[Samba-it] ldap + unix password sync possibile?

cucca liste at cuccarini.it
Thu Oct 27 09:28:01 MDT 2005


Salve a tutti,
	avrei la necessita' di avere gli stessi utenti samba su passwd (il
mio pdc e' anche un mailserver locale, e senza la riga dell'user su passwd
qpopper si rifiuta di farmi scaricare la posta!). Il problema e' che se
imposto unix password sync = yes quando aggiungo un utente con usrmgr.exe mi
risponde "accesso negato". Mi viene da pensare che quindi, gli script
smbldap non siano eseguiti come root ma anche con un chmod 4755 allo script
il risultato non cambia! Consigli?

Ciao
Denis

Ecco la mia configurazione:

#======================= Global Settings =======================
[global]
workgroup = DOMINIO
server string = Server
interfaces = 192.168.50.3/24 127.0.0.1/24
dns proxy = no
log level = 10
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://127.0.0.1
#passdb backend = ldapsam://127.0.0.1:389
obey pam restrictions = no
passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
hide dot files = yes
default case = Lower
veto files = /.*/
use sendfile = no
admin users = administrator
enable privileges = yes
wins support = yes
name resolve order = wins lmhosts host bcast
time server = yes
kernel change notify = yes
unix password sync = yes

winbind use default domain = yes
template primary group = "Domain Users"

enable privileges = yes
printer admin = administrator, @"Domain Users"

preserve case = yes
short preserve case = yes
case sensitive = no

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
dead time = 15
getwd cache = yes
lpq cache time = 30

printing = cups
printcap name = CUPS
printcap = cups
load printers = yes

ldap suffix = dc=DOMINIO,dc=it
ldap admin dn = cn=admin,dc=DOMINIO,dc=it
ldap ssl = no
ldap user suffix = ou=Users
ldap idmap suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap password sync = yes

os level = 255
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
logon path =
logon home =
logon script = startup.bat

add user script = /usr/sbin/smbldap-useradd -a -m "%u"
add machine script = /usr/sbin/smbldap-useradd -w %u
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"









More information about the samba-it mailing list