Haut de page

Configuration de MacOS X Server Annexes



Impossibilité de créer un nouvel utilisateur [Juin 2008] 10.5.3

Lors de la création d'un nouvel utilisateur par le gestionnaire de groupe de travail (workgroup Manager), juste au début :

Erreur de type eDSRecordAlreadyExists (-14135) sur la ligne 1189 de /SourceCache/WorkgroupManager/WorkgroupManager-319.1.1/PMMUGMainView.mm

Cela semble venir du numéro d'uid attribué qui semble déjà utilisé. Il suffit de recommencer plusieurs fois et ça remarche ! Cela m'est arrivé lorsque j'ai supprimé des utilisateurs puis créé d'autres utilisateurs.


Encore impossibilité de créer un nouvel utilisateur [Juin 2008] 10.5.3

Lors de la création d'un nouvel utilisateur par le gestionnaire de groupe de travail (workgroup Manager) : au moment ou on clique sur save, plusieurs messages :

Error of type eDSRecordNotFound (-14136) on line 255 of /SourceCache/WorkgroupManager/WorkgroupManager-319.1.1/Plugins/UserAccounts/../../Plugins/UserAccounts/UserGroupPluginView.mm

Error of type eDSRecordNotFound (-14136) on line 2002 of /SourceCache/WorkgroupManager/WorkgroupManager-319.1.1/Plugins/UserAccounts/UserAdvancedPluginView.mm

Error of type eDSRecordNotFound (-14136) on line 1347 of /SourceCache/WorkgroupManager/WorkgroupManager-319.1.1/Plugins/UserAccounts/UserVolumesPluginView.mm

L'uid a pris la valeur Untitled_1, chose très étrange, l'aborescence LDAP n'a pas créé uid=login sous cn=users puis mais au niveau au même niveau que cn=user, il y a un uid=login,cn=users et il est impossible de le détruire. Impossible non plus de renommer Untitled_1.

Solution temporaire, ne plus utiliser ce login


Sauvegarde de la configuration des MacOS X Server

Sauvegarde de MacOS X Server 10.4:

L'application de Server Admin permet de sauvegarder tous les paramètres du serveur dans une image disque protégée par un mot de passe. Il est possible de faire la meme chose en ligne de commande. Voir article sur afp548.

Sauvegarde de MacOS X Server 10.3:

Voir le script ODback.

Migration des comptes et mots de passe de MacOS X v10.3 à v10.4.

Sauvegarde des comptes et mots de passe (issu de la référence précédente)

sudo mkdir /path/to/backup_directory sudo chmod og-rxw /path/to/backup_directory sudo slapcat -l /path/to/backup_directory/server.ldif sudo mkpassdb -backupdb /path/to/backup_directory


Configurer Apple Remote Desktop en ligne de commande

Voir l'article chez Apple pour utiliser

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent


FireWall

Ouverture des ports pour l'authentification LDAP SSL

  1. Lors du démarrage, le poste client fait des accès au port TCP 636 (Secure LDAP). Voir ici pour la mise en place de SSL sur LDAP.
  2. Lors de l'authentification, accès au port TCP 106 (Password Server 106 et 3659).

Montage du répertoire utilisateur

  1. Accès au port 548 (Apple File service).

Ouverture des ports pour le Workgroup Manager

  1. Accès au port 625 (Remote Directory Access)

Ouverture des ports pour le Remote Desktop

  1. Voir ici pour les ports 3283 et 5900

Connexion ssh sur un client utilisant l'authentification LDAP et le montage afp [février 2005]

Voici le compte lorsque qu'on se connecte en ssh sur une machine (autre que le serveur) utilisant un montage afp pour le compte :

d--------- 3 tp1 unknown 264 11 Jan 15:03 Desktop d--------- 9 tp1 unknown 264 1 Feb 10:24 Documents d--------- 18 tp1 unknown 568 24 Jan 11:33 Library d--------- 3 tp1 unknown 264 11 Jan 15:03 Movies d--------- 3 tp1 unknown 264 11 Jan 15:03 Music d--------- 3 tp1 unknown 264 11 Jan 15:03 Pictures dr-xr-xr-x 4 tp1 unknown 264 11 Jan 15:03 Public dr-xr-xr-x 6 tp1 unknown 264 11 Jan 15:03 Sites

Quand on ne voit pas que ceci !

machine:~ tp1$ ls -al drwxr-xr-x 4 tp1 staff 136 1 Feb 23:28 Library

Bref, on ne peut rien faire car le montage de la partition a été faite (au démarrage de la machine ?) en invité. Pour obtenir les droit corrects il faut utiliser la commande mnthome (exécutable livré avec MacOS X server qui fonctionne très bien sur MacOS 'non server').

tp1$ mnthome Password: AFP mount information for /private/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/Invites The sharepoint (Invites) was mounted with authentication by: tp1

On obtient ceci

drwx------ 8 tp1 staff 264 2 Jun 2004 Desktop drwx------ 4 tp1 staff 264 5 Jul 2004 Documents drwx------ 22 tp1 staff 704 1 Oct 18:28 Library drwx------ 3 tp1 staff 264 14 May 2004 Movies drwx------ 3 tp1 staff 264 14 May 2004 Music drwx------ 3 tp1 staff 264 14 May 2004 Pictures drwxr-xr-x 5 tp1 staff 264 21 May 2004 Public drwxr-xr-x 6 tp1 staff 264 14 May 2004 Sites

C'est bien mais ce n'est pas vraiment prévu pour le multi-utilisateur dans la mesure où la partition est monté par le dernier qui tape mnthome !

Du coup, il faudrait par exemple que chacun ait son point de montage (alors que par défaut, le point de montage est sur le répertoire au dessus du répertoire de départ). Il faut aussi rajouter un bit 's' sinon on obtient ceci pour un autre utilisateur :

un_autre$ mnthome Unmounting of share point at /private/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/Perm failed (1 Operation not permitted). AFP mount information for /private/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/Perm The sharepoint (Perm) was mounted by: tp1 Sharepoint was mounted without authentication. Sharepoint is using synthetic permissions bits mapped from 'effective' permissions.

bref, il faudrait autre chose pour MacOS X Server 10.4 !

PS: Ca marche par contre correctement via NFS mais on ne peut pas vraiment déployer du NFS entre sous-réseaux (problèmes de routage et de sécurité).


Problèmes d'authentification [Juin 2008]

Après une mise à jour de MacOS X Server 10.5.3 certains postes client ne retrouvent pas le serveur LDAP avec des messages :

DirectoryService[48]: DSLDAPv3PlugIn: [machine] LDAP server config not updated with server mappings due to server mappings error.
DirectoryService[48]: LDAPv3: SafeOpen Can't retrieve server mappings from search base of .
DirectoryService[48]: LDAPv3: SafeOpen Cannot retrieve server mappings at this time.

Le problème provenait de l'utilitaire Utilitaire d'annuaire (Directory Utility) qui garde visiblement une mauvaise configuration. Pour corriger cela il faut :

  1. Supprimer le contenu du répertoire /Library/Preferences/DirectoryService.

Ensuite, (redémarrer ?) et recommencer la configuration de Format du Répertoire sans erreur :)

Problèmes d'authentification [Février 2005]

Je viens de passer très longtemps sur un poste client ne retrouvant pas le serveur LDAP avec des messages :

/System/Library/LoginPlugins/MCX.loginPlugin/Contents/MacOS/MCXCacher: DSOpenNode(): dsOpenDirNode("/LDAPv3/mon.server.fr") == -14002

Le problème provenait de l'utilitaire Format du Répertoire (Directory Access) qui garde visiblement une mauvaise configuration même si on la corrige. Pour corriger cela il faut :

  1. Supprimer le contenu du répertoire /Library/Preferences/DirectoryService.
  2. Supprimer tout le contenu de /config/mcx-cache dans le Gestionnaire NetInfo (NetInfo Manager).

Ensuite, (redémarrer ?) et recommencer la configuration de Format du Répertoire sans erreur :)


Sur le serveur, lors de l'authentification le Password Service Server Log contient :


Changement d'adresse IP d'un serveur

Cela doit se faire avec la commande changeip.


Sur le client, lors du démarrage de la machine, le montage des partitions et l'authentification, le fichier system.log contient :

May 21 11:29:24 localhost init: kernel security level changed from 0 to 1 May 21 11:29:27 localhost configd[89]: posting notification com.apple.system.config.network_change May 21 11:29:27 localhost configd[89]: executing /System/Library/SystemConfiguration/Kicker.bundle/Contents/Resources/enable-network May 21 11:29:27 localhost mach_init[2]: Server 22a3 in bootstrap d03 uid 0: "/usr/sbin/lookupd": exited as a result of signal 1 [pid 119] May 21 11:29:28 localhost lookupd[201]: lookupd (version 324) starting - Fri May 21 11:29:28 2004 May 21 11:29:28 localhost ConsoleMessage: Starting network file system May 21 11:29:29 localhost automount[234]: automount version 57 May 21 11:29:30 localhost automount[237]: automount version 57 May 21 11:29:31 localhost automount[234]: logout notification received. May 21 11:29:31 localhost automount[234]: requesting logout processing. May 21 11:29:31 localhost automount[237]: logout notification received. May 21 11:29:31 localhost automount[237]: requesting logout processing. May 21 11:29:31 localhost automount[234]: handle_deferred_requests: user logged out. May 21 11:29:31 localhost automount[237]: handle_deferred_requests: user logged out. May 21 11:29:31 localhost loginwindow[199]: Sent launch request message to DirectoryService mach_init port May 21 11:29:31 localhost DirectoryService[243]: Launched version 1.6 (v255.1.1) May 21 11:30:04 localhost DirectoryService[243]: InitLDAPConnection or ldap_init failure: Logging Failed LDAP connection with incomplete data May 21 11:30:05 localhost configd[89]: executing /System/Library/SystemConfiguration/Kicker.bundle/Contents/Resources/set-hostname May 21 11:30:05 localhost configd[89]: posting notification com.apple.system.config.network_change May 21 11:30:05 localhost mach_init[2]: Server 0 in bootstrap d03 uid 0: "/usr/sbin/lookupd": exited as a result of signal 1 [pid 201] May 21 11:30:06 localhost lookupd[255]: lookupd (version 324) starting - Fri May 21 11:30:06 2004 May 21 11:30:06 localhost ConsoleMessage: Loading Shared IP extension May 21 11:30:06 localhost ConsoleMessage: Starting printing services May 21 11:30:07 localhost set-hostname[301]: setting hostname to admin7.lip6.fr May 21 11:30:07 localhost ConsoleMessage: Loading IP Firewall extension May 21 11:30:08 localhost kernel: IP packet filtering initialized, divert enabled, rule-based forwarding enabled, default to accept, logging disabled May 21 11:30:08 localhost kernel: IPv6 packet filtering initialized, default to accept, logging disabled May 21 11:30:08 localhost kernel: IP firewall loaded May 21 11:30:08 localhost ConsoleMessage: Starting internet services May 21 11:30:08 localhost xinetd[309]: 309 {init_services} no services. Exiting... May 21 11:30:18 localhost /System/Library/CoreServices/ARD Agent.app/Contents/MacOS/ARD Agent: ********Launched Agent******** May 21 11:30:22 localhost loginwindow[199]: DSOpenNode(): dsOpenDirNode("/LDAPv3/serveur.lip6.fr") == -14002 May 21 11:30:40 localhost DirectoryService[243]: saving replica list to file. May 21 11:30:43 localhost kernel: AFP_VFS afpfs_mount: /private/var/automount/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/..., pid 327 May 21 11:30:44 localhost kernel: AFP_VFS afpfs_unmount: /private/var/automount/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/ May 21 11:30:44 localhost kernel: &=&Mac240;..., flags 524288, pid 199 May 21 11:30:44 localhost kernel: AFP_VFS afpfs_unmount: succeeded May 21 11:30:44 localhost kernel: AFP_VFS afpfs_mount: /private/var/automount/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/..., pid 199 May 21 11:31:23 localhost /usr/libexec/fix_prebinding: fix_prebinding quitting for now. May 21 11:49:51 localhost kernel: AFP_VFS afpfs_unmount: /private/var/automount/Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/..., flags 0, pid 199 May 21 11:49:51 localhost kernel: AFP_VFS afpfs_unmount: succeeded May 21 11:49:51 localhost loginwindow[199]: halting May 21 11:49:51 localhost shutdown: halt by tp1: May 21 11:49:54 localhost syslogd: exiting on signal 15


Depuis le poste client, ldapsearch -v -x -h serveur.lip6.fr -b "cn=config,dc=lip6,dc=fr" donne ceci (un extrait) :

ldap_init( serveur.lip6.fr, 0 ) filter: (objectclass=*) requesting: ALL # extended LDIF # # LDAPv3 # filter: (objectclass=*) # requesting: ALL # # config, lip6.fr dn: cn=config,dc=lip6,dc=fr cn: config objectClass: container # macosxodconfig, config, lip6.fr dn: ou=macosxodconfig,cn=config,dc=lip6,dc=fr ou: macosxodconfig objectClass: top objectClass: organizationalUnit description:: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCFET0NUWVBF IHBsaXN0IFBVQkxJQyAiLS8vQXBwbGUgQ29tcHV0ZXIvL0RURCBQTElTVCAxLjAvL0VOIiAiaHR0c .... IFN1ZmZpeDwva2V5PgoJPHN0cmluZz5kYz1saXA2LGRjPWZyPC9zdHJpbmc+Cgk8a2V5PlVJIE5hb WU8L2tleT4KCTxzdHJpbmc+MTMyLjIyNy43My4xOTwvc3RyaW5nPgo8L2RpY3Q+CjwvcGxpc3Q+Cg == # mcx_cache, config, lip6.fr dn: cn=mcx_cache,cn=config,dc=lip6,dc=fr cn: mcx_cache objectClass: apple-configuration objectClass: top apple-config-realname: 55AD9A52-67B5-11D8-B668-000A95D7BCD4 apple-data-stamp: A0C94C66-A5C3-11D8-8EA8-000A95D7BCD4 # ldapreplicas, config, lip6.fr dn: cn=ldapreplicas,cn=config,dc=lip6,dc=fr cn: ldapreplicas apple-ldap-replica: ldap://132.227.73.19 apple-ldap-writable-replica: ldap://132.227.73.19 objectClass: apple-configuration objectClass: top # passwordserver, config, lip6.fr dn: cn=passwordserver,cn=config,dc=lip6,dc=fr cn: passwordserver objectClass: apple-configuration objectClass: top apple-password-server-location: 132.227.73.19 # search result search: 2 result: 0 Success # numResponses: 6 # numEntries: 5

Dans l'exemple au dessus, le champs description que j'ai tronqué est codé en base 64. Il correspond au fichier macosxodconfig.xml.


ldapsearch -v -x -h serveur.lip6.fr -b "dc=lip6,dc=fr" "uid=tp1"

ldap_init( serveur.lip6.fr, 0 ) filter: uid=tp1 requesting: ALL # extended LDIF # # LDAPv3 # filter: uid=tp1 # requesting: ALL # # tp1, users, lip6.fr dn: uid=tp1,cn=users,dc=lip6,dc=fr objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: apple-user objectClass: extensibleObject objectClass: organizationalPerson objectClass: top objectClass: person sn: 99 apple-generateduid: 9960CE3E-A5B7-11D8-8EA8-000A95D7BCD4 uidNumber: 1027 apple-mcxflags:: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCFET0NUW VBFIHBsaXN0IFBVQkxJQyAiLS8vQXBwbGUgQ29tcHV0ZXIvL0RURCBQTElTVCAxLjAvL0VOIiAiaH R0cDovL3d3dy5hcHBsZS5jb20vRFREcy9Qcm9wZXJ0eUxpc3QtMS4wLmR0ZCI+CjxwbGlzdCB2ZXJ zaW9uPSIxLjAiPgo8ZGljdD4KCTxrZXk+c2ltdWx0YW5lb3VzX2xvZ2luX2VuYWJsZWQ8L2tleT4K CTx0cnVlLz4KPC9kaWN0Pgo8L3BsaXN0Pgo= loginShell: /bin/bash gidNumber: 20 uid: tp1 cn: TP1 authAuthority: ;ApplePasswordServer;0x40a4df72564595b70000000800000008,1024 35 1305596879610493126200478988963058876027273869176889841054994305932083963611 48897657156271228234946516283549630662784870911272661412275740367738244755425 81618084989547079797762827656548298568294590971365300021471988426050200815797 98199283132558949204414746009315687569748527394025767259474093836434139162995 43 root@serveur.lip6.fr:132.227.73.19 userPassword:: KioqKioqKio= apple-user-homeurl:: PGhvbWVfZGlyPjx1cmw+YWZwOi8veC1zZXJ2ZXIubGlwNi5mci9JbnZpd GVzPC91cmw+PHBhdGg+dHAxPC9wYXRoPjwvaG9tZV9kaXI+ homeDirectory: /Network/Servers/serveur.lip6.fr/Volumes/D1/Utilisateurs/Invit es/tp1 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1

Dans l'exemple au dessus, les champs apple-mcxflags , userPassword et apple-user-homeurl sont codés en base 64.

Grace au programme suivant, il est possible de les décoder.


Côté serveur (serveur.lip6.fr), le password manager contient ceci :

sudo mkpassdb -dump signature: pwfi version: 1 entrySize: 0 sequenceNumber: 8 numberOfSlotsCurrentlyInFile: 512 deepestSlotUsed: 8 deepestSlotUsedByThisServer: 8 Access Features: usingHistory=0 usingExpirationDate=0 usingHardExpirationDate=0 requiresAlpha=0 requiresNumeric=0 expirationDateGMT=4294967295 hardExpireDateGMT=4294967295 maxMinutesUntilChangePassword=0 maxMinutesUntilDisabled=0 maxMinutesOfNonUse=0 maxFailedLoginAttempts=0 minChars=0 maxChars=0 passwordCannotBeName=0 Weak Authentication Methods: SMB-NT SMB-LAN-MANAGER CRYPT APOP Public Key: 1024 35 1305596879610493126200478988963058876027273869176889841054994305932083963611488976571562712 282349465162835496306627848709112726614122757403677382447554258161808498954707979776282765654829856829459097 136530002147198842605020081579798199283132558949204414746009315687569748527394025767259474093836434139162995 43 root@serveur.lip6.fr Replica Name: (Parent) slot 0001: 0x00000000000000000000000000000001 admin 05/24/2004 09:36:49 AM slot 0002: 0x40115d5f112f55290000000200000002 admin 05/21/2004 11:45:45 AM slot 0003: 0x40115d600fe428490000000300000003 root 05/22/2004 10:43:36 AM slot 0004: 0x40115d6d14fb652e0000000400000004 vpn_000a958b4d06 01/23/2004 06:44:13 PM slot 0005: 0x403cd6c461ad0aa00000000500000005 utilisateur_1 02/25/2004 06:09:24 PM slot 0006: 0x403cd7830e72f0060000000600000006 05/14/2004 05:00:32 PM slot 0007: 0x40a4df430b0459c90000000700000007 utilisateur_2 05/14/2004 05:01:24 PM slot 0008: 0x40a4df72564595b70000000800000008 tp1 05/21/2004 10:16:55 PM

Sur un autre serveur w.lip6.fr :

w.lip6.fr sudo mkpassdb -dump Password: signature: pwfi version: 1 entrySize: 0 sequenceNumber: 3 numberOfSlotsCurrentlyInFile: 512 deepestSlotUsed: 3 deepestSlotUsedByThisServer: 3 Access Features: usingHistory=0 usingExpirationDate=0 usingHardExpirationDate=0 requiresAlpha=0 requiresNumeric=0 expirationDateGMT=4294967295 hardExpireDateGMT=4294967295 maxMinutesUntilChangePassword=0 maxMinutesUntilDisabled=0 maxMinutesOfNonUse=0 maxFailedLoginAttempts=0 minChars=0 maxChars=0 passwordCannotBeName=0 Weak Authentication Methods: SMB-NT SMB-LAN-MANAGER CRYPT APOP Public Key: 1024 35 1297090389197064319770206016993765487320805829509649297478528290763328224909 317648865642061732779432801655538131918830692522503951111053473287666225015062384578389932774 916079791985710091912019663348789396199178339367936280698912774575922475973107350154918653124 02416624925697385845157029010860441376219706001 root@w Replica Name: (Parent) slot 0001: 0x00000000000000000000000000000001 admin 02/05/2004 04:35:27 PM slot 0002: 0x402262d82fdf09500000000200000002 admin 05/24/2004 09:42:17 AM slot 0003: 0x402262e05e7636e40000000300000003 vpn_000a958b4d06 02/05/2004 04:36:01 PM

Interface LDAP RFC 2307 Utilisation des posixAccount et posixGroup.


Mappage LDAPv3 RFC 2307

Default Attribute Types Record Types and Attributes -> Map to any items in list


Log de création d'un Directory Master, login diradmin, realm SERVEUR.LIP6.FR /Library/Logs/slapconfig.log

2008-07-07 17:26:26 +0200 - slapconfig -createldapmasterandadmin 2008-07-07 17:26:26 +0200 - Creating password server slot 2008-07-07 17:26:26 +0200 - command: /usr/sbin/mkpassdb -a -u diradmin -p -q 2008-07-07 17:26:26 +0200 - command: /usr/sbin/mkpassdb -a -u root -p -q 2008-07-07 17:26:26 +0200 - command: /usr/sbin/mkpassdb -a -u nouveauserveur.lip6.fr$ -p -q 2008-07-07 17:26:26 +0200 - command: /usr/sbin/mkpassdb -setcomputeraccount 0x487235a26b8b45670000000400000004 2008-07-07 17:26:26 +0200 - Setting SASL realm to 2008-07-07 17:26:26 +0200 - command: /usr/sbin/mkpassdb -setrealm nouveauserveur.lip6.fr 2008-07-07 17:26:27 +0200 - Copied file from /etc/openldap/slapd.conf to /etc/openldap/slapd.conf.backup. 2008-07-07 17:26:29 +0200 - Starting LDAP server (slapd) 2008-07-07 17:26:29 +0200 - command: /usr/bin/ldapadd -c -x -D uid=root,cn=users,dc=lip6,dc=fr -w **** 2008-07-07 17:26:30 +0200 - command: /usr/sbin/slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d 2008-07-07 17:26:30 +0200 - slaptest command output: config file testing succeeded 2008-07-07 17:26:30 +0200 - Stopping LDAP server (slapd) 2008-07-07 17:26:31 +0200 - Starting LDAP server (slapd) 2008-07-07 17:26:32 +0200 - command: /usr/bin/ldapmodify -c -x -D uid=root,cn=users,dc=lip6,dc=fr -w **** 2008-07-07 17:26:32 +0200 - Stopping LDAP server (slapd) 2008-07-07 17:26:32 +0200 - Starting LDAP server (slapd) 2008-07-07 17:26:32 +0200 - command: /usr/bin/ldapadd -c -x -D uid=root,cn=users,dc=lip6,dc=fr -w **** 2008-07-07 17:26:32 +0200 - Attempting to open /LDAPv3/127.0.0.1 node 2008-07-07 17:26:32 +0200 - Opened /LDAPv3/127.0.0.1 node 2008-07-07 17:26:32 +0200 - Configuring Kerberos server, realm is SERVEUR.LIP6.FR 2008-07-07 17:26:32 +0200 - Removed directory at path /var/db/krb5kdc. 2008-07-07 17:26:32 +0200 - command: /sbin/kerberosautoconfig -r SERVEUR.LIP6.FR -m nouveauserveur.lip6.fr -u -v 1 2008-07-07 17:26:32 +0200 - command: /usr/sbin/kdcsetup -f /LDAPv3/127.0.0.1 -w -a diradmin -p **** -v 1 SERVEUR.LIP6.FR 2008-07-07 17:26:36 +0200 - kdcsetup command output: Contacting the Directory Server Authenticating to the Directory Server Creating Kerberos directory Creating KDC Config File Creating Admin ACL File Creating Kerberos Master Key Creating Kerberos Database Creating Kerberos Admin user WARNING: no policy specified for diradmin@SERVEUR.LIP6.FR; defaulting to no policy Adding kerberos auth authority to admin user Creating keytab for the admin tools Adding KDC & kadmind to launchd Adding the new KDC into the KerberosClient config record Finished 2008-07-07 17:26:36 +0200 - command: /usr/sbin/sso_util configure -x -r SERVEUR.LIP6.FR -f /LDAPv3/127.0.0.1 -a diradmin -p **** -v 1 all 2008-07-07 17:26:37 +0200 - sso_util command output: Contacting the directory server Creating the service list Creating the service principals WARNING: no policy specified for vnc/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for cifs/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for ldap/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for xgrid/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for vpn/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for ipp/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for xmpp/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for XMPP/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for host/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for smtp/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for nfs/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for http/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for HTTP/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for pop/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for imap/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for ftp/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for afpserver/nouveauserveur.lip6.fr@SERVEUR.LIP6.FR; defaulting to no policy Creating the keytab file Configuring services WriteSetupFile: setup file path = /temp.JkFx/setup 2008-07-07 17:26:37 +0200 - command: /sbin/kerberosautoconfig -f /LDAPv3/127.0.0.1 -u -v 1 2008-07-07 17:26:37 +0200 - command: /usr/sbin/mkpassdb -kerberize 2008-07-07 17:26:37 +0200 - mkpassdb command output: WARNING: no policy specified for nouveauserveur.lip6.fr$@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for root@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for diradmin@SERVEUR.LIP6.FR; defaulting to no policy add_principal: Principal or policy already exists while creating "diradmin@SERVEUR.LIP6.FR". WARNING: no policy specified for disabled-slot-0x1@SERVEUR.LIP6.FR; defaulting to no policy WARNING: no policy specified for nouveauserveur.lip6.fr$@SERVEUR.LIP6.FR; defaulting to no policy add_principal: Principal or policy already exists while creating "nouveauserveur.lip6.fr$@SERVEUR.LIP6.FR". WARNING: no policy specified for root@SERVEUR.LIP6.FR; defaulting to no policy add_principal: Principal or policy already exists while creating "root@SERVEUR.LIP6.FR". WARNING: no policy specified for diradmin@SERVEUR.LIP6.FR; defaulting to no policy add_principal: Principal or policy already exists while creating "diradmin@SERVEUR.LIP6.FR". WARNING: no policy specified for disabled-slot-0x1@SERVEUR.LIP6.FR; defaulting to no policy add_principal: Principal or policy already exists while creating "disabled-slot-0x1@SERVEUR.LIP6.FR". 2008-07-07 17:26:37 +0200 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi 2008-07-07 17:26:37 +0200 - Stopping LDAP server (slapd) 2008-07-07 17:26:37 +0200 - Starting LDAP server (slapd) 2008-07-07 17:26:37 +0200 - command: /usr/sbin/vpnaddkeyagentuser -q /LDAPv3/127.0.0.1 2008-07-07 17:26:38 +0200 - slapconfig -selfwrite 2008-07-07 17:26:38 +0200 - slapconfig -setldapconfig 2008-07-07 17:26:38 +0200 - command: /usr/sbin/mkpassdb -setreplicationinterval 300 SyncDefault 2008-07-07 17:26:38 +0200 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi

Lorsqu'un Directory master est créé, le seul compte local est admin (comme avant), et trois comptes sont créés sur le LDAP : root (uid 0), diradmin(uid 1000) et vpn_124b2...5e (uid 57) Les groupes admin (gid 80:root,diradmin), staff (gid 20:root) et com.apple.limited_admin (gid 106)


Log d'exportation d'un Directory Master

2008-07-07 17:37:59 +0200 - slapconfig -backupdb 2008-07-07 17:37:59 +0200 - 1 Backing up LDAP database 2008-07-07 17:38:00 +0200 - popen: /usr/sbin/slapcat -l /tmp/slapconfig_backup_stage68225F6H82/backup.ldif, "r" 2008-07-07 17:38:00 +0200 - Error: Command failed with exit code 256: /usr/sbin/slapcat -l /tmp/slapconfig_backup_stage68225F6H82/backup.ldif 2008-07-07 17:38:00 +0200 - popen: /bin/cp /var/db/openldap/openldap-data/DB_CONFIG /tmp/slapconfig_backup_stage68225F6H82/DB_CONFIG, "r" 2008-07-07 17:38:00 +0200 - popen: /bin/cp -r /etc/openldap /tmp/slapconfig_backup_stage68225F6H82/, "r" 2008-07-07 17:38:01 +0200 - 2 Backing up password server database 2008-07-07 17:38:01 +0200 - popen: /usr/sbin/mkpassdb -backupdb /tmp/slapconfig_backup_stage68225F6H82/passwordserver_backup/ > /dev/null, "r" 2008-07-07 17:38:02 +0200 - popen: /bin/cp -r /Library/Preferences/com.apple.passwordserver.plist /tmp/slapconfig_backup_stage68225F6H82/, "r" 2008-07-07 17:38:02 +0200 - popen: /usr/sbin/mkpassdb -list > /tmp/slapconfig_backup_stage68225F6H82/sasl-plugin-list, "r" 2008-07-07 17:38:02 +0200 - popen: /bin/hostname > /tmp/slapconfig_backup_stage68225F6H82/hostname, "r" 2008-07-07 17:38:02 +0200 - 3 Backing up Kerberos database 2008-07-07 17:38:02 +0200 - popen: /usr/sbin/kdb5_util -r LKDC:SHA1.2F4DD3294CC72602997517EAF7959E7A7AC1C605 dump > /tmp/slapconfig_backup_stage68225F6H82/kdb5dump.LKDC:SHA1.2F4DD3294CC72602997517EAF7959E7A7AC1C605.bak, "r" 2008-07-07 17:38:02 +0200 - popen: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR dump > /tmp/slapconfig_backup_stage68225F6H82/kdb5dump.SERVEUR.LIP6.FR.bak, "r" 2008-07-07 17:38:02 +0200 - popen: /usr/sbin/sso_util info -pr /LDAPv3/127.0.0.1 > /tmp/slapconfig_backup_stage68225F6H82/local_odkrb5realm, "r" 2008-07-07 17:38:02 +0200 - popen: /usr/sbin/sso_util info -pr /Local/Default > /tmp/slapconfig_backup_stage68225F6H82/local_krb5realm, "r" 2008-07-07 17:38:02 +0200 - popen: /usr/bin/tar czpf /tmp/slapconfig_backup_stage68225F6H82/krb5backup.tar.gz /var/db/krb5kdc/kdc.conf /var/db/krb5kdc/kadm5.acl /var/db/krb5kdc/kadm5.keytab /var/db/krb5kdc/.k5.* /Library/Preferences/edu.mit.Kerberos /etc/krb5.keytab , "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /var/db/dslocal/nodes/Default/config/KerberosKDC.plist /tmp/slapconfig_backup_stage68225F6H82/KerberosKDC.plist, "r" 2008-07-07 17:38:03 +0200 - 4 Backing up configuration files 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/com.apple.PasswordService.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/org.openldap.slapd.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/org.openldap.slurpd.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/com.apple.kdcmond.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/edu.mit.kadmind.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp /System/Library/LaunchDaemons/smbd.plist /tmp/slapconfig_backup_stage68225F6H82/LaunchDaemons/, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp -r /Library/Preferences/DirectoryService /tmp/slapconfig_backup_stage68225F6H82/, "r" 2008-07-07 17:38:03 +0200 - 5 Backing up local directory database 2008-07-07 17:38:03 +0200 - popen: /bin/cp /Library/Preferences/com.apple.openldap.plist /tmp/slapconfig_backup_stage68225F6H82/, "r" 2008-07-07 17:38:03 +0200 - popen: /usr/bin/sw_vers > /tmp/slapconfig_backup_stage68225F6H82/version.txt, "r" 2008-07-07 17:38:03 +0200 - popen: /bin/cp -r /var/db/dslocal /tmp/slapconfig_backup_stage68225F6H82/, "r" 2008-07-07 17:38:06 +0200 - popen: /usr/bin/tar czpf /tmp/slapconfig_backup_stage68225F6H82/shadowbackup.tar.gz /var/db/shadow, "r" 2008-07-07 17:38:06 +0200 - popen: /usr/bin/tar czpf /tmp/slapconfig_backup_stage68225F6H82/sambabackup.tar.gz /var/db/samba /etc/smb.conf, "r" 2008-07-07 17:38:06 +0200 - Backed Up Keycahin 2008-07-07 17:38:06 +0200 - 6 Creating archive 2008-07-07 17:38:06 +0200 - command: /usr/bin/hdiutil create -ov -quiet -plist -puppetstrings -layout UNIVERSAL CD -fs HFS+ -volname ldap_bk -srcfolder /tmp/slapconfig_backup_stage68225F6H82 -format SPARSE -encryption AES-256 -stdinpass /Volumes/D1/Configurations/2008-07-07/sauv 2008-07-07 17:38:19 +0200 - Removed directory at path /tmp/slapconfig_backup_stage68225F6H82.


Log d'importation d'un Open Directory Master (qui ne fonctionne pas)

2008-07-07 17:48:15 +0200 - slapconfig -mergedb 2008-07-07 17:48:15 +0200 - command: /usr/bin/hdiutil attach /Volumes/Sans titre/sauv.sparseimage -readonly 2008-07-07 17:48:16 +0200 - hdiutil command output: hdiutil: attach failed - Erreur d'authentification 2008-07-07 17:48:16 +0200 - hdiutil command failed with status 1 2008-07-07 17:48:16 +0200 - command: /usr/bin/hdiutil attach -stdinpass /Volumes/Sans titre/sauv.sparseimage -readonly 2008-07-07 17:48:17 +0200 - Disk name disk3 2008-07-07 17:48:17 +0200 - 1 Merging Kerberos database 2008-07-07 17:48:17 +0200 - popen: cd /tmp/slapconfig_restore_stage2023eT5lWo;/usr/bin/tar xzpf /Volumes/ldap_bk/krb5backup.tar.gz, "r" 2008-07-07 17:48:17 +0200 - Copied file from /Volumes/ldap_bk/kdb5dump.SERVEUR.LIP6.FR.bak to /tmp/slapconfig_restore_stage2023eT5lWo/kdb5dump.SERVEUR.LIP6.FR.bak. 2008-07-07 17:48:17 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR dump -new_mkey_file /tmp/slapconfig_restore_stage2023eT5lWo/var/db/krb5kdc/.k5.SERVEUR.LIP6.FR /tmp/slapconfig_restore_stage2023eT5lWo/kdb5backup.bak 2008-07-07 17:48:17 +0200 - Copied directory from /var/db/krb5kdc to /var/db/krb5kdc.pre-merge. 2008-07-07 17:48:17 +0200 - command: /bin/cp /tmp/slapconfig_restore_stage2023eT5lWo/var/db/krb5kdc/.k5.SERVEUR.LIP6.FR /var/db/krb5kdc/ 2008-07-07 17:48:17 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR load -update /tmp/slapconfig_restore_stage2023eT5lWo/kdb5dump.SERVEUR.LIP6.FR.bak 2008-07-07 17:48:18 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR load -update /tmp/slapconfig_restore_stage2023eT5lWo/kdb5backup.bak 2008-07-07 17:48:18 +0200 - 2 Merging Password Server data 2008-07-07 17:48:18 +0200 - command: /usr/sbin/mkpassdb -mergeparent /Volumes/ldap_bk/passwordserver_backup/ /Volumes/ldap_bk/id_omitfile 2008-07-07 17:48:18 +0200 - 3 Merging LDAP database 2008-07-07 17:48:18 +0200 - Stopping LDAP server (slapd) 2008-07-07 17:48:18 +0200 - popen: /usr/sbin/slapadd -c -l /tmp/slapconfig_stage2023WJmgjh/backup2023.ldif, "w" 2008-07-07 17:48:18 +0200 - Error: command failed with exit code 256: /usr/sbin/slapadd -c -l /tmp/slapconfig_stage2023WJmgjh/backup2023.ldif 2008-07-07 17:48:18 +0200 - Starting LDAP server (slapd) 2008-07-07 17:48:18 +0200 - popen: cd /;/usr/bin/tar xzpf /Volumes/ldap_bk/sambabackup.tar.gz, "w" 2008-07-07 17:48:18 +0200 - Copied file from /Volumes/ldap_bk/LaunchDaemons/smbd.plist to /System/Library/LaunchDaemons/smbd.plist. 2008-07-07 17:48:18 +0200 - command: /bin/launchctl load /System/Library/LaunchDaemons/smbd.plist 2008-07-07 17:48:18 +0200 - Removed directory at path /tmp/slapconfig_stage2023WJmgjh. 2008-07-07 17:48:18 +0200 - command: /usr/bin/hdiutil detach disk3


Contournement de l'erreur

Je n'ai pas trouvé le script qui est lancé lors de l'importation d'un Open Directory Master, c'est en fait dans la commande slapconfig -mergedb J'ai donc lancé la commande slapconfig -mergedb en lui donnant le fichier .sparseimage en paramètre. Cela se plante donc sur la commande /usr/sbin/slapadd Pour connaître le paramètre passé à cette commande, j'ai stoppé le script en cours de route afin d'éviter la dernièer commande qui supprime /tmp Finalement, le contenu du fichier passé en paramètre n'est que la création de deux éléments racines de la base LDAP.

dn: dc=lip6,dc=fr dc: lip6 objectClass: domain entryUUID: 327815e6-5904-1029-934d-e672c51492e1 creatorsName: uid=root,cn=users,dc=lip6,dc=fr createTimestamp: 20050514204048Z entryCSN: 2005051420:40:48Z#0x0001#0#0000 modifiersName: uid=root,cn=users,dc=lip6,dc=fr modifyTimestamp: 20050514204048Z structuralObjectClass: domain dn: cn=config,dc=lip6,dc=fr cn: config objectClass: container entryUUID: 32794d3a-5904-1029-934e-e672c51492e1 creatorsName: uid=root,cn=users,dc=lip6,dc=fr createTimestamp: 20050514204048Z entryCSN: 2005051420:40:48Z#0x0002#0#0000 modifiersName: uid=root,cn=users,dc=lip6,dc=fr modifyTimestamp: 20050514204048Z structuralObjectClass: container

Je crée un faux slapadd qui fait appel au vrai (c'était un lien symbolique vers ../libexec/slapd) et qui rend un code d'erreur 0 pour laisser continuer le script.

remplacement du #!/bin/sh # remplacant de /usr/sbin/slapadd echo patch slapadd echo $* ../libexec/slapd -v $* exit 0

Enfin, j'ai pu faire l'importation qui a bien pris les mots de passe mais pas les comptes, j'ai donc utilisé ldapbrowser pour exporter users.ldif et groups.ldif et je les ai importé dans le nouveau serveur. Dans le fichier users, j'ai supprimé le compte root pour éviter le doublon. Dans le fichier groups, j'ai supprimé admin. On peut peut-être en profiter pour corriger les sn=99 créés par une ancienne version de MacOS X Server ! sn devrait être le nom de famille et givenName le prénom


Log d'importation d'un Open Directory Master (qui fonctionne)

2009-07-24 14:59:59 +0200 - 1 Merging Kerberos database 2009-07-24 14:59:59 +0200 - popen: cd /tmp/slapconfig_restore_stage1686VdygU1;/usr/bin/tar xzpf /Volumes/ldap_bk/krb5backup.tar.gz, "r" 2009-07-24 15:00:00 +0200 - Copied file from /Volumes/ldap_bk/kdb5dump.SERVEUR.LIP6.FR.bak to /tmp/slapconfig_restore_stage1686VdygU1/kdb5dump.SERVEUR.LIP6.FR.bak. 2009-07-24 15:00:00 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR dump -new_mkey_file /tmp/slapconfig_restore_stage1686VdygU1/var/db/krb5kdc/.k5.SERVEUR.LIP6.FR /tmp/slapconfig_restore_stage1686VdygU1/kdb5backup.bak 2009-07-24 15:00:00 +0200 - Copied directory from /var/db/krb5kdc to /var/db/krb5kdc.pre-merge. 2009-07-24 15:00:00 +0200 - command: /bin/cp /tmp/slapconfig_restore_stage1686VdygU1/var/db/krb5kdc/.k5.SERVEUR.LIP6.FR /var/db/krb5kdc/ 2009-07-24 15:00:00 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR load -update /tmp/slapconfig_restore_stage1686VdygU1/kdb5dump.SERVEUR.LIP6.FR.bak 2009-07-24 15:00:00 +0200 - command: /usr/sbin/kdb5_util -r SERVEUR.LIP6.FR load -update /tmp/slapconfig_restore_stage1686VdygU1/kdb5backup.bak 2009-07-24 15:00:00 +0200 - 2 Merging Password Server data 2009-07-24 15:00:00 +0200 - command: /usr/sbin/mkpassdb -mergeparent /Volumes/ldap_bk/passwordserver_backup/ /Volumes/ldap_bk/id_omitfile 2009-07-24 15:00:00 +0200 - 3 Merging LDAP database 2009-07-24 15:00:00 +0200 - Stopping LDAP server (slapd) 2009-07-24 15:00:00 +0200 - popen: /usr/sbin/slapadd -c -l /tmp/slapconfig_stage16869W6yN3/backup1686.ldif, "w" 2009-07-24 15:00:01 +0200 - Starting LDAP server (slapd) 2009-07-24 15:00:02 +0200 - popen: cd /;/usr/bin/tar xzpf /Volumes/ldap_bk/sambabackup.tar.gz, "w" 2009-07-24 15:00:02 +0200 - Copied file from /Volumes/ldap_bk/LaunchDaemons/smbd.plist to /System/Library/LaunchDaemons/smbd.plist. 2009-07-24 15:00:02 +0200 - command: /bin/launchctl load /System/Library/LaunchDaemons/smbd.plist 2009-07-24 15:00:02 +0200 - launchctl command output: nothing found to load 2009-07-24 15:00:02 +0200 - launchctl command failed with status 1 2009-07-24 15:00:02 +0200 - Removed directory at path /tmp/slapconfig_stage16869W6yN3. 2009-07-24 15:00:02 +0200 - command: /usr/bin/hdiutil detach disk1


Log de passage Open Directory Master -> Open Directory Standalone

2008-07-07 17:54:24 +0200 - slapconfig -destroyldapserver 2008-07-07 17:54:24 +0200 - removing GUID F64E6F87-EC53-4274-8492-9AB29BE9A4B1 from local admin group. 2008-07-07 17:54:24 +0200 - removing short name diradmin from local admin group. 2008-07-07 17:54:24 +0200 - command: /usr/sbin/sso_util remove -k -d -s -c -n -r SERVEUR.LIP6.FR -v 1 2008-07-07 17:54:27 +0200 - sso_util command output: shutting down kadmind kadmind shut down shutting down kdc kdc shut down Not removing the admin user as admin name entered is NULL removing kdc database files 2008-07-07 17:54:28 +0200 - Stopping LDAP server (slapd) 2008-07-07 17:54:28 +0200 - Stopping LDAP replicator (slurpd) 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/__db.001. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/__db.002. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/__db.003. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/__db.004. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/__db.005. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-generateduid.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-group-memberguid.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-group-nestedgroup.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-group-realname.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-serviceinfo.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/apple-serviceslocator.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/cn.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/DB_CONFIG. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/dn2id.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/gidNumber.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/givenName.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/id2entry.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/ipHostNumber.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/log.0000000001. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/macAddress.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/memberUid.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/objectClass.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/ou.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/sn.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/uid.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/openldap/openldap-data/uidNumber.bdb. 2008-07-07 17:54:28 +0200 - Removed file at path /etc/openldap/slapd_macosxserver.conf. 2008-07-07 17:54:28 +0200 - Removed file at path /etc/openldap/slapd.conf. 2008-07-07 17:54:28 +0200 - Copied file from /etc/openldap/slapd.conf.default to /etc/openldap/slapd.conf. 2008-07-07 17:54:28 +0200 - Removed file at path /etc/openldap/rootDSE.ldif. 2008-07-07 17:54:28 +0200 - Removed file at path /var/db/dslocal/nodes/Default/groups/com.apple.access_dsproxy.plist. 2008-07-07 17:54:28 +0200 - Removed directory at path /etc/openldap/slapd.d/cn=config. 2008-07-07 17:54:28 +0200 - Removed file at path /etc/openldap/slapd.d/cn=config.ldif. 2008-07-07 17:54:28 +0200 - Removed directory at path /etc/openldap/slapd.d. 2008-07-07 17:54:28 +0200 - Removed directory at path /etc/openldap/slapd.d.backup/cn=config. 2008-07-07 17:54:28 +0200 - Removed file at path /etc/openldap/slapd.d.backup/cn=config.ldif. 2008-07-07 17:54:28 +0200 - Removed directory at path /etc/openldap/slapd.d.backup. 2008-07-07 17:54:28 +0200 - command: /usr/sbin/kdcsetup -e 2008-07-07 17:54:33 +0200 - command: /usr/sbin/mkpassdb -u disabled-slot-0x1 -p -q 2008-07-07 17:54:34 +0200 - command: /usr/sbin/mkpassdb -key 2008-07-07 17:54:40 +0200 - Removed file at path /Library/Preferences/com.apple.passwordserver.plist. 2008-07-07 17:54:40 +0200 - slapconfig -setstandalone 2008-07-07 17:54:40 +0200 - slapconfig -setmacosxodpolicy

Voir Aussi

http://discussions.info.apple.com/

2004-2008


FutureShare  |  Glossaire  |