[Samba] Samba 3.0.2rc1 / LDAP login fails, pdbedit shows user
John Schmerold
john at katy.com
Tue Jan 20 00:57:05 GMT 2004
I'm running 3.0.2rc1. User authentication was working, until I got
the bright idea to change ntgroup _users_ to users
Now no one can login, any ideas how to fix?
I've tried deleting the tree & starting over from scratch, no joy:
[root at chs root]# smbclient //chs/tmp -U doj
Password:
tree connect failed: Call returned zero bytes (EOF)
[root at chs root]#
When I run pdbedit -v, the use is listed
I can browse the LDAP tree with Jarek Gawor's LDAP Browser\Editor
smb.conf is as follows:
[global]
force user = root
hosts allow = 192.168.10. 192.168.20.
hosts deny = all
interfaces = eth0 eth1
passdb backend = ldapsam
ldap suffix = dc=hbclp,dc=com
#ldap machine suffix = ou=_COMPUTERS_
#ldap user suffix = ou=_USERS_
#ldap group suffix = ou=_GROUPS_
ldap machine suffix = ou=computers
ldap group suffix = ou=groups
ldap user suffix = ou=users
ldap admin dn = "cn=root,dc=hbclp,dc=com"
#not using ssl because this is all happening on the localhost
ldap ssl = no
#ldap ssl = Yes
#ldap ssl = start tls
idmap backend = ldap:ldap://127.0.0.1
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
wins support = yes
idmap gid = 10000-20000
idmap uid = 10000-20000
passwd chat debug = Yes
passwd program =/usr/bin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*
#mentioned that these options improve performance
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add machine script = /usr/bin/smbldap-useradd.pl -w %ms"
add user script = /usr/bin/smbldap-useradd.pl -a %u
delete user script = /usr/bin/smbldap-userdel.pl %u
add group script = /usr/bin/smbldap-groupadd.pl %g
delete group script = /usr/bin/smbldap-groupdel.pl %g
add user to group script = /usr/bin/smbldap-groupmod.pl" -m %u %g
delete user from group script = /usr/bin/smbldap-groupmod.pl -x %u %g
set primary group script = /usr/bin/smbldap-usermod.pl -G %g %u
workgroup = workgroup
netbios name = chs
comment = Chesterfield Server
server string = Chesterfield Server
security = user
null passwords = yes
encrypt passwords = yes
logon script=logon.bat
### These left Blank will force local profiles but will not override LDAP config
##if set LDAP takes precedence.
logon drive =
logon path =
domain master = yes
domain logons = yes
preferred master = yes
os level = 33
wins support = no
wins proxy = no
log file = /var/log/samba/%m.log
public = No
browseable = yes
writable = No
; necessary share for domain controller
[netlogon]
path = /netlogon
locking = no
read only = yes
write list = ntadmin
;test share
[tmp]
writeable = yes
public = yes
path = /tmp
[profiles]
path = /profiles
read only = no
writeable = yes
create mask = 0600
directory mask = 0700
[sys]
public=yes
path = /home/sys
read only = No
[vol1]
public=yes
path = /home/vol1
read only = No
[cdroms]
public=yes
path = /home/cdroms
read only = No
More information about the samba
mailing list