[Samba] Error ldapsam

chechu chechu chechuironman at hotmail.com
Sat Oct 14 12:31:05 GMT 2006 

hi
I have pdc with openldap and samba...two server a master(shogun) and
slave(shinobi), two works right and are replicated, and samba works
right just when ldapsam is pointed to the same host where it installed
(samba is in shogun the master) i mean "passdb backend =
ldapsam:ldaps://shogun.ironman.es:636" , it works right...but when i put
"passdb backend = ldapsam:ldaps://shinobi.ironman.es:636" or 
"passdb backend = ldapsam:"ldaps://shogun.ironman.es:636
ldaps://shinobi.ironman.es:636", it works just when shogun is up. I test
shinobi for auth and it works right. The certificates are right cause i
can get auth from all machines and when i start samba teh log don't show
any thing wrong.

My smb.conf


[global]

   workgroup = IRONMAN
   netbios name = SHOGUN
   server string = SAMBA-LDAP PDC server
;  wins support = no
;  wins server = w.x.y.z
   interfaces = eth1
pam password change = Yes
   dns proxy = no
   log file = /var/log/samba/log.%m
   max log size = 1000
;   syslog only = no
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   name resolve order = lmhosts host wins bcast

####AUTENTIFICACION######

   security = user
   encrypt passwords = true
   passdb backend = ldapsam:ldaps://shogun.ironman.es:636
  ;ldappassword sync =yes
;  guest account = guest
####;   invalid users = root####
   unix password sync = no
   ldap password sync = yes 
  passwd program = /usr/local/sbin/bin/smbldap-passwd -o %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
\spassword:* %n\n .
 ;  obey pam restrictions = yes
 ;  pam password change = no


#####LDAP#####


   ldap admin dn = cn=admin,dc=ironman,dc=es
   ldap ssl = on
   ldap delete dn = no
   ldap suffix = dc=ironman,dc=es
   ldap user suffix = ou=people
   ldap group suffix = ou=groups
   ldap machine suffix = ou=machines
########## Printing ##########

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
   load printers = yes

# lpr(ng) printing. You may wish to override the location of the
# printcap file
;   printing = bsd
;   printcap name = /etc/printcap

# CUPS printing.  See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
   printing = cups
   printcap name = cups

# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
   printer admin = @domainprintoperators

#######PDC###########3

   os level = 80
   preferred master = yes
   domain master = yes
   local master = yes
   domain logons = yes
  ; logon path = //SHOGUN/profiles/%u
   logon drive = V:
   logon home = //SHOGUN/%u
   logon script =%u.bat
;   domain admin group = @domainadmins
      add user script = /usr/local/sbin/smbldap-useradd -w %u
######## File sharing ########
# Name mangling options
;   preserve case = yes
;   short preserve case = yes


############ Misc ############

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   idmap uid = 10000-20000
   idmap gid = 10000-20000
   template shell = /bin/bash
   add user script = /usr/local/sbin/smbldap-useradd -w %u

#======================= Share Definitions =======================

[homes]
   comment = Home Directories
   browseable = no
 writable = yes
   create mask = 0700
   directory mask = 0700

[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   browseable = no
   guest ok = no
   create mask = 0700
   use client driver = no 
   printable = yes
   public = yes
   writable = no
   printer admin = root, @domainprintoperators
 

[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no
;   write list = root, chechu

[netlogon]
   comment = Network Logon Service
   path = /home/users/netlogon
   writeable = no
   share modes = no
   guest ok = yes
   write list = @domainadmins

[profiles]
   comment = User's Profiles
   path =  /home/users/profiles
   writeable = yes
   browseable = no
   create mask = 0600
   directory mask = 0700
   guest ok = yes
[peliculas]
	comment = Peliculas
	path = /mnt/media/peliculas
	writable = no	
	browseable = yes
	guest ok = no

[videoclips]
        comment = Videoclips
        path = /mnt/ftp/videoclips
        writable = no
        browseable = yes
        guest ok = no
[series]
        comment = Series
        path = /mnt/media/series
        writable = no
        browseable = yes
        guest ok = no
[musica]
        comment = musica
        path = /mnt/media/musica
        writable = no
        browseable = yes
        guest ok = no

[mldonkey]
        comment = Peliculas
        path = /mldonkey
        writable = no
        browseable = yes
        guest ok = no

[pelis]
	comment = Peliculas
	path = /pelis
  writable = no
        browseable = yes
        guest ok = no

More information about the samba mailing list