Jim Hogan wrote: > Halloo! > > I am attempting to migrate an existing OpenLDAP directory to FDS > 1.01. I had extended the OL setup with samba.schema and had imported > a bunch of existing Samba data with scripts. This is all on Fedora > Core 3. I was motivated to migrate by 1) the console apps and 2) > better ACI mgmt; I figured both of these might better support a better > self-service directory model where people can edit some of their own > details. > > I have FDS running and just got console running. I found the script > to convert samba.schema to FDS LDIF format and that seemed to work a > treat. However, on startup, FDS seems to completely ignore my > "61samba.ldif". Worse, it seems not to notice any errors. What this > measn is that I am not able to import any users (and other elements) > from my OL directory as they have various samba* attributes. This is what I did: cd /opt/fedora-ds/slapd-localhost/config/schema perl ~/ol2rhds.pl < /usr/share/doc/samba-3.0.14a/LDAP/samba.schema > 61samba.ldif # http://www.directory.fedora.redhat.com/download/ol2rhds.pl ../../restart-slapd ldapsearch -x -h localhost -p myport -s base -b "cn=schema" "objectclass=*" | grep -i samba I see lots of output like the following: .... objectClasses: ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC 'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName X-ORIGIN 'user objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaAccountPolicy' DESC 'Samba Account Policy' SUP top STRUCTURAL MUST ( sambaAccountPolicyName $ sambaAcco attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY in attributeTypes: ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' DESC 'NT Group attributeTypes: ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' DESC 'Logon H .... > > The rest of the XXname.ldif schema files seem to be processing just > fine. I have audited some of the last to load 50ns-web, 50ns-calendar > and 60pam-plugin, and all of their attributes appear in the listing I > can find via the console (or phpLDAPadmin). > > I saw nothing in the slapd-servername/logs/* so I increased error > loglevel to 192 and then to some ridiculous combined value from the > debug table in the FAQ. I never see any reference to problems > processing "61samba" -- the only errors I can generate with "samba" in > them are when I attempt to add users "has unknown object class > 'sambaSamAccount'", for example. I changed 61samba.ldif to > 21samba.ldif to see if this problem was order-dependent. No change. > For grins, I added a junk ldif called 59nonsense.ldif and I couldn't > get *that* to generate any lines in the "errors" log file or anywhere > that I can tell. "service ldap restart" just seems to go on its merry > way. It is like the ancillary LDIF list doesn't exist or something. > > So, for fun I *copied* one of the LDIF schema files to > "59nonsense.ldif" and figured I would see log complaints about > duplicate attributes, but *nothing*. and nothing in debug log. slapd > restarts without a hitch. > > Anyhow, FDS looks great and I am sure it will be a lot of fun, but at > the moment, I think I am missing some *big*, dope-slap-worthy item -- > some big, red switch that says "COMMIT" that I need to flip! > > Thoughts? Thanks. > > Jim > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060301/0e70e6e2/attachment.bin
