[Date Prev][Date Next] [Chronological] [Thread] [Top]

smbldap-populate Complaing about access



When I run the utility smbldap-populate it returns this data:
Using builtin directory structure
adding new entry: dc=cougarnet,dc=bible,dc=edu
failed to add entry: Insufficient access at ./smbldap-populate line 344,
<GEN1> line 2.
...
adding new entry:
uid=Administrator,ou=People,dc=cougarnet,dc=bible,dc=edu
failed to add entry: index generation failed at ./smbldap-populate line
344, <GEN1> line 6.
...
adding new entry: cn=Domain
Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu
failed to add entry: index generation failed at ./smbldap-populate line
344, <GEN1> line 19.

This has be puzzled. I've provided permissions as clean as possible in
my slapd.conf: access to * by * write. Since this didn't work I tried to
add the it with the command:

# ldapadd -D "cn=samba,ou=People,dc=cougarnet,dc=bible,dc=edu" -f
Admin.ldif  -w *****
adding new entry
"uid=Administrator,ou=People,dc=cougarnet,dc=bible,dc=edu"
ldapadd: update failed:
uid=Administrator,ou=People,dc=cougarnet,dc=bible,dc=edu
ldap_add: Internal (implementation specific) error (80)
        additional info: index generation failed

I get a similar error trying to do the same thing from GQ: "Internal
(implementation specific) error".

I've set log level: loglevel 4085 and have been trying to pull this
apart, but it's beyond me. In the logs I'm getting this information that
I hope is relevant:

########################## slapd logs ##################################
Jul  2 10:59:39 localhost slapd[1616]: => acl_mask: to all values by
"cn=samba,ou=people,dc=cougarnet,dc=bible,dc=edu", (=n) 
Jul  2 10:59:39 localhost slapd[1616]: <= check a_dn_pat: *
Jul  2 10:59:39 localhost slapd[1616]: <= acl_mask: [1] applying
write(=wrscx) (stop)
Jul  2 10:59:39 localhost slapd[1616]: <= acl_mask: [1] mask:
write(=wrscx)
Jul  2 10:59:39 localhost slapd[1616]: => access_allowed: write access
granted by write(=wrscx)
Jul  2 10:59:39 localhost slapd[1616]: ====>
bdb_unlocked_cache_return_entry_r( 63 ): returned (0)
Jul  2 10:59:39 localhost slapd[1616]: => access_allowed: write access
to "cn=Domain Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu
" "entry" requested
Jul  2 10:59:39 localhost slapd[1616]: => acl_get: [1] check attr entry
Jul  2 10:59:39 localhost slapd[1616]: <= acl_get: [1] acl cn=Domain
Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu attr: entry
Jul  2 10:59:39 localhost slapd[1616]: => acl_mask: access to entry
"cn=Domain Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu", att
r "entry" requested
Jul  2 10:59:39 localhost slapd[1616]: => acl_mask: to all values by
"cn=samba,ou=people,dc=cougarnet,dc=bible,dc=edu", (=n) 
Jul  2 10:59:39 localhost slapd[1616]: <= check a_dn_pat: *
Jul  2 10:59:39 localhost slapd[1616]: <= acl_mask: [1] applying
write(=wrscx) (stop)
Jul  2 10:59:39 localhost slapd[1616]: <= acl_mask: [1] mask:
write(=wrscx)
Jul  2 10:59:39 localhost slapd[1616]: => access_allowed: write access
granted by write(=wrscx)
Jul  2 10:59:39 localhost slapd[1616]: => bdb_dn2id_add( "cn=domain
computers,ou=groups,dc=cougarnet,dc=bible,dc=edu", 0x00000059 )
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59
%ou=groups,dc=cougarnet,dc=bible,dc=edu
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59
@ou=groups,dc=cougarnet,dc=bible,dc=edu
Jul  2 10:59:39 localhost slapd[1616]: <= bdb_dn2id_add: 0
Jul  2 10:59:39 localhost slapd[1616]: => entry_encode(0x00000059):
cn=Domain Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu
Jul  2 10:59:39 localhost slapd[1616]: => index_entry_add( 89,
"cn=Domain Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu" )
Jul  2 10:59:39 localhost slapd[1616]: => key_change(ADD,59)
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59 [fd83b1e1]
Jul  2 10:59:39 localhost slapd[1616]: <= key_change 0
Jul  2 10:59:39 localhost slapd[1616]: => key_change(ADD,59)
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59 [36d2b1e2]
Jul  2 10:59:39 localhost slapd[1616]: <= key_change 0
Jul  2 10:59:39 localhost slapd[1616]: => key_change(ADD,59)
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59 [0096defd]
Jul  2 10:59:39 localhost slapd[1616]: <= key_change 0
Jul  2 10:59:39 localhost slapd[1616]: => key_change(ADD,59)
Jul  2 10:59:39 localhost slapd[1616]: bdb_idl_insert_key: 59 [9f3bcbde]
Jul  2 10:59:39 localhost slapd[1616]: <= key_change 0
Jul  2 10:59:39 localhost slapd[1616]: bdb_db_cache: db_open(cn) failed:
Permission denied (13)
Jul  2 10:59:39 localhost slapd[1616]: bdb_index_read: Could not open DB
cn
Jul  2 10:59:39 localhost slapd[1616]: <= index_entry_add( 89,
"cn=Domain Computers,ou=Groups,dc=cougarnet,dc=bible,dc=edu" ) failure
Jul  2 10:59:39 localhost slapd[1616]: bdb_add: index_entry_add failed
Jul  2 10:59:39 localhost slapd[1616]: send_ldap_result: conn=1 op=13
p=3
Jul  2 10:59:39 localhost slapd[1616]: send_ldap_result: err=80
matched="" text="index generation failed"
Jul  2 10:59:39 localhost slapd[1616]: send_ldap_response: msgid=14
tag=105 err=80
Jul  2 10:59:39 localhost slapd[1616]: conn=1 op=13 RESULT tag=105
err=80 text=index generation failed
Jul  2 10:59:39 localhost slapd[1613]: connection_get(12)
Jul  2 10:59:39 localhost slapd[1613]: connection_get(12): got connid=1
Jul  2 10:59:39 localhost slapd[1613]: connection_read(12): checking for
input on id=1
Jul  2 10:59:39 localhost slapd[1613]: ber_get_next on fd 12 failed
errno=11 (Resource temporarily unavailable)
Jul  2 10:59:39 localhost slapd[1616]: do_unbind
Jul  2 10:59:39 localhost slapd[1616]: conn=1 op=14 UNBIND

>From what I see, it looks like OpenLDAP is fine with the request,but the
backend database is giving a fit. Does that make sense? Any suggestions
on what I need to do. I'll be glad to provide more documentation as
needed.

Here's my current config file:
include     /etc/openldap/schema/core.schema
include     /etc/openldap/schema/cosine.schema
include     /etc/openldap/schema/inetorgperson.schema
include     /etc/openldap/schema/nis.schema
include     /etc/openldap/schema/nisdomainobject.schema
include     /etc/openldap/schema/samba.schema
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
access to * by * write
loglevel 4085
  
database        bdb
suffix          "dc=cougarnet,dc=bible,dc=edu"
rootdn          "cn=Manager,dc=cougarnet,dc=bible,dc=edu"
rootpw          *********
directory       /var/lib/openldap-data
index objectClass,uidNumber,gidNumber                   eq
index cn,surname,uid,displayName                        pres,sub
index memberUID,mail,givenname                          eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName     eq

Your help is most welcome. It seem apparent that I've been going at this
the wrong way and need another's eyes badly.

Thank you,
Josiah Ritchie