[Samba] Re: domain join - no sambaSamAccount created
U. Dettmer
udettmer at gmx.net
Tue Sep 9 09:11:48 GMT 2003
> if you didn't work it out yet.... send your smb.conf and attach "add
> machine script" too, I can test it on this system. Maybe that will give
> us some answers.
Hi again,
my "add machine" script uses the cpu utility, which is available at http://cpu.sourceforge.net . It is also included in many Linux distributions
( well, at least in SuSE 8.2 Pro ;-).
I've slightly edited the config files but all necessary information should available.
OK, here we go:
# smb.conf - Global parameters
[global]
workgroup = TUXNET
server string = Fileserver
map to guest = Bad User
null passwords = Yes
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://directory, guest
passwd program = /usr/bin/passwd -q %u
passwd chat = *New*password* %n\n *Re-enter*new*password* %n\n \n
unix password sync = Yes
client lanman auth = No
client plaintext auth = No
log level = 0
syslog = 0
log file = /var/log/samba/%m.log
time server = Yes
server signing = auto
deadtime = 15
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
printcap name = cups
# add machine script = /etc/samba/machadd.sh %u
# Note: I tried to wrap the line below into a shell script. It didn't help ...
add machine script = /usr/bin/cpu useradd %u -d /dev/null -f /etc/samba/scripts/machadd.cfg -F %u -L %u -g 511 -p \n
shutdown script = /sbin/shutdown
abort shutdown script = /sbin/shutdown -c
logon script = scripts\%m.bat
logon path = \\%N\%U\.winprofile
logon drive = m:
domain logons = Yes
os level = 65
domain master = Yes
wins server = 10.0.0.2
ldap server = directory
ldap port = 389
ldap suffix = ou=department,o=company,c=DE
ldap machine suffix = ou=herkules,ou=clients
ldap user suffix = People
ldap group suffix = Group
# ldap idmap suffix = ou=department,o=company,c=DE
ldap admin dn = cn=herkules-proxy,ou=admin,ou=department,o=company,c=DE
ldap ssl = no
message command = /bin/mail -s 'Nachricht von %f auf %m' root < %s; rm %s
host msdfs = Yes
idmap uid = 10000-20000
idmap gid = 10000-20000
comment = HP Laserjet 2100 IL
admin users = root
write list = root
printer admin = @it-s, root
map acl inherit = Yes
printing = cups
printer name = normal
map system = Yes
map hidden = Yes
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0711
directory mask = 0711
profile acls = Yes
browseable = No
[netlogon]
comment = logon scripts
path = /daten/netlogon/
write list = root, @it-s
map system = No
map hidden = No
locking = No
root preexec = /etc/samba/make_logon_script '%m' '%U' '%a' '%g' '%L'
[print$]
path = /daten/printers
write list = @it-s, root
guest ok = Yes
[printers]
path = /var/spool/cups
guest ok = Yes
printable = Yes
browseable = No
# /etc/samba/scripts/machadd.cfg
# LDAP Configuration
ldap_host::directory
ldap_port::389
bind_dn::cn=herkules-proxy,ou=admin,ou=department,o=company,c=DE
bind_pass::xxx
base_dn::ou=department,o=company,c=DE
user_base::ou=herkules,ou=clients,ou=department,o=company,c=DE
group_base::ou=group,ou=department,o=company,c=DE
user_filter::objectclass=posixAccount
user_object_class::account,posixAccount,top,shadowAccount,inetOrgPerson
group_object_class::posixGroup,top
ldap_version::3
#
# User Configuration
#
default_shell::/bin/false
home_directory::/dev/nul
skel_dir::/etc/skel
def_gecos::Machine Account
max_uidnumber::10000
min_uidnumber::5000
max_gidnumber::10000
min_gidnumber::5000
id_max_passes::1000
#
# Password Configuration
#
hash::clear
password_file::/etc/passwd
shadow_file::/etc/shadow
shadowlastchange::11192
shadowmax::99999
shadowwarning::7
shadowexpire::-1
shadowflag::134538308
shadowmin::-1
shadowinactive::-1
#
# Misc. Configuartion
#
syslog::n
def_dir_perm::0700
More information about the samba
mailing list