Untitled

from the beginning:

smbldap-populate gave me these errors:

root@amahoro:~# smbldap-populate
Populating LDAP directory for domain AMAHORO (S-1-5-21-251852451-2940789264-3475694606)
(using builtin directory structure)

entry dc=amahoro,dc=bi already exist.
entry ou=Users,dc=amahoro,dc=bi already exist.
entry ou=Groups,dc=amahoro,dc=bi already exist.
entry ou=Computers,dc=amahoro,dc=bi already exist.
entry ou=Idmap,dc=amahoro,dc=bi already exist.
adding new entry: uid=root,ou=Users,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 58.
adding new entry: uid=nobody,ou=Users,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 89.
adding new entry: cn=Domain Admins,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 101.
adding new entry: cn=Domain Users,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 112.
adding new entry: cn=Domain Guests,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 123.
adding new entry: cn=Domain Computers,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 134.
adding new entry: cn=Administrators,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 179.
adding new entry: cn=Account Operators,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 201.
adding new entry: cn=Print Operators,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 212.
adding new entry: cn=Backup Operators,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 223.
adding new entry: cn=Replicators,ou=Groups,dc=amahoro,dc=bi
failed to add entry: index generation failed at /usr/sbin/smbldap-populate line 498, <GEN1> line 234.
entry sambaDomainName=AMAHORO,dc=amahoro,dc=bi already exist. Updating it...

Please provide a password for the domain root:
/usr/sbin/smbldap-passwd: user root doesn't exist

I thought to use slapindex to regenerat the indices also, the output was:

stefano@amahoro:~$ /usr/sbin/slapindex
/etc/ldap/slapd.conf: line 20: invalid path: Permission denied
slapindex: bad configuration file!

This is my slapd.conf

#Basics
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/samba.schema

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        256

modulepath      /usr/lib/ldap
moduleload      back_hdb

#Database configuration
database        hdb
suffix          "dc=amahoro,dc=bi"
rootdn          "cn=Manager,dc=amahoro,dc=bi"
rootpw          {SSHA}XBLZ+TknuZHW3dirN2SE2fj3mYka3tkG
directory       /var/lib/ldap    <----------------------------- LINE 20
index           uid,uidNumber,gidNumber,memberUid       eq
index           cn,mail,surname,givenname       eq,subinitial
index           sambaSID        eq
index           sambaPrimaryGroupSID    eq


#ACLs
access to attrs=userPassword
        by anonymous auth
        by self write
        by * none

access to *
        by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read
        by self write
        by * none


These the permissions of /var/lib/ldap/

drwxr-x--- 2 openldap openldap 4096 Apr 29 09:57 ldap

-rw-r--r-- 1 openldap openldap     4096 Apr 29 09:57 alock
-rw------- 1 openldap openldap     8192 Apr 28 12:18 cn.bdb
-rw------- 1 openldap openldap    24576 Apr 29 09:57 __db.001
-rw------- 1 openldap openldap   352256 Apr 29 09:57 __db.002
-rw------- 1 openldap openldap  2629632 Apr 29 09:57 __db.003
-rw------- 1 openldap openldap   163840 Apr 29 09:57 __db.004
-rw------- 1 openldap openldap   876544 Apr 29 09:57 __db.005
-rw------- 1 openldap openldap    32768 Apr 29 09:57 __db.006
-rw-r--r-- 1 openldap openldap       96 Apr 23 17:34 DB_CONFIG
-rw------- 1 openldap openldap     8192 Apr 28 14:23 dn2id.bdb
-rw------- 1 openldap openldap     8192 Apr 28 14:23 gidNumber.bdb
-rw------- 1 openldap openldap    32768 Apr 28 14:23 id2entry.bdb
-rw------- 1 openldap openldap 10485760 Apr 29 09:57 log.0000000001
-rw------- 1 openldap openldap     8192 Apr 28 12:18 mail.bdb
-rw------- 1 openldap openldap     8192 Apr 28 14:00 memberUid.bdb
-rw------- 1 openldap openldap     8192 Apr 28 11:52 objectClass.bdb
-rw------- 1 openldap openldap     8192 Apr 28 14:23 sambaSID.bdb
-rw------- 1 openldap openldap     8192 Apr 28 12:18 sn.bdb
-rw------- 1 openldap openldap     8192 Apr 28 12:18 uid.bdb
-rw------- 1 openldap openldap     8192 Apr 28 14:23 uidNumber.bdb


other check:

using
sudo strace /usr/sbin/slapindex
i found the line:
open("/var/lib/ldap/DUMMY", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = -1 EACCES (Permission denied)
but in that directory there is not "DUMMY"

Today i changed the permissions of the files in /var/lib/ldap/ to 0755.

I retried with slapindex with the same result:

from root:
sudo /usr/sbin/slapindex

WARNING!
Runnig as root!
There's a fair chance slapd will fail to start.
Check file permissions!

from normal user:
usr/sbin/slapindex
/etc/ldap/slapd.conf: line 20: invalid path: Permission denied
slapindex: bad configuration file!

I repeated strace and i didn't find errors

I repeated slapindex from root and from normal user but the result was the same as above.

I repeated smbldap-populate and magically it runs but i don't know if everything is ok because slapindex give me errors again.

Have tou got ideas or suggests to give me please?