[Samba] Problem Connecting from Windows to Samba-OpenLDAP PDC
Adam Gritt
msoegrad at gmail.com
Wed Jun 22 02:12:50 GMT 2005
Every time I try to add a pc to the domain I get the response that it
is an un-recognized user name. I have followed the instructions
located here:
http://samba.idealx.org/smbldap-howto.en.html
and am setting it up on a copy of Fedora Core 4 using the default
installed packages and versions. I am also unable to complete step
4.5 in the guide to test out the setup because it gives me the
following error:
[root at Fedora4 namedb]# ssh testuser1 at xxx.xxx.xxx
testuser1 at xxx.xxx.xxx's password:
Permission denied, please try again.
testuser1 at xxx.xxx.xxxs password:
Permission denied, please try again.
testuser1 at xxx.xxx.xxx's password:
Permission denied (publickey,gssapi-with-mic,password).
I have made sure that the user directory does in fact exist and has
permissions on it because I know that ssh can fail if there is no user
directory. I have pasted in my configuration files as well. I am
only working on it in a test environment so I don't care about any
passwords that may appear. I have included all the configuration
files for Samba, Ldap, Nss, System Auth, and the DNS information.
Following that will be some of the log entries. I hope this should
provide enough information as to what is going on so I can get the
most help possible. And thanks for any help that people can provide
into this.
====== NAMED.CONF =========
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/etc/namedb";
dump-file "/var/cache_dump.db";
statistics-file "/var/run/named.stats";
pid-file "/var/run/named.pid";
allow-query { 10.0.0.0/24; localhost; };
allow-recursion { 10.0.0.0/24; localhost; };
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
};
zone "mtgmilw.biz" {
type master;
notify no;
file "pz/mtgmilw.biz";
allow-query { any; };
};
zone "0.0.10.in-addr.arpa" {
type master;
notify no;
file "pz/10.0.0";
allow-query { any; };
};
include "/etc/rndc.key";
============================
===== 10.0.0 =================
$TTL 3D
@ IN SOA ns.mtgmilw.biz. hostmaster.mtgmilw.biz. (
200506192 ; Serial, todays date + todays serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D ) ; Minimum TTL
NS ns.mtgmilw.biz
1 PTR gw.mtgmilw.biz.
2 PTR ns.mtgmilw.biz.
3 PTR ftp.mtgmilw.biz.
4 PTR pdc-srv.mtgmilw.biz.
================================
==========127.0.0================
$TTL 3D
@ IN SOA ns.mtgmilw.biz. hostmaster.mtgmilw.biz. (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D) ; Minimum TTL
NS ns.mtgmilw.biz.
1 PTR localhost.
==============================
==========mtgmilw.biz============
;
; Zone file for mtgmilw.biz
;
; the full zone file
;
$TTL 3D
@ IN SOA ns.mtgmilw.biz. hostmaster.mtgmilw.biz. (
200506191 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
NS ns ; Inet Address of name server
;
localhost A 127.0.0.1
;
gw A 10.0.0.1
TXT "The router"
;
ns A 10.0.0.75
www CNAME ns
;
ftp A 10.0.0.75
;
pdc-srv A 10.0.0.75
TXT "Domain Controller"
=============================
=========SYSTEM-AUTH========
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore]
/lib/security/$ISA/pam_ldap.so
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so
===================================
==========NSSWITCH.CONF===========
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files ldap
shadow: files ldap
group: files ldap
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
==============================
========= SLAPD.CONF =========
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
# Allow LDAPv2 client connections. This is NOT the default.
#allow bind_v2
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
# Load dynamic backend modules:
#modulepath /usr/sbin/openldap
#moduleload back_bdb.la
#moduleload back_ldap.la
#moduleload back_ldbm.la
#moduleload back_passwd.la
#moduleload back_shell.la
# The next three lines allow use of TLS for encrypting connections using a
# dummy test certificate which you can generate by changing to
# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it. Your client software
# may balk at self-signed certificates, however.
# TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database bdb
directory /var/lib/ldap
suffix dc=mtgmilw,dc=biz
rootdn "cn=Manager,dc=mtgmilw,dc=biz"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
# rootpw {crypt}ijFYNcSNctBYg
rootpw {MD5}z6esruJ0bazhCUSsbfqPnw==
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
# Indices to maintain for this database
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 starttls=critical
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com at EXAMPLE.COM
# users can authenticate and change their password
access to attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=nssldap,ou=DSA,dc=mtgmilw,dc=biz" write
by self write
by anonymous auth
by * none
# some attributes need to be readable anonymously so that 'id user'
can answer correctly
access to attrs=objectClass,entry,homeDirectory,uid,uidNumber,gidNumber,memberUid
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by * read
# somme attributes can be writable by users themselves
access to attrs=description,telephoneNumber,roomNumber,homePhone,loginShell,gecos,cn,sn,givenname
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by self write
by * read
# some attributes need to be writable for samba
access to attrs=cn,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaLogonTime,sambaLogoffTime,sambaKickoffTime,sambaPwdCanChange,sambaPwdMustChange,sambaAcctFlags,displayName,sambaHomePath,sambaHomeDrive,sambaLogonScript,sambaProfilePath,description,sambaUserWorkstations,sambaPrimaryGroupSID,sambaDomainName,sambaMungedDial,sambaBadPasswordCount,sambaBadPasswordTime,sambaPasswordHistory,sambaLogonHours,sambaSID,sambaSIDList,sambaTrustFlags,sambaGroupType,sambaNextRid,sambaNextGroupRid,sambaNextUserRid,sambaAlgorithmicRidBase,sambaShareName,sambaOptionName,sambaBoolOption,sambaIntegerOption,sambaStringOption,sambaStringListoption
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by self read
by * none
# samba need to be able to create the samba domain account
access to dn.base="dc=mtgmilw,dc=biz"
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by * none
# samba need to be able to create new users account
access to dn="ou=Users,dc=mtgmilw,dc=biz"
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by * none
# samba need to be able to create new groups account
access to dn="ou=Groups,dc=mtgmilw,dc=biz"
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by * none
# samba need to be able to create new computers account
access to dn="ou=Computers,dc=mtgmilw,dc=biz"
by dn="cn=samba,ou=DSA,dc=mtgmilw,dc=biz" write
by dn="cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz" write
by * none
# this can be omitted but we leave it: there could be other branch
# in the directory
access to *
by self read
by * none
==========================
========LDAP.CONF=========
# @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#
# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
#host 10.0.0.75
# The distinguished name of the search base.
base dc=mtgmilw,dc=biz
# Another way to specify your LDAP server is to provide an
# uri with the server name. This allows to use
# Unix Domain Sockets to connect to a local LDAP Server.
uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator
# The LDAP version to use (defaults to 3
# if supported by client library)
#ldap_version 3
# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=proxyuser,dc=example,dc=com
# The credentials to bind with.
# Optional: default is no credential.
#bindpw secret
# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/ldap.secret (mode 600)
rootbinddn cn=nssldap,ou=DSA,dc=mtgmilw,dc=biz
# The port.
# Optional: default is 389.
#port 389
# The search scope.
#scope sub
#scope one
#scope base
# Search timelimit
#timelimit 30
# Bind/connect timelimit
#bind_timelimit 30
# Reconnect policy: hard (default) will retry connecting to
# the software with exponential backoff, soft will fail
# immediately.
#bind_policy hard
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
#pam_login_attribute uid
# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes
# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account management (authorization)
# then the user will not be allowed to login.
#pam_check_host_attr yes
# Check the 'authorizedService' attribute for access
# control
# Default is no; if set to yes, and the user has no
# value for the authorizedService attribute, and
# pam_ldap is configured for account management
# (authorization) then the user will not be allowed
# to login.
#pam_check_service_attr yes
# Group to enforce membership of
#pam_groupdn cn=PAM,ou=Groups,dc=example,dc=com
# Group member attribute
#pam_member_attribute uniquemember
# Specify a minium or maximum UID number allowed
#pam_min_uid 0
#pam_max_uid 0
# Template login attribute, default template user
# (can be overriden by value of former attribute
# in user's entry)
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody
# HEADS UP: the pam_crypt, pam_nds_passwd,
# and pam_ad_passwd options are no
# longer supported.
#
# If you are using XAD, you can set pam_password
# to racf, ad, or exop. Make sure that you have
# SSL enabled.
# Do not hash the password at all; presume
# the directory server will do it, if
# necessary. This is the default.
#pam_password clear
# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service.
#pam_password crypt
# Remove old password first, then update in
# cleartext. Necessary for use with Novell
# Directory Services (NDS)
#pam_password nds
# RACF is an alias for the above. For use with
# IBM RACF
#pam_password racf
# Update Active Directory password, by
# creating Unicode password and updating
# unicodePwd attribute.
#pam_password ad
# Use the OpenLDAP password change
# extended operation to update the password.
#pam_password exop
# Redirect users to a URL or somesuch on password
# changes.
#pam_password_prohibit_message Please visit http://internal to change
your password.
# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be &'d with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd ou=People,
# to append the default base DN but this
# may incur a small performance impact.
nss_base_passwd ou=Users,dc=mtgmilw,dc=biz?one
nss_base_passwd ou=Computers,dc=mtgmilw,dc=biz?one
nss_base_shadow ou=Users,dc=mtgmilw,dc=biz?one
nss_base_group ou=Groups,dc=mtgmilw,dc=biz?one
#nss_base_hosts ou=Hosts,dc=example,dc=com?one
#nss_base_services ou=Services,dc=example,dc=com?one
#nss_base_networks ou=Networks,dc=example,dc=com?one
#nss_base_protocols ou=Protocols,dc=example,dc=com?one
#nss_base_rpc ou=Rpc,dc=example,dc=com?one
#nss_base_ethers ou=Ethers,dc=example,dc=com?one
#nss_base_netmasks ou=Networks,dc=example,dc=com?ne
#nss_base_bootparams ou=Ethers,dc=example,dc=com?one
#nss_base_aliases ou=Aliases,dc=example,dc=com?one
#nss_base_netgroup ou=Netgroup,dc=example,dc=com?one
# attribute/objectclass mapping
# Syntax:
#nss_map_attribute rfc2307attribute mapped_attribute
#nss_map_objectclass rfc2307objectclass mapped_objectclass
# configure --enable-nds is no longer supported.
# NDS mappings
#nss_map_attribute uniqueMember member
# Services for UNIX 3.5 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount User
#nss_map_attribute uid msSFU30Name
#nss_map_attribute uniqueMember msSFU30PosixMember
#nss_map_attribute userPassword msSFU30Password
#nss_map_attribute homeDirectory msSFU30HomeDirectory
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_objectclass posixGroup Group
#pam_login_attribute msSFU30Name
#pam_filter objectclass=User
#pam_password ad
# configure --enable-mssfu-schema is no longer supported.
# Services for UNIX 2.0 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid msSFUName
#nss_map_attribute uniqueMember posixMember
#nss_map_attribute userPassword msSFUPassword
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup Group
#nss_map_attribute cn msSFUName
#pam_login_attribute msSFUName
#pam_filter objectclass=User
#pam_password ad
# RFC 2307 (AD) mappings
#nss_map_objectclass posixAccount user
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid sAMAccountName
#nss_map_attribute homeDirectory unixHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup group
#nss_map_attribute uniqueMember member
#pam_login_attribute sAMAccountName
#pam_filter objectclass=User
#pam_password ad
# configure --enable-authpassword is no longer supported
# AuthPassword mappings
#nss_map_attribute userPassword authPassword
# AIX SecureWay mappings
#nss_map_objectclass posixAccount aixAccount
#nss_base_passwd ou=aixaccount,?one
#nss_map_attribute uid userName
#nss_map_attribute gidNumber gid
#nss_map_attribute uidNumber uid
#nss_map_attribute userPassword passwordChar
#nss_map_objectclass posixGroup aixAccessGroup
#nss_base_group ou=aixgroup,?one
#nss_map_attribute cn groupName
#nss_map_attribute uniqueMember member
#pam_login_attribute userName
#pam_filter objectclass=aixAccount
#pam_password clear
# Netscape SDK LDAPS
#ssl on
# Netscape SDK SSL options
#sslpath /etc/ssl/certs/cert7.db
# OpenLDAP SSL mechanism
# start_tls mechanism uses the normal LDAP port, LDAPS typically 636
#ssl start_tls
#ssl on
# OpenLDAP SSL options
# Require and verify server certificate (yes/no)
# Default is "no"
#tls_checkpeer yes
# CA certificates for server certificate verification
# At least one of these are required if tls_checkpeer is "yes"
#tls_cacertfile /etc/ssl/ca.cert
#tls_cacertdir /etc/ssl/certs
# Seed the PRNG if /dev/urandom is not provided
#tls_randfile /var/run/egd-pool
# SSL cipher suite
# See man ciphers for syntax
#tls_ciphers TLSv1
# Client certificate and key
# Use these, if your server requires client authentication.
#tls_cert
#tls_key
# Disable SASL security layers. This is needed for AD.
#sasl_secprops maxssf=0
# Override the default Kerberos ticket cache location.
#krb5_ccname FILE:/etc/.ldapcache
# SASL mechanism for PAM authentication - use is experimental
# at present and does not support password policy control
#pam_sasl_mech DIGEST-MD5
ssl no
#tls_cacertdir /etc/openldap/cacerts
pam_password md5
tls_cacertdir /etc/openldap/cacerts
#debug 256
#logdir /data/logs
=========================
===========SMB.CONF=======
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]
preserve case = yes
obey pam restrictions = No
enable privileges = yes
delete user from group script =
/usr/local/sbin/smbldap-groupmod -x "%u" "%g"
time server = Yes
show add printer wizard = yes
nt acl support = No
netbios name = PDC-SRV
ldap passwd sync = Yes
printing = cups
logon script = logon.bat
min passwd length = 8
dos charset = 850
workgroup = MTGMILW.BIZ
os level = 33
ldap admin dn = cn=Manager,dc=mtgmilw,dc=biz
printcap name = cups
security = user
short preserve case = yes
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
max log size = 100000
log level = 5
log file = /var/log/samba/log.%m
load printers = yes
guest account = nobody
ldap user suffix = ou=Users
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
mangling method = hash2
logon drive = H:
deadtime = 10
create mask = 0640
domain master = yes
username map = /etc/samba/smbusers
interfaces = 10.0.0.75
map to guest = Bad User
encrypt passwords = yes
passdb backend = ldapsam:ldap://127.0.0.1/
logon home =
printer admin = @"Print Operators"
case sensitive = no
wins support = yes
ldap delete dn = Yes
ldap machine suffix = ou=Computers
ldap group suffix = ou=Groups
server string = Samba Server %v
ldap suffix = dc=mtgmilw,dc=biz
logon path =
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
directory mask = 0750
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
syslog = 0
ldap idmap suffix = ou=Users
preferred master = Yes
unix charset = ISO8859-1
domain logons = Yes
ldap ssl = no
[homes]
comment = Home Directories
browseable = no
read only = No
create mask = 0644
directory mask = 0775
# Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
; comment = Network Logon Service
path = /home/netlogon
browseable = No
read only = yes
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
path = /home/profiles
browseable = no
guest ok = yes
read only = no
create mask = 0600
directory mask = 0700
profile acls = yes
csc policy = disable
force user = %U
valid users = %U @"Domain Admins"
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = Network Printers
printer admin = @"Print Operators"
path = /home/spool/
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = yes
writable = no
printable = yes
read only = yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
[print$]
path = /home/printers
guest ok = No
browseable = yes
read only = yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
[public]
comment = Public Stuff
path = /home/public
browseable = yes
guest ok = yes
directory mask = 0775
create mask = 0664
read only = no
==============================
==========SMBLDAP-DSA.LDIFF======
dn: ou=DSA,dc=mtgmilw,dc=biz
objectClass: top
objectClass: organizationalUnit
ou: DSA
description: security accounts for LDAP clients
dn: cn=samba,ou=DSA,dc=mtgmilw,dc=biz
objectclass: organizationalRole
objectClass: top
objectClass: simpleSecurityObject
userPassword: {MD5}z6esruJ0bazhCUSsbfqPnw==
cn: samba
dn: cn=nssldap,ou=DSA,dc=mtgmilw,dc=biz
objectclass: organizationalRole
objectClass: top
objectClass: simpleSecurityObject
userPassword: {MD5}z6esruJ0bazhCUSsbfqPnw==
cn: nssldap
dn: cn=smbldap-tools,ou=DSA,dc=mtgmilw,dc=biz
objectclass: organizationalRole
objectClass: top
objectClass: simpleSecurityObject
userPassword: {MD5}z6esruJ0bazhCUSsbfqPnw==
cn: smbldap-tools
==============================
======LOGFILE-1=============
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=1344
smb_uid=100
smb_mid=2240
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 48 (0x30)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 48 (0x30)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=49
[2005/06/21 16:31:08, 3] smbd/process.c:process_smb(1091)
Transaction 37 of length 45
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=41
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=51207
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=2304
smt_wct=3
smb_vwv[ 0]=29784 (0x7458)
smb_vwv[ 1]=65535 (0xFFFF)
smb_vwv[ 2]=65535 (0xFFFF)
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 9027) conn 0x929eb58
[2005/06/21 16:31:08, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/06/21 16:31:08, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=7458
[2005/06/21 16:31:08, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1172)
pipe name lsarpc pnum=7458 (pipes_open=1)
[2005/06/21 16:31:08, 5] smbd/pipes.c:reply_pipe_close(260)
reply_pipe_close: pnum:7458
[2005/06/21 16:31:08, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name lsarpc pnum=7458 (pipes_open=0)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=2304
smt_wct=0
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:process_smb(1091)
Transaction 38 of length 43
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=39
smb_com=0x74
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=51207
smb_tid=0
smb_pid=65279
smb_uid=100
smb_mid=2368
smt_wct=2
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:switch_message(886)
switch message SMBulogoffX (pid 9027) conn 0x0
[2005/06/21 16:31:08, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_nt_user_token(485)
NT user token: (NULL)
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_unix_user_token(506)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/06/21 16:31:08, 5] smbd/uid.c:change_to_root_user(296)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/06/21 16:31:08, 5] auth/auth_util.c:free_server_info(1406)
attempting to free (and zero) a server_info structure
[2005/06/21 16:31:08, 3] smbd/reply.c:reply_ulogoffX(1264)
ulogoffX vuid=100
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=39
smb_com=0x74
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=65279
smb_uid=100
smb_mid=2368
smt_wct=2
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:process_smb(1091)
Transaction 39 of length 39
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb_flg2=51207
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=2432
smt_wct=0
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:switch_message(886)
switch message SMBtdis (pid 9027) conn 0x929eb58
[2005/06/21 16:31:08, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_nt_user_token(485)
NT user token: (NULL)
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_unix_user_token(506)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/06/21 16:31:08, 5] smbd/uid.c:change_to_root_user(296)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/06/21 16:31:08, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_nt_user_token(485)
NT user token: (NULL)
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_unix_user_token(506)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/06/21 16:31:08, 5] smbd/uid.c:change_to_root_user(296)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/06/21 16:31:08, 3] smbd/service.c:close_cnum(830)
sancho (10.0.0.150) closed connection to service IPC$
[2005/06/21 16:31:08, 3] smbd/connection.c:yield_connection(69)
Yielding connection to IPC$
[2005/06/21 16:31:08, 4] smbd/vfs.c:vfs_ChDir(660)
vfs_ChDir to /
[2005/06/21 16:31:08, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_nt_user_token(485)
NT user token: (NULL)
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_unix_user_token(506)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/06/21 16:31:08, 5] smbd/uid.c:change_to_root_user(296)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(486)
[2005/06/21 16:31:08, 5] lib/util.c:show_msg(496)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=65279
smb_uid=100
smb_mid=2432
smt_wct=0
smb_bcc=0
[2005/06/21 16:31:08, 3] smbd/process.c:timeout_processing(1334)
timeout_processing: End of file from client (client has disconnected).
[2005/06/21 16:31:08, 5] lib/gencache.c:gencache_shutdown(88)
Closing cache file
[2005/06/21 16:31:08, 5] libsmb/namecache.c:namecache_shutdown(79)
namecache_shutdown: netbios namecache closed successfully.
[2005/06/21 16:31:08, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_nt_user_token(485)
NT user token: (NULL)
[2005/06/21 16:31:08, 5] auth/auth_util.c:debug_unix_user_token(506)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2005/06/21 16:31:08, 5] smbd/uid.c:change_to_root_user(296)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2005/06/21 16:31:08, 2] smbd/server.c:exit_server(609)
Closing connections
[2005/06/21 16:31:08, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2005/06/21 16:31:08, 5] smbd/oplock.c:receive_local_message(107)
receive_local_message: doing select with timeout of 1 ms
[2005/06/21 16:31:08, 3] smbd/server.c:exit_server(652)
Server exit (normal exit)
==========================================
============NMBD LOG=================
[2005/06/21 19:38:46, 0] smbd/server.c:main(798)
smbd version 3.0.14a-2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2005/06/21 19:38:46, 1] param/loadparm.c:lp_do_parameter(3159)
WARNING: The "min passwd length" option is deprecated
[2005/06/21 19:38:46, 5] lib/debug.c:debug_dump_status(366)
INFO: Current debug levels:
all: True/5
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
doing parameter log file = /var/log/samba/log.%m
doing parameter load printers = yes
doing parameter guest account = nobody
doing parameter ldap user suffix = ou=Users
doing parameter add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter add user to group script =
/usr/local/sbin/smbldap-groupmod -m "%u" "%g"
doing parameter mangling method = hash2
doing parameter logon drive = H:
doing parameter deadtime = 10
doing parameter create mask = 0640
doing parameter domain master = yes
doing parameter username map = /etc/samba/smbusers
doing parameter interfaces = 10.0.0.75
doing parameter map to guest = Bad User
doing parameter encrypt passwords = yes
doing parameter passdb backend = ldapsam:ldap://127.0.0.1/
doing parameter logon home =
doing parameter printer admin = @"Print Operators"
doing parameter case sensitive = no
doing parameter wins support = yes
doing parameter ldap delete dn = Yes
doing parameter ldap machine suffix = ou=Computers
doing parameter ldap group suffix = ou=Groups
doing parameter server string = Samba Server %v
doing parameter ldap suffix = dc=mtgmilw,dc=biz
doing parameter logon path =
doing parameter add user script = /usr/local/sbin/smbldap-useradd -m "%u"
doing parameter directory mask = 0750
doing parameter set primary group script =
/usr/local/sbin/smbldap-usermod -g "%g" "%u"
doing parameter syslog = 0
doing parameter ldap idmap suffix = ou=Users
doing parameter preferred master = Yes
doing parameter unix charset = ISO8859-1
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
doing parameter domain logons = Yes
doing parameter ldap ssl = no
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter browseable = no
doing parameter read only = No
doing parameter create mask = 0644
doing parameter directory mask = 0775
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[netlogon]"
doing parameter path = /home/netlogon
doing parameter browseable = No
doing parameter read only = yes
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[Profiles]"
doing parameter path = /home/profiles
doing parameter browseable = no
doing parameter guest ok = yes
doing parameter read only = no
doing parameter create mask = 0600
doing parameter directory mask = 0700
doing parameter profile acls = yes
doing parameter csc policy = disable
doing parameter force user = %U
doing parameter valid users = %U @"Domain Admins"
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[printers]"
doing parameter comment = Network Printers
doing parameter printer admin = @"Print Operators"
doing parameter path = /home/spool/
doing parameter browseable = no
doing parameter guest ok = yes
doing parameter writable = no
doing parameter printable = yes
doing parameter read only = yes
doing parameter print command = /usr/bin/lpr -P%p -r %s
doing parameter lpq command = /usr/bin/lpq -P%p
doing parameter lprm command = /usr/bin/lprm -P%p %j
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[print$]"
doing parameter path = /home/printers
doing parameter guest ok = No
doing parameter browseable = yes
doing parameter read only = yes
doing parameter valid users = @"Print Operators"
doing parameter write list = @"Print Operators"
doing parameter create mask = 0664
doing parameter directory mask = 0775
[2005/06/21 19:38:46, 2] param/loadparm.c:do_section(3435)
Processing section "[public]"
doing parameter comment = Public Stuff
doing parameter path = /home/public
doing parameter browseable = yes
doing parameter guest ok = yes
doing parameter directory mask = 0775
doing parameter create mask = 0664
doing parameter read only = no
[2005/06/21 19:38:46, 4] param/loadparm.c:lp_load(3947)
pm_process() returned Yes
[2005/06/21 19:38:46, 3] param/loadparm.c:lp_add_ipc(2404)
adding IPC service
[2005/06/21 19:38:46, 3] param/loadparm.c:lp_add_ipc(2404)
adding IPC service
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:38:46, 3] printing/pcap.c:pcap_cache_reload(114)
reloading printcap cache
[2005/06/21 19:38:46, 5] printing/print_cups.c:cups_cache_reload(71)
reloading cups printcap cache
[2005/06/21 19:38:46, 3] printing/pcap.c:pcap_cache_reload(213)
reload status: ok
[2005/06/21 19:38:46, 3] printing/pcap.c:pcap_cache_reload(114)
reloading printcap cache
[2005/06/21 19:38:46, 5] printing/print_cups.c:cups_cache_reload(71)
reloading cups printcap cache
[2005/06/21 19:38:46, 3] printing/pcap.c:pcap_cache_reload(213)
reload status: ok
[2005/06/21 19:43:15, 0] smbd/server.c:main(798)
smbd version 3.0.14a-2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2005/06/21 19:43:15, 1] param/loadparm.c:lp_do_parameter(3159)
WARNING: The "min passwd length" option is deprecated
[2005/06/21 19:43:15, 5] lib/debug.c:debug_dump_status(366)
INFO: Current debug levels:
all: True/5
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
doing parameter log file = /var/log/samba/log.%m
doing parameter load printers = yes
doing parameter guest account = nobody
doing parameter ldap user suffix = ou=Users
doing parameter add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter add user to group script =
/usr/local/sbin/smbldap-groupmod -m "%u" "%g"
doing parameter mangling method = hash2
doing parameter logon drive = H:
doing parameter deadtime = 10
doing parameter create mask = 0640
doing parameter domain master = yes
doing parameter username map = /etc/samba/smbusers
doing parameter interfaces = 10.0.0.75
doing parameter map to guest = Bad User
doing parameter encrypt passwords = yes
doing parameter passdb backend = ldapsam:ldap://127.0.0.1/
doing parameter logon home =
doing parameter printer admin = @"Print Operators"
doing parameter case sensitive = no
doing parameter wins support = yes
doing parameter ldap delete dn = Yes
doing parameter ldap machine suffix = ou=Computers
doing parameter ldap group suffix = ou=Groups
doing parameter server string = Samba Server %v
doing parameter ldap suffix = dc=mtgmilw,dc=biz
doing parameter logon path =
doing parameter add user script = /usr/local/sbin/smbldap-useradd -m "%u"
doing parameter directory mask = 0750
doing parameter set primary group script =
/usr/local/sbin/smbldap-usermod -g "%g" "%u"
doing parameter syslog = 0
doing parameter ldap idmap suffix = ou=Users
doing parameter preferred master = Yes
doing parameter unix charset = ISO8859-1
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
doing parameter domain logons = Yes
doing parameter ldap ssl = no
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter browseable = no
doing parameter read only = No
doing parameter create mask = 0644
doing parameter directory mask = 0775
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[netlogon]"
doing parameter path = /home/netlogon
doing parameter browseable = No
doing parameter read only = yes
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[Profiles]"
doing parameter path = /home/profiles
doing parameter browseable = no
doing parameter guest ok = yes
doing parameter read only = no
doing parameter create mask = 0600
doing parameter directory mask = 0700
doing parameter profile acls = yes
doing parameter csc policy = disable
doing parameter force user = %U
doing parameter valid users = %U @"Domain Admins"
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[printers]"
doing parameter comment = Network Printers
doing parameter printer admin = @"Print Operators"
doing parameter path = /home/spool/
doing parameter browseable = no
doing parameter guest ok = yes
doing parameter writable = no
doing parameter printable = yes
doing parameter read only = yes
doing parameter print command = /usr/bin/lpr -P%p -r %s
doing parameter lpq command = /usr/bin/lpq -P%p
doing parameter lprm command = /usr/bin/lprm -P%p %j
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[print$]"
doing parameter path = /home/printers
doing parameter guest ok = No
doing parameter browseable = yes
doing parameter read only = yes
doing parameter valid users = @"Print Operators"
doing parameter write list = @"Print Operators"
doing parameter create mask = 0664
doing parameter directory mask = 0775
[2005/06/21 19:43:15, 2] param/loadparm.c:do_section(3435)
Processing section "[public]"
doing parameter comment = Public Stuff
doing parameter path = /home/public
doing parameter browseable = yes
doing parameter guest ok = yes
doing parameter directory mask = 0775
doing parameter create mask = 0664
doing parameter read only = no
[2005/06/21 19:43:15, 4] param/loadparm.c:lp_load(3947)
pm_process() returned Yes
[2005/06/21 19:43:15, 3] param/loadparm.c:lp_add_ipc(2404)
adding IPC service
[2005/06/21 19:43:15, 3] param/loadparm.c:lp_add_ipc(2404)
adding IPC service
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/06/21 19:43:15, 3] printing/pcap.c:pcap_cache_reload(114)
reloading printcap cache
[2005/06/21 19:43:15, 5] printing/print_cups.c:cups_cache_reload(71)
reloading cups printcap cache
[2005/06/21 19:43:15, 3] printing/pcap.c:pcap_cache_reload(213)
reload status: ok
[2005/06/21 19:43:15, 3] printing/pcap.c:pcap_cache_reload(114)
reloading printcap cache
[2005/06/21 19:43:15, 5] printing/print_cups.c:cups_cache_reload(71)
reloading cups printcap cache
[2005/06/21 19:43:15, 3] printing/pcap.c:pcap_cache_reload(213)
reload status: ok
=======================================
============messages===================
Jun 21 19:32:05 localhost gpm[1855]: *** info [startup.c(95)]:
Jun 21 19:32:05 localhost gpm[1855]: Started gpm successfully. Entered
daemon mode.
Jun 21 19:32:05 localhost gpm[1855]: *** info [mice.c(1766)]:
Jun 21 19:32:05 localhost gpm[1855]: imps2: Auto-detected intellimouse PS/2
Jun 21 19:32:09 localhost fstab-sync[1932]: removed all generated mount points
Jun 21 19:32:09 localhost fstab-sync[1941]: added mount point
/media/floppy for /dev/fd0
Jun 21 19:32:10 localhost fstab-sync[1944]: added mount point
/media/cdrom for /dev/hdc
Jun 21 19:32:21 localhost kernel: mtrr: your processor doesn't support
write-combining
Jun 21 19:33:55 localhost PAM-securetty[2234]: access denied: tty
'pts/1' is not secure !
Jun 21 19:34:00 localhost login[2234]: FAILED LOGIN 1 FROM 10.0.0.2
FOR root, Authentication failure
Jun 21 19:34:09 localhost login[2234]: pam_ldap: ldap_simple_bind
Can't contact LDAP server
Jun 21 19:34:09 localhost login[2234]: Authentication service cannot
retrieve authentication info.
Jun 21 19:34:58 localhost gdm[2179]: pam_ldap: ldap_simple_bind Can't
contact LDAP server
Jun 21 19:34:58 localhost gdm[2179]: Couldn't set acct. mgmt for admin
Jun 21 19:35:05 localhost gdm(pam_unix)[2179]: session opened for user
root by (uid=0)
Jun 21 19:35:08 localhost gconfd (root-2304): starting (version
2.10.0), pid 2304 user 'root'
Jun 21 19:35:08 localhost gconfd (root-2304): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only
configuration source at position 0
Jun 21 19:35:08 localhost gconfd (root-2304): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 1
Jun 21 19:35:08 localhost gconfd (root-2304): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only
configuration source at position 2
Jun 21 19:35:16 localhost gconfd (root-2304): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 0
Jun 21 19:38:29 localhost named[2448]: starting BIND 9.3.1 -u named -t
/chroot/named -c /etc/named.conf -d 2
Jun 21 19:38:29 localhost named[2448]: found 1 CPU, using 1 worker thread
Jun 21 19:38:29 localhost named[2448]: loading configuration from
'/etc/named.conf'
Jun 21 19:38:29 localhost named[2448]: listening on IPv4 interface lo,
127.0.0.1#53
Jun 21 19:38:29 localhost named[2448]: listening on IPv4 interface
eth0, 10.0.0.75#53
Jun 21 19:38:29 localhost named[2448]: command channel listening on
127.0.0.1#953
Jun 21 19:38:29 localhost named[2448]: zone 0.0.10.in-addr.arpa/IN:
loaded serial 200506192
Jun 21 19:38:29 localhost named[2448]: zone 0.0.127.in-addr.arpa/IN:
loaded serial 1
Jun 21 19:38:29 localhost named[2448]: zone mtgmilw.biz/IN: loaded
serial 200506191
Jun 21 19:38:29 localhost named[2448]: zone mtgmilw-nt.biz/IN: loaded
serial 200506201
Jun 21 19:38:29 localhost named[2448]: running
Jun 21 19:39:28 localhost remote(pam_unix)[2499]: session opened for
user admin by (uid=0)
Jun 21 19:39:28 localhost -- admin[2499]: LOGIN ON pts/2 BY admin
FROM ns.mtgmilw.biz
Jun 21 19:40:03 localhost su(pam_unix)[2529]: session opened for user
root by (uid=500)
Jun 21 19:45:13 localhost su(pam_unix)[2529]: session closed for user root
Jun 21 19:45:15 localhost remote(pam_unix)[2499]: session closed for user admin
Jun 21 20:01:02 localhost crond(pam_unix)[2816]: session opened for
user root by (uid=0)
Jun 21 20:01:02 localhost crond(pam_unix)[2816]: session closed for user root
Jun 21 20:12:32 localhost remote(pam_unix)[2912]: session opened for
user root by (uid=0)
Jun 21 20:12:32 localhost -- root[2912]: ROOT LOGIN ON pts/2 FROM
ns.mtgmilw.biz
==============================================
More information about the samba
mailing list