[03:14] <andrupal> anyone around who can provide some guidance through a fresh LDAP installation?  I've been getting stuck and falling down rabbit holes in poorly written tutorials for the past week...I need a samba client authentication setup that will work with thin, thick and windows clients.
[03:15] <Burgundavia> hello again
[03:15] <andrupal> Howdy...perfect, it's you!
[03:15] <Burgundavia> alright
[03:16] <andrupal> I've got a clean server install, and have just done apt-get install slapd
[03:17] <Burgundavia> ok
[03:17] <andrupal> I began editing slapd.conf, changing the with the dc info
[03:18] <Burgundavia> did debconf not ask you for basic information?
[03:18] <Burgundavia> sudo dpkg-reconfigure slapd
[03:18] <Burgundavia> try that
[03:19] <andrupal> OK...I'm not omitting, Q1, correct?
[03:19] <Burgundavia> q1?
[03:19] <andrupal> It asks "Omit OpenLDAP server configuration?"  I'm replying No
[03:19] <Burgundavia> yes
[03:20] <Burgundavia> no is the correct answer
[03:20] <Burgundavia> geez, I need to setup this myself
[03:20] <Burgundavia> it has been so long
[03:21] <andrupal> it asks for DNS domain name and automatically fills in earthlink.net, my ISP...I assume I should change this to something else...in previous installs I've been using "example.net" since this is just a test server.
[03:22] <Burgundavia> no, leave that
[03:23] <andrupal> leave earthlink.net  it says it will use this to construct the base DN of the LDAP directory.  I want this called earthlink.net?
[03:25] <andrupal> Hundreds of thousands of new yorkers have earthlink.net as their ISP...it seems odd to use this as my LDAP base DN...
[03:29] <Burgundavia> no
[03:29] <Burgundavia> let me run through the questions on my machine
[03:30] <andrupal> It asks which database backend to use: BDB or HDB ...BDB is what I have done on previous installs.  Ok I'll let you catch up.  I recognize this is detailed stuff.
[03:31] <Burgundavia> right, ok
[03:31] <Burgundavia> so for the dns one, fill in example.net
[03:31] <Burgundavia> for the org, fill in example
[03:31] <andrupal> how can I go back?
[03:32] <andrupal> I just ran dpkg again...
[03:33] <Burgundavia> run it again
[03:33] <andrupal> Do I want the database to be removed when purged? I'm saying yes, for now...
[03:34] <andrupal> ALlow LDAPvs protocol.  I've said no in previous installs...
[03:34] <Burgundavia> say no
[03:34] <Burgundavia> ldap v2 is dead
[03:35] <andrupal> Unfortunately the first config process seems to have created a backup that prevents the old database from being moved...the process says "giving up"
[03:35] <andrupal> Shall I delete the file that's getting in the way?
[03:36] <Burgundavia> yep
[03:38] <Burgundavia> you should now be up and running
[03:38] <andrupal> rm -r removes a directory, no?
[03:39] <Burgundavia> yes, but you should be very careful
[03:39] <Burgundavia> might be better to purge slapd
[03:39] <andrupal> how again?  apt-get purge slapd
[03:39] <andrupal> ?
[03:40] <Burgundavia> --purge remove
[03:43] <andrupal> same problem...old backup exists...process gives up
[03:45] <Burgundavia> huh?
[03:45] <andrupal> Ok I removed the directory that was giving the error and dpkg runs fine, with successful output
[03:45] <Burgundavia> ok
[03:45] <andrupal> slaptest succeeds
[03:46] <andrupal> I've gotten this far before, however...we're not to the hard stuff yet.
[03:46] <Burgundavia> well, now all you need to do is populate it
[03:47] <andrupal> Ok  how is this done?
[03:47] <Burgundavia> ldap uses what is called an ldif file
[03:47] <Burgundavia> https://help.ubuntu.com/community/OpenLDAPServer
[03:47] <Burgundavia> I would just create one account via a text file as per that page and then slapadd it
[03:48] <andrupal> I should use the dummy file provided?
[03:50] <andrupal> OK I just used the dummy file and saved as init.ldif on my desktop
[03:51] <andrupal> Shall I follow the instructions that follow the init.ldif file provided on the link you provided?
[03:51] <Burgundavia> no, that is too much
[03:51] <Burgundavia> just create a single user
[03:52] <andrupal> So delete everything except one entry that has "ou=people" in it?
[03:53] <Burgundavia> no, you need to add a single person
[03:53] <Burgundavia> a person starts with the line:
[03:53] <Burgundavia> dn: uid=lionel,ou=people,dc=example,dc=com
[03:54] <andrupal> OK...so I'm deleting everything except this part of the ldif file.
[03:54] <Burgundavia> sorry, have to run
[03:54] <Burgundavia> look at how the ldif file is constructed and make a similar file
[03:55] <andrupal> OK no problem...I'll continue with this tutorial...Thanks for your help!
[03:56] <Burgundavia> don;t follow that wiki page exactly
[03:56] <Burgundavia> after you have added somebody, try and setup a client to auth against the ldap server
[03:57] <andrupal> The client needs configuration as well...no?  Can you point to reliable documentation on this?
[04:02] <andrupal> I'm getting an error using slapadd...value of naming attribute 'uid' is not present in entry.   The init.ldif file has a uid, however...
[04:09] <andrupal> ldapsearch returns ldap_sasl_interactive_bind_s:  Can't contact LDAP server (-1)
[04:17] <andrupal> ldapsearch returns "ldap_bind: Can't contact LDAP server (-1)" error...help anyone
[04:18] <sbalneav> Big topic you need help with there.
[04:19] <sbalneav> How about you tell me a little about what you've got set up?
[04:20] <andrupal> Just went through a clean server install, clean slapd install.  Ran dpkg. Attempted to populate using an ldif file...can't search LDAP
[04:21] <andrupal> slaptest succeeds
[04:22] <andrupal> tutorials all say different things about how to approach setup...I was following Burgundavia's lead but he had to go...
[04:22] <sbalneav> what does your /etc/ldap/ldap.conf file look like?
[04:23] <sbalneav> Paste it to the pastebin
[04:23] <andrupal> Where's the pastebin?
[04:23] <sbalneav> !pastebin
[04:23] <ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
[04:25] <andrupal> Ok see http://paste.ubuntu-nl.org/26960/
[04:26] <sbalneav> that's the slapd.conf
[04:26] <andrupal> woops.
[04:27] <sbalneav> It's ok, we'll need it too :)
[04:28] <andrupal> Ok see  http://paste.ubuntu-nl.org/26961/
[04:28] <andrupal> I'm now seeing that example.com is an error...this should be example.net to match slapd.conf, no?
[04:29] <sbalneav> Should be NEITHER example.com or example.net.
[04:29] <sbalneav> Should be YOUR domain name :)
[04:29] <andrupal> Yes,  in this case I'm running a test server, example.net
[04:30] <sbalneav> You're talking the rootdn?
[04:30] <andrupal> I guess...I've been consistently using example.net throughout LDAP setup...the machine name is UBUNTU, however...that's not the issue though, right?
[04:31] <sbalneav> In your ldap.conf, what's your URI set to?
[04:32] <andrupal> It was  ldap://ldap.example.com ldap://ldap-master.example.com:666
[04:32] <andrupal> now com = net
[04:32] <sbalneav> That's going to try to contact the host ldap.example.com
[04:32] <andrupal> so I should take our ldap
[04:32] <andrupal> out
[04:34] <sbalneav> Where's the ldap server running, on the same machine?
[04:34] <andrupal> Yes
[04:34] <sbalneav> If so, you'll probably want a URI like ldap://localhost
[04:35] <andrupal> why are there two entries?
[04:35] <andrupal> should I remove the 2nd, with port?
[04:35] <sbalneav> Failover.  If you have multiple ldap servers for redundancy, it will try one, then the other.
[04:36] <sbalneav> yes
[04:36] <sbalneav> since you've only got one ldap server
[04:37] <andrupal> Ok with changes I'm still getting ldap_bind: Can't contact server (-1)
[04:38] <sbalneav> you still haven't actually pasted your ldap.conf file to the pastebin.
[04:39] <sbalneav> Oh, wait
[04:39] <sbalneav> you did, missed it.
[04:39] <andrupal> It's different now...
[04:39] <sbalneav> They still got the # in front of URI and BASE?
[04:40] <andrupal> Snikes!
[04:41] <andrupal> Ok removed #
[04:41] <sbalneav> That should help somewhat
[04:41] <andrupal> ;)
[04:43] <andrupal> still getting the error
[04:43] <andrupal> does slapd.conf need my password?
[04:43] <sbalneav> Can't contact server means it isn't even getting connected
[04:44] <sbalneav> Is slapd running?
[04:44] <sbalneav> ps -ef | grep slapd
[04:44] <sbalneav> should have probably 4 of them
[04:45] <andrupal> it outputs root  12445 9398 0 22:44 pts/0    00:00:00 grep slapd
[04:46] <sbalneav> So, your slapd isn't running
[04:47] <andrupal> Yet I get no errors when I start it?
[04:47] <sbalneav> how are you starting it?
[04:47] <LaserJock> sbalneav: so what did you do to fix nbd?
[04:47] <sbalneav> LaserJock: Turned out to be easier than I thought.
[04:48] <sbalneav> it's prolly a 4 line patch.
[04:48] <LaserJock> oh, nice
[04:48] <sbalneav> What's the BEST way to produce a patch to send to you?
[04:48] <LaserJock> sbalneav: debdiff is nice
[04:49] <sbalneav> Keeping in mind that I'm good at coding, but NOT good at packaging things, how would I go about doing that?
[04:49] <sbalneav> :)
[04:49] <LaserJock> heh
[04:50] <sbalneav> I'm sure my motu-and-main-friend can gimme a quick pointer :)
[04:50] <sbalneav> andrupal: How are you starting slapd?
[04:51] <andrupal> using init.d
[04:51] <sbalneav> Try this:
[04:51] <sbalneav> invoke-rc.d slapd start
[04:52] <LaserJock> sbalneav: quick version: get source packge, make changes, add changelog entry with dch -i, then debuild -S to create new source package
[04:52] <sbalneav> ok
[04:52] <LaserJock> version should be 1:2.9.3-3ubuntu1 and gutsy the release in the changelog
[04:52] <LaserJock> I gotta run an errand
[04:52] <LaserJock> I'll be back in a little bit
[04:53] <andrupal> sbalneav:  tried it, no difference in grep results
[04:54] <sbalneav> LaserJock: ok
[04:54] <sbalneav> ping me
[04:54] <sbalneav> andrupal: ok, so, something's not kosher with your slapd setup.
[04:54] <sbalneav> First, go have a look in either /var/log/messages, or /var/log/daemon.log
[04:55] <sbalneav> if slapd's unhappy with something, it should be in there.
[04:56] <andrupal> neither log shows anything recent...
[04:58] <andrupal> should I purge and reinstall slapd?
[04:59] <sbalneav> No
[04:59] <sbalneav> Hmm
[04:59] <sbalneav> take a look in /var/log/syslog
[04:59] <andrupal> Ok there it is...
[05:00] <andrupal> Hang on...I need to log into chat on the same machine...
[05:02] <andrew____> Andrew is same as andrupal
[05:03] <andrew____> Here's the log message: Jun 23 22:51:55 ubuntu slapd[12665] : @(#) $OpenLDAP: slapd 2.3.30 (Dec 13 2006 15:54:43) $ ^Ibuildd@palmer:/build/buildd/openldap2.3-2.3.30/debian/build/servers/slapd
[05:03] <andrew____> Nothing else shows up relevant to ldap
[05:06] <sbalneav> anything in /var/lib/ldap?
[05:07] <andrupal> it's a directory full of files
[05:10] <sbalneav> Did you do an initial slapadd?
[05:10] <andrupal> Yes, using an ldiff file..I think some of them took, though there were errors...
[05:12] <sbalneav> ok
[05:12] <sbalneav> blow away everything in /var/lib/ldap
[05:12] <sbalneav> re-run the slapadd
[05:12] <sbalneav> and paste me the errors you get.
[05:13] <Burgundavia> yay for ldap
[05:16] <andrew____> #/etc/ldap/slapd.conf: line 102: rootdn is always granted unlimited privileges.
[05:16] <andrew____> #/etc/ldap/slapd.conf: line 119: rootdn is always granted unlimited privileges.
[05:16] <andrew____> #Error, entries missing!
[05:16] <andrew____> # entry 1: dc=example,dc=net
[05:18] <andrupal> Ok  fixed slapd.conf
[05:18] <sbalneav> Hmmm, big thunderstorm going on here.
[05:18] <sbalneav> If I drop offline, that's what it is.
[05:19] <andrew____> see http://paste.ubuntu-nl.org/26966/ for new errors
[05:22] <andrew____> OK having deleted all from /var/lib/ldap, the only error I get is Error, entries missing!
[05:22] <andrew____>   entry 1: dc=example,dc=net
[05:24] <sbalneav> You have to re-blow away everything in /var/lib/ldap again
[05:24] <andrupal> OK I got ldapadd to run without error...now an ldapsearch for one of these users yeilds same ldap_bind: Can't contact LDAP server
[05:25] <sbalneav> is slapd running?
[05:25] <andrupal> No, grep gives same as before
[05:26] <sbalneav> Have you tried to re-start it?
[05:26] <andrupal> just did
[05:26] <sbalneav> So, it's still not running.
[05:26] <sbalneav> until you get that fixed, ldap search is not going to work
[05:27] <andrupal> no...but also no error upon restart
[05:27] <sbalneav> What's in /etc/default/slapd?
[05:28] <andrew____> See http://paste.ubuntu-nl.org/26967/
[05:31] <sbalneav> Do this: which slapd
[05:32] <andrew____> returns # /usr/sbin/slapd
[05:32] <sbalneav> k
[05:32] <sbalneav> /usr/sbin/slapd
[05:32] <sbalneav> we'll run it directly from the command line
[05:32] <sbalneav> What does that do?
[05:33] <andrew____> root     13972     1  0 23:33 ?        00:00:00 /usr/sbin/slapd
[05:33] <andrew____> root     13977  9398  0 23:33 pts/0    00:00:00 grep slapd
[05:33] <sbalneav> ok
[05:34] <andrew____> is what grep returns
[05:34] <sbalneav> so, now you got a running slapd
[05:34] <andrew____> whew...what a grunt.
[05:34] <sbalneav> Lets leave the fact that there's something wrong with your init script
[05:34] <sbalneav> and see if your ldapsearch runs now
[05:35] <andrew____> yippee...searching my name gives me back my info!
[05:35] <sbalneav> Well, we've still got the problem of why your slapd isn't working
[05:35] <sbalneav> properly
[05:36] <andrew____> (aside: Is there something wrong only with MY init script, or is this a bug, perhaps...? )
[05:36] <andrew____> Now what?
[05:36] <sbalneav> I doubt it's a but
[05:36] <sbalneav> bug
[05:36] <sbalneav> probably a step that got missed somewhere
[05:36] <sbalneav> lets do this
[05:36] <sbalneav> pkill slapd
[05:37] <sbalneav> then edit /etc/default/slapd
[05:37] <sbalneav> edit the line that says: SLAPD_USER="openldap"
[05:37] <sbalneav> make it look like:
[05:37] <sbalneav> SLAPD_USER=""
[05:37] <sbalneav> then lets see if you can start it with invoke-rc.d slapd start
[05:38] <andrew____> ok, done
[05:38] <andrew____> grep gives
[05:38] <andrew____> root     14126     1  0 23:38 ?        00:00:00 /usr/sbin/slapd -g openldap
[05:38] <andrew____> root     14137  9398  0 23:38 pts/0    00:00:00 grep slapd
[05:39] <sbalneav> try your ldapsearch now
[05:39] <andrew____> works
[05:39] <sbalneav> ok
[05:39] <sbalneav> congrats, you're working
[05:39] <andrew____> !!
[05:40] <andrew____> This is a huge help...as far as a roadmap for setting up samba, I've seen a few tutorials around...does Ubuntu have anything worth following?
[05:41] <sbalneav> Off the top of my head, I dont know
[05:41] <sbalneav> Google is your friend.
[05:42] <andrew____> Yes...I thought so...but then I spent a week following tutorials that didn't work
[05:42] <sbalneav> There's lots of good info out there, but every ldap setup's slightly different.
[05:43] <sbalneav> There's no "do this and everything will work" tutorial out there, that I've ever seen.
[05:43] <sbalneav> Single sign-on's a big, complicated topic :()
[05:43] <andrew____> Yes...it doesn't help that I'm totally new to Linux...a bit kamikaze...I'm fumbling around in the dark and learning quite a lot as I go...but not gracefully!
[05:44] <sbalneav> You're doing thin client as well?
[05:44] <andrew____> That's the hope.  I've had that working on its own...but I'll need to authenticate it against LDAP
[05:45] <sbalneav> So, lemme get this straight, you're new to linux, and decided to pick arguably the two most COMPLICATED end user tasks, thin client and ldap, to do first? :)
[05:46] <sbalneav> Dude, run it as a desktop for a few months, at least, get your feet wet :)
[05:46] <sbalneav> No rush, we'll still be here :)
[05:46] <andrew____> That's what the job calls for...it's a school network and I've got to make some decisions about whether to really try going for Open Source or stick to the safety of Windows GUIs
[05:48] <andrew____> This is a big test to see how feasible it all is...I'm taking the summer to backtrack and really learn what the hell I'm doing...
[05:48] <sbalneav> I converted my organization 7 years ago to Linux on the desktop.  Trust me, it's feasible :)
[05:49] <sbalneav> We use ldap
[05:49] <sbalneav> Do you have Active Directory now?
[05:49] <Burgundavia> ldap has a nasty learning curve
[05:49] <sbalneav> it does
[05:49] <andrew____> No infrastructure at all...actually.  We're just starting up.
[05:50] <Burgundavia> where do you live?
[05:50] <sbalneav> Ah, well then, if you're just starting up, and don't have any windows boxen, then you won't need samba
[05:50] <sbalneav> How many desktops are you planning on supporting?
[05:51] <andrew____> 45 thin clients, 15 laptops, 10 desktops
[05:51] <andrew____> I'm inside the NYCDOE and the larger network is Windows centric...we can't even buy machines without it pre-installed!
[05:52] <sbalneav> Well, for thin clients, you won't need to buy new
[05:52] <sbalneav> Betcha the school division has a "used computer" reclaimation centre?
[05:53] <andrew____> we've already got some great Optiplex G270s being donated by Columbia...
[05:53] <sbalneav> What are they, pentium II's?
[05:53] <andrew____> Pentium 4!  Is this a waste of a machine?
[05:54] <sbalneav> Um, yeah :)
[05:54] <sbalneav> I got 165 desktops that are 500mhz celeron-equiv
[05:54] <andrew____> So we should run these as thick clients instead?
[05:54] <sbalneav> they're via edens.
[05:55] <sbalneav> Well, if that's what you got, they'll make great thin clients.  The REAL savings with a thin client's in the lack of management.
[05:55] <sbalneav> But you can get away with a lot less.
[05:55] <sbalneav> Anything Pentium II 600 or better is going to do great.
[05:56] <andrew____> Yes, that was the draw for me...that and the centralized desktop control in the classroom...being a teacher.
[05:56] <andrew____> These puppies even have gigabit ethernet.
[05:57] <sbalneav> I guess what I'm saying is, if it's a case of getting 20 of the P4's or a 100 of a PII, go for the 100 :)
[05:57] <andrew____> Right...I don't think we have those choices...but I love the idea of working with students to refurbish and recycle old machines.
[05:57] <sbalneav> LaserJock: back from your errand?
[05:57] <andrew____> this is a math, science, and eng school.
[05:58] <sbalneav> Ah, lots of good stuff for you then.  What the heck's the name of the OSS program that's like Mathematica?  Hmmm.
[05:58] <sbalneav> There's also a GNU stats pack program
[06:00] <andrew____> I'll keep poking around...I've been playing with much of the ed freeware, and thus far it seems kind of hit or miss...to be expected I guess.  I'm interested in TI Labview but they make you pay gads for it, even the Linux version...
[06:01] <andrew____> I need to go to bed, but I thank you profusely for your help...great to have this channel!  Will definitely be back..hopefully I'll help another...far in the future.
[06:02] <sbalneav> No problem.
[06:02] <andrew____> Cheers!
[06:02] <sbalneav> You'll find me here and in #ltsp
[06:02] <sbalneav> cheers
[06:37] <LaserJock> sbalneav: I am for a sec
[06:37] <sbalneav> hey hey
[06:38] <LaserJock> were you able to get a debdiff
[06:38] <sbalneav> ok, I did the debbuild -uc -us -S
[06:38] <LaserJock> k
[06:38] <sbalneav> What next
[06:39] <LaserJock> debuild <oldpackage>.dsc <newpackage>.dsc
[06:39] <LaserJock> sorry, debdiff
[06:40] <sbalneav> Puuurty
[06:40] <sbalneav> Mail that to you?
[06:41] <LaserJock> yep
[06:41] <sbalneav> addy?
[06:41] <LaserJock> mantha at ubuntu.com
[06:41] <LaserJock> brb
[06:44] <sbalneav> sent
[06:52] <Burgundavia> http://education.zdnet.com/?p=1118
[07:00] <sbalneav> Well, it's been a long day weeding the garden, and fixing nbd
[07:00] <sbalneav> night all
[07:02] <LaserJock> bah, just missed him
[07:03] <Burgundavia> hmm, Userful finally turned off my email and remote access
[07:04] <LaserJock> Burgundavia: what do you make of that zdnet article?
[07:04] <Burgundavia> somebody got sucked in to test stuff
[07:04] <Burgundavia> nothing much
[04:54] <sbalneav> Morning
[04:54] <sbalneav> ogra: ping
[04:54] <ogra> http://people.ubuntu.com/~ogra/ltspfs-hal-root.png
[04:54] <ogra> sbalneav, hey hey :)
[04:54] <ogra> any news on the nbd front ?
[04:54] <sbalneav> Fixed
[04:55] <ogra> really ?? o_O
[04:55] <ogra> woah
[04:55] <sbalneav> Sent off a debdiff to LaserJock last night
[04:55] <sbalneav> But I forgot something
[04:55] <ogra> hmm, no upload
[04:55] <sbalneav> In nbdrootd
[04:55] <sbalneav> you need to change the nbd-server line to:
[04:55] <ogra> thats ltsp side
[04:55] <sbalneav> right
[04:56] <sbalneav> nbd-server 0 $1 -C /dev/null > /dev/null 2>&1
[04:56] <sbalneav> the -C /dev/null is to give it an empty config file
[04:57] <sbalneav> the redirect to /dev/null's because then it barfs out a glib "WARNING: empty config file bla blah"
[04:57] <happywithed> Hello there
[04:58] <sbalneav> since inetd just uses socket 0 (stdin) and internally, the program closes stdou, and stderr, you can just ignore the warings.
[04:58] <sbalneav> that fixes the problem.
[04:58] <sbalneav> And Wouter's off my christmas card list this year :)
[04:59] <happywithed> Is it possible to connect an edubuntu desktop with the NFS and LDAP installed in the classroom server?
[04:59] <sbalneav> Yes
[05:00] <sbalneav> ogra: Cool on the hal!  What'd you have to do for that?
[05:00] <ogra> sbalneav, well, if he adds it upstream you can add him back ;)
[05:00] <ogra> sbalneav, http://paste.ubuntu-nl.org/27019/
[05:00] <happywithed> I have a classroom setup with 15 light clients, but would like to connect an additional edubuntu desktop
[05:00] <happywithed> sbalneav: how do I do that?
[05:01] <happywithed> I am running Feisty Fawn on both the classroom server and the desktop
[05:02] <ogra> sbalneav, if hal wouldnt be so ugly to have on clients, we could just punt the output of lshal from the client through the tunnel into the servers hal ... and omit the /dev and sysfs entries, that way we have access to all info
[05:02] <sbalneav> happywithed: https://help.ubuntu.com/community/LDAPClientAuthentication should get you started
[05:03] <sbalneav> ogra: Yeah, we'll need to properly get HAL going on the clients eventually.
[05:03] <ogra> thats no prob
[05:03] <ogra> just install it :)
[05:03] <happywithed> sbalneav: thanks, I'll check it out.  How about the NFS? Any pointers there?
[05:03] <ogra> with the unionfs it will run like a charm
[05:03] <ogra> but its eating ram :/
[05:04] <sbalneav> happywithed: Google is your friend.  Add you /home dir to /etc/exports on the server, then an fstab entry on the "client" to mount it.
[05:04] <sbalneav> I'm pretty happy with the nbd thing.
[05:04] <ogra> its tempting to be able to just move all info 1:1 into the sessions hal...
[05:05] <sbalneav> yeah
[05:05] <happywithed> sbalneav: thanks
[05:06] <sbalneav> Hopefully, we should be able to make tribe 2
[05:06] <ogra> sbalneav, so why hasnt the debdiff been uploaded ?
[05:07] <sbalneav> Dunno, I sent it to LaserJock late last night
[05:07] <sbalneav> want me to send it to you now?
[05:07] <ogra> yeah
[05:07] <ogra> we need it fixed for the tribe cd
[05:07] <sbalneav> k
[05:07] <happywithed> BTW, is it possible to completely take out the LDAP server from the Classroom client to place it in its own dedicated physical server?  That way I can use the LDAP server for other classrooms.
[05:07] <sbalneav> gimme 2 seconds
[05:08] <ogra> freeze is ahead, i dont want to have endless discussions about the patch because i upload during a freeze...
[05:08] <sbalneav> happywithed: have a separate sever for ldap?  Easy enough, but with only a few clients, ldap's not going to overload anything
[05:10] <stgraber> ogra: when is the freeze ? Monday, Tuesday ?
[05:10] <happywithed> sbalneav: Yes, you are right, but my server is not powerful enough to handle another classroom.  So I am going to setup another server for the second classroom and would like both servers to share the same LDAP server.
[05:10] <ogra> Monday i think
[05:10] <sbalneav_> Evil me
[05:10] <stgraber> I also think so as henrik asked me to have a working tracker by Monday :)
[05:10] <ogra> we should see that we have the big chunk of chages in before ..
[05:11] <ogra> small changes to fix bugs we find are no problem during freezes
[05:11] <ogra> but adding 500 lines or so is a prob
[05:11] <sbalneav_> Sorry, that line should be:
[05:11] <sbalneav_> /bin/nbd-server 0 $1 -r -C /dev/null > /dev/null 2>&1
[05:11] <ogra> yep
[05:12] <sbalneav> forgot the -r
[05:12] <ogra> i understand ... i already changed it locally while trying to get 2.9 running
[05:12] <ogra> indeed it didnt help :)
[05:12] <sbalneav> Check your mail there, ogra
[05:13] <stgraber> sbalneav: Mind sending me a copy of the debdiff ? so I can play with it here :)
[05:13] <ogra> err
[05:13] <ogra> thats all ???
[05:13] <sbalneav> I did have an email from LaserJock, saidhe got into a discussion and couldn't get it uploaded.  Said the email should be changed so that I get credit for the fix.  I couldn't care less about that, just do the fix as yourself ogra.
[05:13] <sbalneav> yeah
[05:14] <sbalneav> Turned out to be easier than I thought
[05:14] <ogra> lol
[05:14] <sbalneav> took me 3 hours of tracing to come up with that, though :)
[05:14] <ogra> 1h for every added line
[05:14] <sbalneav> One wonders WHY he took it out.
[05:15] <sbalneav> since it's SO F****** SIMPLE to leave in
[05:15] <sbalneav> stgraber: Sure, what's yer addy?
[05:15] <stgraber> stgraber@ubuntu.com
[05:15] <sbalneav> 1 sec
[05:16] <sbalneav> sent
[05:17] <sbalneav> make sure you patch your nbdrootd in /usr/sbin as well with that line I pasted.
[05:23] <sbalneav> ogra: tried it yet?
[05:24] <ogra> building the package
[05:28] <ogra> perfect !
[05:29] <ogra> uploaded
[05:31] <sbalneav> It work?
[05:33] <ogra> sure
[05:33] <ogra> you should have a reciept mail from launchpad for the upload
[05:35] <sbalneav> cool
[05:35] <ogra> https://launchpad.net/ubuntu/gutsy/+queue?queue_state=2&queue_text=nbd
[05:35] <ogra> there we go
[05:36] <sbalneav> glad we got THAT one sorted
[05:36] <ogra> yeah
[05:36] <ogra> 2.9.3-3ubuntu1 should be in the archive in about 2h
[05:36] <ogra> i'll fix nbdrootd alongside
[05:40] <sbalneav> ok
[05:41] <sbalneav> Well, kiddies want some breakfast.
[05:41] <sbalneav> I'll be on later tonight, get back to ldm :)
[05:41] <sbalneav> Laster all!
[05:41] <sbalneav> thx ogra
[05:42] <Yagisan> highvoltage, you here ?
[05:47] <highvoltage> Yagisan: indeed
[05:47] <Yagisan> great
[05:48] <Yagisan> was browsing through the wiki, and saw your name next too masochists interested in FullyAutomaticSwapServer
[05:48] <Yagisan> thats was speced for edgy - did that get implemented in feisty ?
[05:49] <Yagisan> as in firefox freezes on them O_O
[05:52] <Yagisan> I've killed him! noooooo!
[05:54] <highvoltage> Yagisan: yes, it did
[06:02] <stgraber> cool, nbd-server now works just fine, I just can't open a session (greater then black screen with waiting-cursor ...)
[06:02] <stgraber> maybe a ssh problem somewhere
[06:03] <Yagisan> highvoltage, oh ? what magic incantation do I need to pass to ltsp-build-client
[06:04] <highvoltage> Yagisan: afaik, it should work out of the box
[06:04] <highvoltage> Yagisan: have you checked whether it made a swap file?
[06:04] <Yagisan> highvoltage, I'm not an out of the box guy - I have been taking stock ubuntu and addind the ltsp packages to them
[06:06] <highvoltage> Yagisan: eesh, I don't know then
[06:10] <andrew____> I have a client that I was trying to set up with LDAP authentication and I must have messed up the libnss-ldap.conf file (I think I forgot to make bind-policy soft)  and now it hangs during boot.  How can I bypass the desktop and go straight to command line to fix this?
[06:12] <andrew____> I should speecify...this is a thick client...
[06:13] <pitux> #ubuntu-cl
[06:14] <stgraber> hi andrew____
[06:15] <andrew____> howdy!  back at it.
[06:16] <stgraber> ok, I think you'll have the exact same problem using the shell as using gdm as it's probably the nss/pam that cause the problem
[06:16] <stgraber> if switching to tty1 (ctrl+alt+f1) doesn't help, you may want to boot a livecd to fix the config files, then reboot
[06:17] <andrew____> by livecd you mean a CD image of ubuntu-desktop?
[06:18] <stgraber> yes
[06:19] <andrew____> Should I use the "rescue a broken system" option?
[06:20] <stgraber> this one is more for MBR issues, simply boot the CD
[06:22] <andrew____> Having trouble getting it to simply boot from disk...may be a bad cd burn
[06:26] <andrew____> Ok found a good copy...starting in "safe graphics mode"
[06:30] <stgraber> got to go for a moment, once on the desktop, simply double-click your harddisk in a nautilus window, it'll mount it and let you see its content
[06:34] <andrupal> OK having some trouble editing the libnss-ldap.conf file in safe mode...
[06:34] <andrupal> The file appears to to exist...
[06:34] <andrupal> not to exist, rather
[06:35] <andrupal> Am I missing something obvious here?
[06:35] <Yagisan> O_O error: LTSP client installation ended abnormally
[06:44] <stgraber> andrupal: ok, open a terminal and become root (sudo -s)
[06:45] <stgraber> andrupal: then mount your root partition : mount /dev/hda1 /mnt (assuming it's hda1, it can also be sda1)
[06:46] <andrupal> I've already started a reinstall of desktop...perhaps hasty...
[06:46] <stgraber> ok :)
[06:47] <stgraber> Just a small tip, when you are editing the network auth stuff, always keep a root shell opened somewhere and don't reboot before you are sure everything is working :)
[06:50] <andrupal> not entirely sure how to do this yet...how do you test boot authentication without rebooting?
[06:53] <stgraber> you can use : login
[06:53] <stgraber> from a root shell
[07:08] <highvoltage> 9/win 11
[08:23] <andrupal> ack...just had the same thing happen again while editing libnss-ldap.conf it seems I'm locked out of the client
[08:25] <andrupal> I went to search getent group example and the shell froze up...
[08:27] <andrupal> Now I'm running desktop from livecd...how do I get into the libnss-ldap.conf file to edit?
[09:18] <andrupal> trying to add users in LDAP Administration Tool and it fails, saying "Strong Authentication Required"
[09:18] <andrupal> any clue as to why?
[10:20] <sbalneav> Afternoon all
[10:20] <andrupal> Howdy
[10:20] <andrupal> Still slogging away at LDAP here
[10:20] <sbalneav> Got my own problems
[10:21] <sbalneav> Air con died in machine room sometime last night.
[10:21] <sbalneav> Got a call this Am, and came in.
[10:21] <andrupal> Yikes
[10:21] <sbalneav> 96 degrees in the core room
[10:21] <sbalneav> I'm picking up the pieces now.
[10:22] <andrupal> I can tell you how a compressor creates cold
[10:23] <sbalneav> That's ok, I know how refrigeration works.
[10:23] <andrupal> About all I have to offer at this point;)
[10:26] <andrupal> I'm getting stuck adding new users to slapd :  database already in use errors...
[10:27] <sbalneav> how are you adding them?
[10:28] <andrupal> tried a GUI "LDAP Administration Tool" to no avail (strong authentication required errors)  now back using init.ldif
[10:28] <sbalneav> You're not using slapadd, are you?
[10:28] <andrupal> yes
[10:29] <sbalneav> bzzt.
[10:29] <sbalneav> from the slapadd manpage:
[10:29] <sbalneav> "Your slapd server should not be running when performing slapadds"
[10:29] <sbalneav> use gq
[10:29] <sbalneav> apt-get install gq
[10:30] <andrupal> It seems already to be installed
[10:30] <sbalneav> start it up then,
[10:30] <sbalneav> add your server
[10:30] <sbalneav> (localhost)
[10:31] <sbalneav> you got a book on LDAP?
[10:32] <andrupal> Sort of...I've got some chapters in an O'Reilly Linux System Admin book....and a Samba book
[10:32] <sbalneav> O'Reilly has a couple of good ones.  "LDAP systems administration" is highly recommended/
[10:32] <ath> do you get an LDAP if you install ltsp server?
[10:32] <sbalneav> LDAP is a huge, HUGE topic
[10:32] <sbalneav> ath: no
[10:32] <sbalneav> if you want, you can GET ldap going for users with LTSP
[10:33] <andrupal> i.e. I should install ltsp?
[10:33] <ath> because I am looking to set up a network for our small school and I am considering edubuntu but I don't want to use gnomw
[10:33] <ath> gnome
[10:34] <sbalneav> gnome's got nothing to do with LDAP
[10:34] <sbalneav> LDAP's a Lightweight Directory Access Protocol
[10:34] <andrupal> sbalneav: does gq add users or is it just a browser
[10:34] <ath> I know but I need a graphical way of doing things
[10:34] <sbalneav> GQ can add
[10:34] <sbalneav> ath: so use GQ
[10:35] <ath> what is GQ
[10:35] <sbalneav> A graphical interface to ldap
[10:35] <ath> oh, neat
[10:36] <andrupal> So it try adding a user in gq and it says modifications require authentication
[10:36] <ath> is LDAP better than using edubuntu because I don't really want all the programs that come with it
[10:37] <andrupal> Again:  stronger authentication required
[10:37] <sbalneav> andrupal: you need to bind to LDAP as the ldap owner ID
[10:37] <andrupal> I see, so that means if "andrew" is the user, "andrew" also needs to be the ldap owner?
[10:37] <sbalneav> As part of setting up the database, you should have created a user, like ldapadmin, or admin, that has write access to the database
[10:38] <sbalneav> You need to bind to ldap as that user.
[10:38] <sbalneav> no
[10:38] <andrupal> Do I need to create a user in Ubuntu called "admin" and then login as this user?
[10:38] <sbalneav> andrew would be a regular user
[10:38] <sbalneav> You need to bind as your ldap "root" user, so you have write access.
[10:38] <andrupal> How can I get the desktop apps to bind as "admin"
[10:39] <sbalneav> You set that up in the binddn in gq
[10:39] <ath> is edubuntu ldap then?
[10:39] <sbalneav> ath: no
[10:40] <sbalneav> ldap is a subsystem that can be installed and set up
[10:40] <andrupal> Where's binddn in gq?
[10:40] <sbalneav> it's not there by default
[10:40] <ath> I see
[10:40] <sbalneav> andrupal: in the server setup
[10:41] <sbalneav> my binddn's cn=ldapadmin,dc=legalaid,dc=mb,dc=ca
[10:41] <sbalneav> where ldapadmin's the userid that's the owner
[10:41] <andrupal> I don't see a "server setup" ...is this in a config file or part of the GUI?
[10:42] <andrupal> Oh... in the DN for example.net?
[10:42] <sbalneav> in your slapd.conf, you set the rootdn with the rootdn keyword, and it's password with the rootpw keyword
[10:42] <sbalneav> andrupal: I don't have gq runing right now.
[10:43] <sbalneav> So I can't tell you exactly where it is.
[10:43] <andrupal> right...but then you're saying gq has a setting for this as well?
[10:43] <sbalneav> yes
[10:43] <sbalneav> it does
[10:43] <sbalneav> I know, because I use it.
[10:44] <andrupal> I believe you...so far you have done me right!
[10:45] <sbalneav> what's the value of your "rootdn" and "rootpw" keywords in your slapd.conf?
[10:46] <andrupal> admin and the rootw is an SSHA string
[10:46] <sbalneav> just "admin"?
[10:46] <andrupal> yes
[10:46] <sbalneav> That's not right.
[10:46] <sbalneav> You'll need something like:
[10:47] <sbalneav> "cd=admin,dc=example,dc=net"
[10:47] <andrupal> Oh yes,,,that's what it says.
[10:47] <andrupal> I think I found the place in gq where this is set.
[10:48] <sbalneav> brb, gotta bring another piece of the puzzle back online.
[11:10] <sbalneav> back
[11:10] <andrupal> helluva time getting gq to authenticate the root user for LDAP...anyone know this beast (LDAP) well enought to tame it?
[11:11] <andrupal> howdy sbalneav
[11:11] <andrupal> Tried setting up the server settings in gq to no avail
[11:12] <andrupal> under servers->localhost
[11:12] <andrupal> ->edit  I set the dn identical to that in slapd.conf
[11:14] <andrupal> What authentication (bind type) am I using...simple, kerberos, or sasl?
[11:16] <sbalneav> simple
[11:16] <cliebow2> complex
[11:16] <andrupal> even if rootpw is SSHA string?
[11:17] <cliebow2> simple to you is..well..
[11:18] <andrupal> After all is submitted, I'm getting: server "localhost" not found, errors.
[11:23] <LaserJock> sbalneav: around?
[11:24] <sbalneav> LaserJock yep
[11:24] <sbalneav> andrupal: ok, lets try this
[11:24] <sbalneav> your base dn's dc=example,dc=com, right?
[11:24] <sbalneav> or is it net?
[11:24] <sbalneav> I can't remember
[11:25] <sbalneav> lets do this:
[11:25] <sbalneav> ldapsearch -h localhost -b "dc=example,dc=net
[11:26] <sbalneav> ldapsearch -h localhost -b "dc=example,dc=net" -x "(uid=*)"
[11:26] <sbalneav> sorry the second one
[11:26] <sbalneav> LaserJock: What's up?  Saw your email, I sent it on to ollie
[11:26] <sbalneav> it's been uploaded \o/!
[11:27] <sbalneav> LaserJock: I'm in at work.  Aircon died in the system room, I'm nursing 20+ servers back to life.
[11:27] <sbalneav> andrupal: did that command work?
[11:27] <andrupal> OK a nice output with ldif-looking stuff, including all I added from init.ldif
[11:28] <sbalneav> ok
[11:28] <sbalneav> so, that was an anonymous bind
[11:28] <sbalneav> Now we'll try a bind as the ldap admin.
[11:28] <LaserJock> sbalneav: so did ollie upload it?
[11:28] <sbalneav> gimme a sec to test.
[11:28] <sbalneav> LaserJock: Yep!
[11:28] <sbalneav> Done like dinner.
[11:29] <sbalneav> ldapsearch -h localhost -b "dc=example,dc=net"  -D -x "(uid=*)"
[11:30] <sbalneav> ldapsearch -h localhost -b "dc=example,dc=net"  -D "cn=admin,dc=example,dc=net" -w XXYOURPASSWDXX -x "(uid=*)"
[11:30] <sbalneav> where XXYOURPASSWDXX is the password it asked you for when you installed ldap
[11:30] <LaserJock> sbalneav: awesome, great
[11:31] <LaserJock> I'm glad that was such an easy fix
[11:31] <sbalneav> LaserJock: it's a load off my mind, let me tell you."
[11:31] <sbalneav> It was 3 hours of digging into the source.
[11:31] <sbalneav> I've got to see if Wouter will accept it upstream
[11:31] <sbalneav> I'm hoping since it's so simple, he will.
[11:32] <andrupal> sbalneav, the 2nd you gave returns similar output
[11:33] <andrupal> the first gives invalid dn syntax error
[11:34] <sbalneav> that was a mistype
[11:34] <andrupal> ok
[11:34] <sbalneav> ok, so that means that you can bind as the binddn, with the right password.
[11:34] <sbalneav> so it should work within gq
[11:35] <sbalneav> if not, you can use the command ldapadd
[11:35] <sbalneav> not slapadd, but ldapadd
[11:35] <sbalneav> that will actually do a bind to the database
[11:36] <sbalneav> slapadd just tries to write the database files directly
[11:38] <andrupal> Oh how I would prefer a GUI for this type of thing, though...
[11:39] <andrupal> Just to confirm...I'm setting up file->preferences->servers->localhost in gq
[11:40] <sbalneav> Dude, like I say, I don't have access to it at the moment.
[11:40] <andrupal> OK...no prb
[11:40] <sbalneav> When in doubt, read the manual, and google.
[11:43] <sbalneav> brb, next server ready to online
[11:57] <andrupal> so strange...I can get gq to browse when it doesn't have any bind dn entered...but as soon as I include the bind dn and password in the server setup info, it just hangs up during the search...
[12:04] <etank> is there a mata package that can be used to install all of the educational apps that come by default with an edubuntu install?
[12:08] <etank> but without installing gnome
[12:09] <etank> i want to get all of the default apps for edubuntu loaded on a xubuntu box
[12:09] <etank> the easiest way possible
[12:12] <LaserJock> hmm
[12:12] <LaserJock> you might just use the Edubuntu addon cd
[12:13] <LaserJock> we're going to get better metapackage sets for gutsy
[12:14] <etank> no big deal
[12:14] <etank> i just have to do it once
[12:14] <etank> and then replicate it to the rest of the boxes that i have
[12:15] <LaserJock> which apps are you interested in?
[12:15] <etank> all of the educational stuff
[12:15] <etank> gcompris, tuxmath, etc
[12:15] <LaserJock> heh, that's kinda broad :-)
[12:16] <etank> https://wiki.ubuntu.com/KentuckyTeam/CharityProject/PackageList  <---- that sums it up :)
[12:16] <sbalneav> back
[12:16] <etank> of course that was taken from the edubuntu site though
[12:18] <andrupal> any ideas why "dc=example,dc=net" would be giving an invalid dn syntax in LDAP administration tool?
[12:19] <sbalneav> andrupal: hold on, I've got enough back up to get x going, I'll head upstairs and get gq fire up