Discussion :

[wodel]

Salut,

j'utilise openSuse 10.2 avec openldap

#rpm -qa | grep openldap
openldap2-devel-2.3.27-25
openldap2-client-2.3.27-25
openldap2-2.3.39-1.1


je configure l'authentification des utilisateurs linux a travers ldap.

j'ai trouvé des utilitaires de migrations MigrationTools qui génére des fichiers ldif pour le transfére des comptes utilisateurs et des groupes...etc.

j'ai créé les entrées pour les utilisateurs. cependant pour les groupes lorsque je lance:

#slapadd -v -l ldap_group.ldif j'obtient l'erreur suivante:

slapadd: dn="cn=at,ou=Group,dc=mondomaine,cn=org" (line=7): (65) no structural object class provided

j'ai un peu cherché sur le net mais j'ai pas trouvé de réponse.



merci d'avance

[Coyote2001]

Et sinon, à quoi ressemble ton fichier de configuration slapd.conf ? Même punition pour ton fichier ldap_group.ldif .

Cordialement,

Emmanuel

[wodel]

Salut voila mon slapd.conf:

Suse:~ # cat /etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema
#include /etc/openldap/schema/nis.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access to user password
# Allow anonymous users to authenticate
# Allow read access to everything else
# Directives needed to implement policy:
access to dn.base=""
by * read

access to dn.base="cn=Subschema"
by * read

access to attrs=userPassword,userPKCS12
by self write
by * auth

access to attrs=shadowLastChange
by self write
by * read

access to *
by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

loglevel 0
database bdb
suffix "dc=mondomaine,cn=org"
rootdn "cn=Manager,dc=mondomaine,cn=org"
rootpw secret
directory /var/lib/ldap/
checkpoint 1024 5
cachesize 10000

#index objectClass,uidNumber,gidNumber eq
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres

#index uid eq
#index uidNumber eq
#index gidNumber eq
#index memberUid eq
#index cn pres,eq,sub
#index sn pres,eq,sub
#index objectClass pres,eq
#index nisDomain eq
#index nisNetgroupTriple pres,eq,sub
#index memberNisNetgroup pres,eq,sub
#index nisMapName eq
#index amdMapName eq
#index amdMapKey eq



et voila mon ldap_group.ldif:

dn: cn=at,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: at
userPassword: {crypt}!
gidNumber: 25

dn: cn=audio,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: audio
userPassword: {crypt}x
gidNumber: 17

dn: cn=beagleindex,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: beagleindex
userPassword: {crypt}!
gidNumber: 105

dn: cn=bin,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: bin
userPassword: {crypt}x
gidNumber: 1
memberUid: daemon

dn: cn=cdrom,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: cdrom
userPassword: {crypt}x
gidNumber: 20

dn: cn=console,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: console
userPassword: {crypt}x
gidNumber: 21

dn: cn=daemon,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: daemon
userPassword: {crypt}x
gidNumber: 2

dn: cn=disk,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: disk
userPassword: {crypt}x
gidNumber: 6

dn: cn=floppy,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: floppy
userPassword: {crypt}x
gidNumber: 19

dn: cn=ftp,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: ftp
userPassword: {crypt}x
gidNumber: 49

dn: cn=games,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: games
userPassword: {crypt}x
gidNumber: 40

dn: cn=haldaemon,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: haldaemon
userPassword: {crypt}!
gidNumber: 102

dn: cn=kmem,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: kmem
userPassword: {crypt}x
gidNumber: 9

dn: cn=ldap,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: ldap
userPassword: {crypt}!
gidNumber: 70

dn: cn=lp,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: lp
userPassword: {crypt}x
gidNumber: 7

dn: cn=mail,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: mail
userPassword: {crypt}x
gidNumber: 12

dn: cn=maildrop,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: maildrop
userPassword: {crypt}!
gidNumber: 59

dn: cn=man,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: man
userPassword: {crypt}x
gidNumber: 62

dn: cn=messagebus,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: messagebus
userPassword: {crypt}!
gidNumber: 101

dn: cn=modem,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: modem
userPassword: {crypt}x
gidNumber: 43

dn: cn=mysql,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: mysql
userPassword: {crypt}!
gidNumber: 104

dn: cn=named,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: named
userPassword: {crypt}!
gidNumber: 44

dn: cn=news,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: news
userPassword: {crypt}x
gidNumber: 13

dn: cn=nobody,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: nobody
userPassword: {crypt}x
gidNumber: 65533

dn: cn=nogroup,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: nogroup
userPassword: {crypt}x
gidNumber: 65534
memberUid: nobody

dn: cn=ntadmin,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: ntadmin
userPassword: {crypt}!
gidNumber: 71

dn: cn=ntp,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: ntp
userPassword: {crypt}!
gidNumber: 103

dn: cn=postfix,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: postfix
userPassword: {crypt}!
gidNumber: 51

dn: cn=postgres,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: postgres
userPassword: {crypt}!
gidNumber: 26

dn: cn=public,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: public
userPassword: {crypt}x
gidNumber: 32

dn: cn=root,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: root
userPassword: {crypt}x
gidNumber: 0

dn: cn=shadow,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: shadow
userPassword: {crypt}x
gidNumber: 15

dn: cn=sshd,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: sshd
userPassword: {crypt}!
gidNumber: 65

dn: cn=suse-ncc,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: suse-ncc
userPassword: {crypt}!
gidNumber: 106

dn: cn=sys,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: sys
userPassword: {crypt}x
gidNumber: 3

dn: cn=tomcat,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: tomcat
userPassword: {crypt}!
gidNumber: 107

dn: cn=trusted,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: trusted
userPassword: {crypt}x
gidNumber: 42

dn: cn=tty,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: tty
userPassword: {crypt}x
gidNumber: 5

dn: cn=utmp,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: utmp
userPassword: {crypt}x
gidNumber: 22

dn: cn=uucp,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: uucp
userPassword: {crypt}x
gidNumber: 14

dn: cn=wheel,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: wheel
userPassword: {crypt}x
gidNumber: 10

dn: cn=www,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: www
userPassword: {crypt}x
gidNumber: 8

dn: cn=xok,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: xok
userPassword: {crypt}x
gidNumber: 41

dn: cn=users,ou=Group,dc=mondomaine,cn=org
objectClass: posixGroup
objectClass: top
cn: users
userPassword: {crypt}x
gidNumber: 100

[Coyote2001]

Bonjour,

A tout hasard, pourrais tu me confirmer que ton OU Group existe bien ?
Pourrais-je aussi avoir un extrait du ldif (juste assez pour voir les info concernant un utilisateur) des utilisateurs ?

Cdt,

Emmanuel