02:22:11 ajacoutot Exp $
domain "grupounihospi.loc"
interval 100
provide map "passwd.byname"
provide map "passwd.byuid"
provide map "group.byname"
provide map "group.bygid"
directory "filesrvr.grupounihospi.loc" {
# directory options
binddn "cn=admin,dc=grupounihospi,dc=loc"
bindcred "secret"
basedn "dc=grupounihospi,dc=loc"
# passwd maps configuration (RFC 2307 posixAccount object class)
passwd filter "(objectClass=posixAccount)"
attribute name maps to "uid"
fixed attribute passwd "*"
attribute uid maps to "uidNumber"
attribute gid maps to "gidNumber"
attribute gecos maps to "gecos"
attribute home maps to "homeDirectory"
attribute shell maps to "/sbin/nologin"
fixed attribute change "0"
fixed attribute expire "0"
fixed attribute class "default"
# group maps configuration (RFC 2307 posixGroup object class)
group filter "(objectClass=posixGroup)"
attribute groupname maps to "cn"
fixed attribute grouppasswd "*"
attribute groupgid maps to "gidNumber"
# memberUid returns multiple group members
list groupmembers maps to "memberUid"
}
dmesg:
OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz ("GenuineIntel" 686-class)
3.06 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,SSSE3,CX16,SSE4.1,SSE4.2,POPCNT
real mem = 263774208 (251MB)
avail mem = 249409536 (237MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 06/23/99, BIOS32 rev. 0 @ 0xfb510,
SMBIOS rev. 2.4 @ 0xeb01f (11 entries)
bios0: vendor Xen version "3.4.2" date 05/18/2011
bios0: Xen HVM domU
acpi0 at bios0: rev 2, ACPI control unavailable
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: unknown i686 model 0x0, can't get bus clock (0x0)
cpu0: apic clock running at 100MHz
mpbios0: bus 0 is type ISA
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 11, 48 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
bios0: ROM list: 0xc0000/0x8c00
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel
0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <QEMU HARDDISK>
wd0: 16-sector PIO, LBA48, 8192MB, 16777216 sectors
wd1 at pciide0 channel 0 drive 1: <QEMU HARDDISK>
wd1: 16-sector PIO, LBA48, 358400MB, 734003200 sectors
wd0(pciide0:0:0): using PIO mode 0, DMA mode 2
wd1(pciide0:0:1): using PIO mode 0, DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <QEMU, QEMU DVD-ROM, 0.10> ATAPI 5/cdrom
removable
cd0(pciide0:1:1): using PIO mode 0
"Intel 82371SB USB" rev 0x01 at pci0 dev 1 function 2 not configured
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x01: SMBus
disabled
vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
"XenSource Platform Device" rev 0x01 at pci0 dev 3 function 0 not configured
ne3 at pci0 dev 4 function 0 "Realtek 8029" rev 0x00: apic 1 int 5, address
3e:a8:53:ce:21:1b
ne4 at pci0 dev 5 function 0 "Realtek 8029" rev 0x00: apic 1 int 10,
address d6:d8:8d:35:29:eb
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: probed fifo depth: 0 bytes
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: density unknown
fd1 at fdc0 drive 1: density unknown
mtrr: Pentium Pro MTRR support
nvram: invalid checksum
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on wd0a (20dd55394a6ad3c2.a) swap on wd0b dump on wd0b
clock: unknown CMOS layout
