[Samba] suse 8.2 Samba 3(samba3-3.0.2pre1-20) LDAP PDC
:Cannot Log onto Domain Member Workstation After Joining Domain
Tarjei Huse
tarjei at nu.no
Wed Jan 14 12:36:04 GMT 2004
Hi,
>Successfully I was able to joining Windows 2000 Professional to samba 3
>domain (TUX_NET). After that I was not able to login to domain from
>windows 2000 machine.
>
>
Hi, take a look at the sambasid of your nobody user. I belive that the
gues user has to have a sid ending in 501.
If I am not wrong, this is also an error in the smbldap-populate script
that idealx uses. (Therefore I crosspost)
th
>I have tried with three different samba 3 versions, same result.
>
>
>My configuration:
>SuSE 8.2
>Samba 3pre2
>
>Is there any problem with my configuration? I am attaching machine log
>file also.
>
>
>
># extended LDIF
>#
># LDAPv3
># base <> with scope sub
># filter: (objectclass=*)
># requesting: ALL
>#
>
># sfgroup.com
>dn: dc=sfgroup,dc=com
>objectClass: dcObject
>objectClass: organization
>dc: sfgroup
>o: sfgroup
>
># People, sfgroup.com
>dn: ou=People,dc=sfgroup,dc=com
>objectClass: organizationalUnit
>ou: People
>
># Groups, sfgroup.com
>dn: ou=Groups,dc=sfgroup,dc=com
>objectClass: organizationalUnit
>ou: Groups
>
># nobody, People, sfgroup.com
>dn: uid=nobody,ou=People,dc=sfgroup,dc=com
>cn: nobody
>sn: nobody
>objectClass: inetOrgPerson
>objectClass: sambaSAMAccount
>objectClass: posixAccount
>gidNumber: 514
>uid: nobody
>homeDirectory: /dev/null
>sambaPwdLastSet: 0
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>sambaPwdMustChange: 2147483647
>sambaHomePath: \\rishi\homes
>sambaHomeDrive: _HOMEDRIVE_
>sambaProfilePath: \\_PDCNAME_\profiles\
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-514
>sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
>sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
>loginShell: /bin/false
>uidNumber: 99
>sambaAcctFlags: [U ]
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-514
>
># Domain Admins, Groups, sfgroup.com
>dn: cn=Domain Admins,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 512
>cn: Domain Admins
>memberUid: Administrator
>description: Netbios Domain Administrators
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-512
>sambaGroupType: 2
>displayName: Domain Admins
>
># Domain Users, Groups, sfgroup.com
>dn: cn=Domain Users,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 513
>cn: Domain Users
>description: Netbios Domain Users
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-513
>sambaGroupType: 2
>displayName: Domain Users
>memberUid: root
>memberUid: admin
>memberUid: testuser
>memberUid: sun
>
># Domain Guests, Groups, sfgroup.com
>dn: cn=Domain Guests,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 514
>cn: Domain Guests
>description: Netbios Domain Guests Users
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-514
>sambaGroupType: 2
>displayName: Domain Guests
>
># Administrators, Groups, sfgroup.com
>dn: cn=Administrators,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 544
>cn: Administrators
>description: Netbios Domain Members can fully administer the
>computer/sambaDom
> ainName
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-544
>sambaGroupType: 2
>displayName: Administrators
>
># Users, Groups, sfgroup.com
>dn: cn=Users,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 545
>cn: Users
>description: Netbios Domain Ordinary users
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-545
>sambaGroupType: 2
>displayName: users
>
># Guests, Groups, sfgroup.com
>dn: cn=Guests,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 546
>cn: Guests
>memberUid: nobody
>description: Netbios Domain Users granted guest access to the
>computer/sambaDo
> mainName
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-546
>sambaGroupType: 2
>displayName: Guests
>
># Power Users, Groups, sfgroup.com
>dn: cn=Power Users,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 547
>cn: Power Users
>description: Netbios Domain Members can share directories and printers
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-547
>sambaGroupType: 2
>displayName: Power Users
>
># Account Operators, Groups, sfgroup.com
>dn: cn=Account Operators,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 548
>cn: Account Operators
>description: Netbios Domain Users to manipulate users accounts
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-548
>sambaGroupType: 2
>displayName: Account Operators
>
># Server Operators, Groups, sfgroup.com
>dn: cn=Server Operators,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 549
>cn: Server Operators
>description: Netbios Domain Server Operators
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-549
>sambaGroupType: 2
>displayName: Server Operators
>
># Print Operators, Groups, sfgroup.com
>dn: cn=Print Operators,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 550
>cn: Print Operators
>description: Netbios Domain Print Operators
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-550
>sambaGroupType: 2
>displayName: Print Operators
>
># Backup Operators, Groups, sfgroup.com
>dn: cn=Backup Operators,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 551
>cn: Backup Operators
>description: Netbios Domain Members can bypass file security to back up files
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-551
>sambaGroupType: 2
>displayName: Backup Operators
>
># Replicator, Groups, sfgroup.com
>dn: cn=Replicator,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 552
>cn: Replicator
>description: Netbios Domain Supports file replication in a sambaDomainName
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-552
>sambaGroupType: 2
>displayName: Replicator
>
># Domain Computers, Groups, sfgroup.com
>dn: cn=Domain Computers,ou=Groups,dc=sfgroup,dc=com
>objectClass: posixGroup
>objectClass: sambaGroupMapping
>gidNumber: 553
>cn: Domain Computers
>description: Netbios Domain Computers accounts
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-553
>sambaGroupType: 2
>displayName: Domain Computers
>
># TUX-NET, sfgroup.com
>dn: sambaDomainName=TUX-NET,dc=sfgroup,dc=com
>sambaDomainName: TUX-NET
>sambaSID: S-1-5-21-4227643745-2043747094-3043018297
>sambaAlgorithmicRidBase: 1000
>objectClass: sambaDomain
>
># root, People, sfgroup.com
>dn: uid=root,ou=People,dc=sfgroup,dc=com
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>objectClass: sambaSAMAccount
>cn: root
>sn: root
>uid: root
>loginShell: /bin/bash
>gecos: System User
>description: System User
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>displayName: System User
>sambaHomeDrive: _HOMEDRIVE_
>sambaLogonScript: root.cmd
>sambaProfilePath: \\_PDCNAME_\profiles\root
>sambaHomePath: \\rishi\homes
>gidNumber: 512
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-512
>uidNumber: 0
>homeDirectory: /root
>sambaLMPassword: 8C6F5D02DEB21501AAD3B435B51404EE
>sambaAcctFlags: [U]
>sambaNTPassword: E0FBA38268D0EC66EF1CB452D5885E53
>sambaPwdLastSet: 1073531883
>sambaPwdMustChange: 1077419883
>
># testuser, People, sfgroup.com
>dn: uid=testuser,ou=People,dc=sfgroup,dc=com
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>objectClass: sambaSAMAccount
>cn: testuser
>sn: testuser
>uid: testuser
>uidNumber: 1001
>gidNumber: 513
>homeDirectory: /home/testuser
>loginShell: /bin/bash
>gecos: System User
>description: System User
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>displayName: System User
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-3002
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-513
>sambaHomeDrive: H:
>sambaLogonScript: testuser.cmd
>sambaProfilePath: \\rishi\profiles\testuser
>sambaHomePath: \\rishi\homes
>sambaLMPassword: 8C6F5D02DEB21501AAD3B435B51404EE
>sambaAcctFlags: [U]
>sambaNTPassword: E0FBA38268D0EC66EF1CB452D5885E53
>sambaPwdLastSet: 1073005837
>sambaPwdMustChange: 1076893837
>
># sun, People, sfgroup.com
>dn: uid=sun,ou=People,dc=sfgroup,dc=com
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>objectClass: sambaSAMAccount
>cn: sun
>sn: sun
>uid: sun
>uidNumber: 1002
>gidNumber: 513
>homeDirectory: /home/sun
>loginShell: /bin/bash
>gecos: System User
>description: System User
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>displayName: System User
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-3004
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-513
>sambaHomeDrive: _HOMEDRIVE_
>sambaLogonScript: sun.cmd
>sambaProfilePath: \\_PDCNAME_\profiles\sun
>sambaHomePath: \\rishi\homes
>sambaLMPassword: 8C6F5D02DEB21501AAD3B435B51404EE
>sambaAcctFlags: [U]
>sambaNTPassword: E0FBA38268D0EC66EF1CB452D5885E53
>sambaPwdLastSet: 1073532996
>sambaPwdMustChange: 1077420996
>
># Computers, sfgroup.com
>dn: ou=Computers,dc=sfgroup,dc=com
>objectClass: organizationalUnit
>ou: Computers
>
># Administrator, People, sfgroup.com
>dn: uid=Administrator,ou=People,dc=sfgroup,dc=com
>cn: Administrator
>sn: Administrator
>objectClass: inetOrgPerson
>objectClass: sambaSAMAccount
>objectClass: posixAccount
>gidNumber: 512
>uid: Administrator
>uidNumber: 998
>homeDirectory: /home
>sambaPwdLastSet: 0
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>sambaPwdMustChange: 2147483647
>sambaHomePath: \\rishi\homes
>sambaHomeDrive: _HOMEDRIVE_
>sambaProfilePath: \\_PDCNAME_\profiles\
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-512
>sambaLMPassword: XXX
>sambaNTPassword: XXX
>sambaAcctFlags: [U ]
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-2996
>loginShell: /bin/false
>gecos: Netbios Domain Administrator
>
># admin, People, sfgroup.com
>dn: uid=admin,ou=People,dc=sfgroup,dc=com
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>objectClass: sambaSAMAccount
>cn: admin
>sn: admin
>uid: admin
>homeDirectory: /home/admin
>loginShell: /bin/bash
>gecos: System User
>description: System User
>sambaLogonTime: 0
>sambaLogoffTime: 2147483647
>sambaKickoffTime: 2147483647
>sambaPwdCanChange: 0
>displayName: System User
>sambaHomeDrive: _HOMEDRIVE_
>sambaLogonScript: admin.cmd
>sambaProfilePath: \\_PDCNAME_\profiles\admin
>sambaHomePath: \\rishi\homes
>sambaLMPassword: 8C6F5D02DEB21501AAD3B435B51404EE
>sambaAcctFlags: [U]
>sambaNTPassword: E0FBA38268D0EC66EF1CB452D5885E53
>sambaPwdLastSet: 1073531947
>sambaPwdMustChange: 1077419947
>sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
>uidNumber: 0
>gidNumber: 512
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-512
>
># sanjay$, People, sfgroup.com
>dn: uid=sanjay$,ou=People,dc=sfgroup,dc=com
>sn: sanjay$
>loginShell: /bin/false
>uidNumber: 1000
>gidNumber: 553
>objectClass: top
>objectClass: inetOrgPerson
>objectClass: posixAccount
>objectClass: sambaSamAccount
>uid: sanjay$
>cn: sanjay$
>homeDirectory: /dev/null
>description: Computer
>sambaSID: S-1-5-21-4227643745-2043747094-3043018297-3000
>sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-553
>displayName: sanjay$
>sambaAcctFlags: [W ]
>sambaPwdCanChange: 1073532798
>sambaPwdMustChange: 2147483647
>sambaLMPassword: 241B9647145FDC6383EB6F485902D992
>sambaNTPassword: C70354BFFFA5856C2D4162ABB4A9FA47
>sambaPwdLastSet: 1073532798
>
># search result
>search: 2
>result: 0 Success
>
># numResponses: 26
># numEntries: 25
>
>ldap log file output
>====================
>Jan 7 20:10:31 rishi slapd[1186]: conn=53 fd=22 ACCEPT from IP=::1 32867
>(IP=:: 389)
>Jan 7 20:10:31 rishi slapd[1337]: conn=53 op=0 BIND
>dn="cn=Manager,dc=sfgroup,dc=com" method=128
>Jan 7 20:10:31 rishi slapd[1337]: conn=53 op=0 AUTHZ
>dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
>Jan 7 20:10:31 rishi slapd[1337]: conn=53 op=0 RESULT tag=97 err=0 text=
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=1 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaDomain)(sambaDomainName=TUX-NET))"
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=1 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=2 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(sambaSID=S-1-5-21-4227643745-2043747094-3043018297-501)(objectClass=sambaSamAccount))"
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=2 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Jan 7 20:10:31 rishi slapd[1186]: conn=54 fd=24 ACCEPT from
>IP=127.0.0.1:32868 (IP=:: 389)
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=0 BIND dn="" method=128
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=0 RESULT tag=97 err=0 text=
>Jan 7 20:10:31 rishi slapd[1336]: conn=54 op=1 SRCH
>base="dc=sfgroup,dc=com" scope=2 filter="(uid=nobody)"
>Jan 7 20:10:31 rishi slapd[1336]: conn=54 op=1 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=2 SRCH
>base="ou=Groups,dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=posixGroup)(|(memberUid=nobody)(uniqueMember=uid=nobody,ou=people,dc=sfgroup,dc=com)))"
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=2 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=3 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=514))"
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=3 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=4 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=546))"
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=4 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=5 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=65533))"
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=5 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=6 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))"
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=6 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=7 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(uid=SANJAY$)(objectClass=sambaSamAccount))"
>Jan 7 20:10:31 rishi slapd[1828]: conn=53 op=7 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=8 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(sambaSID=S-1-5-21-4227643745-2043747094-3043018297-501)(objectClass=sambaSamAccount))"
>Jan 7 20:10:31 rishi slapd[1336]: conn=53 op=8 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=3 SRCH
>base="dc=sfgroup,dc=com" scope=2 filter="(uid=nobody)"
>Jan 7 20:10:31 rishi slapd[1337]: conn=54 op=3 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:31 rishi slapd[1828]: conn=54 op=4 SRCH
>base="ou=Groups,dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=posixGroup)(|(memberUid=nobody)(uniqueMember=uid=nobody,ou=people,dc=sfgroup,dc=com)))"
>Jan 7 20:10:31 rishi slapd[1828]: conn=54 op=4 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:32 rishi slapd[1337]: conn=53 op=9 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(uid=root)(objectClass=sambaSamAccount))"
>Jan 7 20:10:32 rishi slapd[1337]: conn=53 op=9 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:32 rishi slapd[1336]: conn=54 op=5 SRCH
>base="dc=sfgroup,dc=com" scope=2 filter="(uid=root)"
>Jan 7 20:10:32 rishi slapd[1336]: conn=54 op=5 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:32 rishi slapd[1828]: conn=54 op=6 SRCH
>base="ou=Groups,dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=posixGroup)(|(memberUid=root)(uniqueMember=uid=root,ou=people,dc=sfgroup,dc=com)))"
>Jan 7 20:10:32 rishi slapd[1828]: conn=54 op=6 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:32 rishi slapd[1337]: conn=53 op=10 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
>Jan 7 20:10:32 rishi slapd[1337]: conn=53 op=10 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>Jan 7 20:10:32 rishi slapd[1336]: conn=53 op=11 SRCH
>base="dc=sfgroup,dc=com" scope=2
>filter="(&(objectClass=sambaGroupMapping)(gidNumber=513))"
>Jan 7 20:10:32 rishi slapd[1336]: conn=53 op=11 SEARCH RESULT tag=101
>err=0 nentries=1 text=
>
>smb.conf file:
>===============
>
># Global parameters
>[global]
> dos charset = CP850
> unix charset = UTF-8
> display charset = LOCALE
> workgroup = TUX-NET
> realm =
> netbios name = RISHI
> netbios aliases =
> netbios scope =
> server string = rishi Samba Server
> interfaces = 127.0.0.1, eth0
> bind interfaces only = No
> security = USER
> auth methods =
> encrypt passwords = Yes
> update encrypted = No
> client schannel = Auto
> server schannel = Auto
> allow trusted domains = Yes
> hosts equiv =
> min passwd length = 5
> map to guest = Never
> null passwords = Yes
> obey pam restrictions = No
> password server = *
> smb passwd file = /etc/samba/smbpasswd
> private dir = /etc/samba
> passdb backend = ldapsam
> algorithmic rid base = 1000
> root directory =
> guest account = nobody
> pam password change = No
> passwd program = /usr/local/bin/smbldap-passwd.pl -o %u
> passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*
> passwd chat debug = Yes
> passwd chat timeout = 2
> username map =
> password level = 0
> username level = 0
> unix password sync = No
> restrict anonymous = 0
> lanman auth = Yes
> ntlm auth = Yes
> client NTLMv2 auth = No
> client lanman auth = Yes
> client plaintext auth = Yes
> preload modules =
> log level = 10
> syslog = 1
> syslog only = No
> log file = /var/log/samba/%m.log
> max log size = 5000
> timestamp logs = Yes
> debug hires timestamp = No
> debug pid = No
> debug uid = No
> smb ports = 445 139
> protocol = NT1
> large readwrite = Yes
> max protocol = NT1
> min protocol = CORE
> unicode = Yes
> read bmpx = No
> read raw = Yes
> write raw = Yes
> disable netbios = No
> acl compatibility =
> nt pipe support = Yes
> nt status support = Yes
> announce version = 4.9
> announce as = NT
> max mux = 50
> max xmit = 16644
> name resolve order = lmhosts wins host bcast
> max ttl = 259200
> max wins ttl = 518400
> min wins ttl = 21600
> time server = Yes
> unix extensions = Yes
> use spnego = Yes
> client signing = auto
> server signing = No
> client use spnego = Yes
> change notify timeout = 60
> deadtime = 0
> getwd cache = Yes
> keepalive = 300
> kernel change notify = Yes
> lpq cache time = 10
> max smbd processes = 0
> paranoid server security = Yes
> max disk size = 0
> max open files = 10000
> read size = 16384
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> use mmap = Yes
> hostname lookups = No
> name cache timeout = 660
> load printers = Yes
> printcap name = cups
> disable spoolss = No
> enumports command =
> addprinter command =
> deleteprinter command =
> show add printer wizard = Yes
> os2 driver map =
> mangling method = hash2
> mangle prefix = 1
> stat cache = Yes
> machine password timeout = 604800
> add user script = /usr/local/sbin/smbldap-useradd.pl -a "%u"
> delete user script = /usr/local/sbin/smbldap-useradd.pl -d "%u"
> add group script = /usr/local/sbin/smbldap-useradd.pl -a -g "%g"
> delete group script = /usr/local/sbin/smbldap-useradd.pl -d -g "%g"
> add user to group script = /usr/local/sbin/smbldap-useradd.pl -j
>-u "%u"
>-g "%g"
> delete user from group script = /usr/local/sbin/smbldap-useradd.pl
>-j -u
>"%u" -g "%g"
> set primary group script = /usr/local/sbin/smbldap-useradd.pl -m
>-u "%u"
>-gid "%g"
> add machine script = /usr/local/sbin/smbldap-useradd.pl -a -w "%m"
> shutdown script =
> abort shutdown script =
> logon script =
> logon path = \\%N\%U\profile
> logon drive =
> logon home = \\%N\%U
> domain logons = Yes
> os level = 22
> lm announce = Auto
> lm interval = 60
> preferred master = Yes
> local master = Yes
> domain master = Yes
> browse list = Yes
> enhanced browsing = Yes
> dns proxy = No
> wins proxy = No
> wins server =
> wins support = Yes
> wins hook =
> wins partners =
> kernel oplocks = Yes
> lock spin count = 3
> lock spin time = 10
> oplock break wait time = 0
> ldap suffix = dc=sfgroup,dc=com
> ldap machine suffix = ou=People
> ldap user suffix = ou=People
> ldap group suffix =
> ldap idmap suffix =
> ldap filter = (uid=%u)
> ldap admin dn = "cn=Manager,dc=sfgroup,dc=com"
> ldap ssl = no
> ldap passwd sync = no
> ldap delete dn = No
> ldap replication sleep = 1000
> add share command =
> change share command =
> delete share command =
> config file =
> preload =
> lock directory = /var/lib/samba
> pid directory = /var/run/samba
> utmp directory =
> wtmp directory =
> utmp = No
> default service =
> message command =
> dfree command =
> get quota command =
> set quota command =
> remote announce =
> remote browse sync =
> socket address = 0.0.0.0
> homedir map = auto.home
> afs username map =
> time offset = 0
> NIS homedir = No
> source environment =
> panic action =
> host msdfs = No
> enable rid algorithm = Yes
> idmap backend =
> idmap uid =
> idmap gid =
> template primary group = nobody
> template homedir = /home/%D/%U
> template shell = /bin/false
> winbind separator = \
> winbind cache time = 300
> winbind enable local accounts = Yes
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = No
> winbind trusted domains only = No
> comment =
> path =
> username =
> invalid users =
> valid users =
> admin users =
> read list =
> write list =
> printer admin =
> force user =
> force group =
> read only = Yes
> create mask = 0744
> force create mode = 00
> security mask = 0777
> force security mode = 00
> directory mask = 0755
> force directory mode = 00
> directory security mask = 0777
> force directory security mode = 00
> inherit permissions = No
> inherit acls = No
> guest only = No
> guest ok = No
> only user = No
> hosts allow =
> hosts deny =
> nt acl support = Yes
> profile acls = No
> map acl inherit = No
> afs share = No
> afs exclusive locks = No
> block size = 1024
> max connections = 0
> min print space = 0
> strict allocate = No
> strict sync = No
> sync always = No
> use sendfile = No
> write cache size = 0
> max reported print jobs = 0
> max print jobs = 1000
> printable = No
> printing = cups
> print command = lpr -r -P'%p' %s
> lpq command = lpq -P'%p'
> lprm command = lprm -P'%p' %j
> lppause command =
> lpresume command =
> queuepause command =
> queueresume command =
> printer name =
> use client driver = No
> default devmode = No
> default case = lower
> case sensitive = No
> preserve case = Yes
> short preserve case = Yes
> mangle case = No
> mangling char = ~
> hide dot files = Yes
> hide special files = No
> hide unreadable = No
> hide unwriteable files = No
> delete veto files = No
> veto files =
> hide files =
> veto oplock files =
> map system = No
> map hidden = No
> map archive = Yes
> mangled names = Yes
> mangled map =
> browseable = Yes
> blocking locks = Yes
> csc policy = manual
> fake oplocks = No
> locking = Yes
> oplocks = Yes
> level2 oplocks = Yes
> oplock contention limit = 2
> posix locking = Yes
> strict locking = Yes
> share modes = Yes
> copy =
> include =
> exec =
> preexec close = No
> postexec =
> root preexec =
> root preexec close = No
> root postexec =
> available = Yes
> volume =
> fstype = NTFS
> set directory = No
> wide links = Yes
> follow symlinks = Yes
> dont descend =
> magic script =
> magic output =
> delete readonly = No
> dos filemode = No
> dos filetimes = No
> dos filetime resolution = No
> fake directory create times = No
> vfs objects =
> msdfs root = No
> msdfs proxy =
>
>[homes]
> comment = Home Directories
> read only = No
> browseable = No
>
>[netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> guest ok = Yes
> share modes = No
>
>[printers]
> comment = All Printers
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
>
>
>
>
>
>
>
More information about the samba
mailing list