[Samba] samba + ldap
Dmitriy Kirhlarov
dkirhlarov at oilspace.com
Fri Nov 25 14:37:37 GMT 2005
Hi, all.
Now my ldap-directory used for storing unix users accounts.
I want use it for samba auth too.
My samba config and ldap records attached.
When I try start smbd I get error in logfile:
[2005/11/25 16:30:21, 3]passdb/pdb_ldap.c:ldapsam_enum_group_memberships(2513) primary group of [nobody] not found
Any ideas?
WBR
--
Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 095 105 7247 ext.203 F:+7 095 105 7246 E:DmitriyKirhlarov at oilspace.com
OILspace - The resource enriched - www.oilspace.com
-------------- next part --------------
dn: uid=root,ou=users,o=oiltest
cn: root
sn: root
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 0
uid: root
uidNumber: 0
homeDirectory: /home/root
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaPrimaryGroupSID: S-1-5-21-3177952046-2209943301-2637743033-512
sambaLMPassword: XXX
sambaNTPassword: XXX
sambaAcctFlags: [U ]
sambaSID: S-1-5-21-3177952046-2209943301-2637743033-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
dn: uid=nobody,ou=users,o=oiltest
cn: nobody
sn: nobody
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 514
uid: nobody
uidNumber: 999
homeDirectory: /dev/null
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaPrimaryGroupSID: S-1-5-21-3177952046-2209943301-2637743033-514
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaAcctFlags: [NU ]
loginShell: /bin/false
sambaSID: S-1-5-21-3177952046-2209943301-2637743033-501
dn: cn=Domain Admins,ou=groups,o=oiltest
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: Domain Admins
memberUid: root
description: Netbios Domain Administrators
sambaSID: S-1-5-21-3177952046-2209943301-2637743033-512
sambaGroupType: 2
displayName: Domain Admins
dn: cn=Domain Guests,ou=groups,o=oiltest
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 514
cn: Domain Guests
description: Netbios Domain Guests Users
sambaSID: S-1-5-21-3177952046-2209943301-2637743033-514
sambaGroupType: 2
displayName: Domain Guests
memberUid: nobody
dn: cn=Domain Users,ou=groups,o=oiltest
sambaGroupType: 2
displayName: Domain Users
description: Netbios Domain Users
objectClass: posixGroup
objectClass: sambaGroupMapping
memberUid: nobody
gidNumber: 513
sambaSID: S-1-5-21-3177952046-2209943301-2637743033-513
cn: Domain Users
-------------- next part --------------
[global]
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
admin users = root Administrator
available = yes
bind interfaces only = yes
client ntlmv2 auth = yes
deadtime = 30
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
delete user script = /usr/local/sbin/smbldap-userdel "%u"
display charset = KOI8-R
dont descend = /proc,/dev,/usr/compat/linux/proc
dos charset = CP866
dos filetimes = yes
interfaces = fxp0 lo0
lanman auth = no
ldap admin dn = uid=fbsd-samba-admin,ou=virtusers,o=oiltest
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
ldap passwd sync = Only
ldap replication sleep = 2000
ldapsam:trusted = yes
ldap ssl = start_tls
ldap suffix = o=oiltest
ldap user suffix = ou=users
log file = /var/log/samba/log
log level = 3 passdb:5 auth:10 winbind:2
map to guest = Bad User
netbios name = FBSD
os level = 65
passdb backend = ldapsam:ldap://fbsd
passwd program = /usr/local/sbin/smbldap-passwd %u
preload = Guest pub cdrom printers
security = USER
server signing = auto
server string = Samba Server on fbsd.mow.oilspace.com
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
time server = yes
workgroup = OILSPACE
[Guest]
# This share need for "map to guest" if "security" not "share"
comment = FTP public share
path = /var/ftp/pub
read only = yes
[pub]
hide dot files = no
hide special files = yes
inherit acls = yes
inherit permissions = yes
locking = yes
map acl inherit = yes
available = no
comment = FTP public share
path = /var/ftp/pub
browseable = yes
[homes]
comment = Home Directory
path = /home/%U
read only = no
browseable = yes
More information about the samba
mailing list