https://forums.openfiler.com Openfiler Forums en http://backend.userland.com/rss https://forums.openfiler.com/viewtopic.php?pid=22298#22298 22298@https://forums.openfiler.com Topic: LDAP Restore breaks Samba Message: Hello!I have the same problem here, try this:1. On Accounts uncheck the "use ldap" and "use local ldap sever". 2. Submit 3 . enter on accounts again and recheck 2 option and submit.This work for meGuilherme Mon, 6 Sep 2010 12:24:56 +0100 https://forums.openfiler.com/viewtopic.php?pid=21936#21936 21936@https://forums.openfiler.com Topic: User Guide - How to join a domain Message: thanks to all contributors....worked, after many trial and errors.. Thu, 29 Jul 2010 13:49:40 +0100 https://forums.openfiler.com/viewtopic.php?pid=21870#21870 21870@https://forums.openfiler.com Topic: Open Directory and Openfiler Message: Agreed.  Once we get our setup running and the correct permissions assigned it is smooth sailing.  The box I am working on right now I know I have not had to configure our fix in over a year.  Just a nice solid system.I made this thread because there are not alot of us mac guys out there that have these servers setup for user shares.  I figured it would be nice to give back to a great system that I get for free.JL Fri, 23 Jul 2010 14:57:45 +0100 https://forums.openfiler.com/viewtopic.php?pid=21862#21862 21862@https://forums.openfiler.com Topic: LDAP Restore breaks Samba Message: Prior to going into production mode, I wanted to test my ability to restore a configuration.After having a working LDAP / Samba system, I then proceeded to clear the LDAP database and then to rebuild the database - providing a clean system from which to start a restore.So I restore my LDAP file.  Problems I encountered include:1. Can no longer access files from Windows - error messages include "ldap_connect_system: Failed to retrieve password from secrets.tdb"2. I noted that the root bind parameter parameter in the accounts authentication is changed to cn=manager.  (I followed   thebajaguy's install guide and used cn=openfiler)I can still log in to the user accounts via ssh (of course I had to manally set a home directory and shell in the ldif backup file, so presumably LDAP is working fine.  All the users and groups appear, so it seems to be just a problem between Samba and LDAP?Whilst I only have only half a dozen users and groups, it's only a minor irritation to have to rebuild the database manually, but it would be nice to know what's going wrong with the restore (or maybe it's in the backup)Before openfiler, my Samba and LDAP knowledge was zero, and after a day of researching, I don't know where to look next. Fri, 23 Jul 2010 06:59:12 +0100 https://forums.openfiler.com/viewtopic.php?pid=21840#21840 21840@https://forums.openfiler.com Topic: Open Directory and Openfiler Message: Created, and matched permissions and ownership to the other content of /etc/pam.d/Glad to make an addition to this.  It's a great system, once its established you can almost forget about it. Thu, 22 Jul 2010 15:37:04 +0100 https://forums.openfiler.com/viewtopic.php?pid=21839#21839 21839@https://forums.openfiler.com Topic: Open Directory and Openfiler Message: Where are you editing the common-sessions file?  I have looked on both the Macs and Openfiler and the file does not exist at the location you specified.  Do I have to create it?...  NaOH123 great additions with changing the generate.inc file.  Makes life a little easier.Thanks,JL Thu, 22 Jul 2010 13:04:51 +0100 https://forums.openfiler.com/viewtopic.php?pid=21766#21766 21766@https://forums.openfiler.com Topic: LDAP Auth using Novell E-Directory Message: I'm currently trying to setup Openfiler to use LDAP to Auth users against Novell E-Directory for windows clients but I can't seem to get it to work.Where do I start with troubleshooting ldap issues.  The web interface doesn't seem to give me any errors and a DSTrace on the netware server seems to show the the Openfiler attempting to login (And succeeding) but the users and groups section remains blank.Are there log files on the openfiler itself I can view?Is Openfiler even compatible with Novell E-Directory?Has anyone successfully connected Openfiler to Novell E-Directory and if so what was required to get it to work?Thanks,Shane F. Fri, 16 Jul 2010 01:50:08 +0100 https://forums.openfiler.com/viewtopic.php?pid=21568#21568 21568@https://forums.openfiler.com Topic: Open Directory and Openfiler Message: One more accommodation for  a Mac environment, specifically with 10.6 and the subsequent updates that "broke" samba on 10.6 clients.  No matter how permissions are set on directories or samba shares any attempt to write will fail with lack of permissions.  The quick fix has been to add the directive "unix extensions = no" to smb.conf; but this causes problems with linux clients trying to connect.  The more eloquent solution is the addition of these two directives:  "wide links = no" and "getwd cache = yes".  Again, we want this to stick in our Openfiler smb.conf so future use of the GUI does not wipe out these additions.  So back to "/opt/openfiler/var/www/includes/generate.inc" :Line 1848:        $ac_smb_fp->AddLine( "wide links = no");Line 1849:      $ac_smb_fp->AddLine( "getwdcache = yes");I suspect you can add these in anywhere with the groupings of "$ac_smb_fp->AddLine..." around lines 1800-1850, but to be clear these are the exact lines I used, and the settings stick.  10.6 clients can connect and write to the shares where they are permitted to do so. Thu, 1 Jul 2010 23:20:10 +0100 https://forums.openfiler.com/viewtopic.php?pid=21564#21564 21564@https://forums.openfiler.com Topic: LDAP and Windows clients Message: Why would you use multiple login accounts?  That is by design in Windows.  Once you've used a username & password for a network resource it keeps it active until the user logs off.  You can try purging it from your system using "net use" but if there is a connection still open it won't let you. Thu, 1 Jul 2010 16:32:28 +0100 https://forums.openfiler.com/viewtopic.php?pid=21560#21560 21560@https://forums.openfiler.com Topic: LDAP and Windows clients Message: Hi,I installed openfiler without any problem. Then i adjusted ldap account settings. I choosed use ldap use ldap server etc.. I created shared folder and adjusted groups and users and their rights under openfiler. I could connect to shared folder  from windows clients without any problem except one. First under windows,i open shared folder by entering user and password which i created before under openfiler. But when i want to change user (for example user1 with rw right to user2 with ro right) its impossible unless log of and log in. Do i have to log of and log in everytime if i want to change the user from another one. Do you have any recomendation?Thanks. Thu, 1 Jul 2010 15:10:41 +0100 https://forums.openfiler.com/viewtopic.php?pid=21368#21368 21368@https://forums.openfiler.com Topic: Error setting user password. Message: I had the same problem, so I ran the update in the webGUI and just updated everything.  Now that the update has finished I am getting a new error:Please configure the LDAP section of the Authentication page before attempting to use this page.Error message:   ldap_start_tls: Connect error (-11)    additional info: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failureI didn't change anything in the Authentication section so I am not sure what is wrong now.I am using my own domain instead of the dc=openfiler,dc=nas that I have seen in many of the examples on the forums.  Is this a problem?  Should I be using Base DN: [dc=<hostname>,dc=<domain_name>,dc=<top_level_domain>]?  From what i have read I don't think so.Looking at the Expert View in the Use LDAP section there is no entry for Authenticated bind DN.  I really don't know if there should be anything there, or not.I'm running openfiler in a DomU on Xen 3.3 on CentOS 5.2.Thanks for any assistance in advance. Mon, 14 Jun 2010 15:43:32 +0100 https://forums.openfiler.com/viewtopic.php?pid=21366#21366 21366@https://forums.openfiler.com Topic: Can not add users, local LDAP Message: Guitarhero: You rock!  I was doing everything right, but I needed to clear and rebuild.  It would have been a very long time before I guessed that I needed to do that to make it work!Is this a feature, or a bug? Mon, 14 Jun 2010 14:14:53 +0100 https://forums.openfiler.com/viewtopic.php?pid=21198#21198 21198@https://forums.openfiler.com Topic: Does anybody use openfiler ? beside downloading and failing ??? Message: thanks phoenix/ anybody. :-)i know resolving this issue will help alot of people which got it unanswered in several similar threads (unknown/ not recognized/ not listed etc).so the real question is "how do i change the openfiler configuration so that it will use "cn=groups,cn=accounts" instead of "ou=groups" when looking for groups.in a similar way it is so for users "cn=groups,cn=accounts" instead of "ou=People"see below:groups:here what i found :  it can't work without configuration change on the openfiler side.when retrieving the user list it's done using "all".[01/Jun/2010:11:05:49 +0300] conn=1770 op=1 SRCH base="dc=my,dc=domain,dc=com,dc=au" scope=2 filter="(&(objectClass=posixAccount)(uid=root))" attrs=ALLbut when i try to add a group it is done using "ou=groups" where as i need it to be "cn=groups,cn=accounts".users: conn=1972 op=1 SRCH base="ou=People,dc=my,dc=domain,dc=com,dc=au" scope=2 filter="(objectClass=posixaccount)" attrs="uid uidNumber objectClass"[01/Jun/2010:11:13:08 +0300] conn=1972 op=1 RESULT err=32 tag=101 nentries=0 etime=0[01/Jun/2010:11:13:08 +0300] conn=1972 op=2 UNBIND[01/Jun/2010:11:13:08 +0300] conn=1972 op=2 fd=98 closed - U1 Tue, 1 Jun 2010 09:26:03 +0100 https://forums.openfiler.com/viewtopic.php?pid=21194#21194 21194@https://forums.openfiler.com Topic: Does anybody use openfiler ? beside downloading and failing ??? Message: pulllk wrote:how do i "open" more debug information to see what the openldap is requesting from the external ldap server ? You can set the logging level for openLDAP in slapd.conf: http://kb.imailserver.com/cgi-bin/imail … _topview=1 pulllk wrote:or ... how i configure openfiler to get the right information from external LDAP? It should be no more difficult than filling in the correct information in the Accounts/Authentication page. I've had OF working with AD, openLDAP, Fedora Directory Server (or whatever it's called now) and a test with FreeIPA, I don't remember there being any specific problems with them. Tue, 1 Jun 2010 07:11:04 +0100 https://forums.openfiler.com/viewtopic.php?pid=21193#21193 21193@https://forums.openfiler.com Topic: Does anybody use openfiler ? beside downloading and failing ??? Message: another 2 things... which make it obvious that the openfiler is not connected well (in the right ldap path) : 1.looking with Ldap administrator i can see that users are : cn=users,cn=accounts,dc=server,dc=domain,dc=com,dc=augroups are: cn=groups,cn=accounts,dc=server,dc=domain,dc=com,dc=auwhen i try to add a new group, under "account"/"administration" /"group administration" i get:" Error adding new group.  ldap_add: No such object (32)matched DN: dc=server,dc=domain,dc=com,dc=au ".which is my "Base DN: " which i defined under "accounts".since FreeIPA is using abit unconventional path i defined in the "smb setup" under services the following:LDAP User Suffix:  cn=users,cn=accountsLDAP Group Suffix:  cn=groups,cn=accounts2.looking under "accounts" / "administration" /"user administration" i can see the "primary group" is EMPTY.3.how do i "open" more debug information to see what the openldap is requesting from the external ldap server ? 4.or ... how i configure openfiler to get the right information from external LDAP? Tue, 1 Jun 2010 06:02:51 +0100