[Samba] Users can't login on Samba+Ldap
ray klassen
julius_ahenobarbus at yahoo.co.uk
Mon May 11 14:45:56 GMT 2009
/etc/ldap.conf has to include a lookup for passwd in the ou=Computers section or machines have to be duplicated in /etc/passwd
just find the one for Users and add a similar one for Computers.
________________________________
From: "dogbert at infinito.it" <dogbert at infinito.it>
To: Adam Williams <awilliam at mdah.state.ms.us>
Cc: samba at lists.samba.org
Sent: Monday, 11 May, 2009 7:35:01
Subject: Re: [Samba] Users can't login on Samba+Ldap
Yes, this is the [GLOBAL] section of my smb.conf
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = DOMAIN.IT
server string = SERVERNAME
map to guest = Bad User
passdb backend = ldapsam:ldap://localhost/
syslog = 0
log file = /var/log/samba/%m
max log size = 100000
smb ports = 3D 139
time server = Yes
deadtime = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
logon script = logon.bat
logon path =
logon drive = C:
logon home =
domain logons = Yes
os level = 15
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=admin,dc=DOMAIN,dc=IT
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=DOMAIN,dc=IT
ldap user suffix = ou=Users
create mask = 0640
directory mask = 0750
nt acl support = No
case sensitive = No
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
>
>
> do you have ldap machine suffix = ou=Computers
> in smb.conf?
>
> dogbert at infinito.it wrote:
> >
> > If I join a workstation (directly by the workstation) it is added to
ldap db
> > but it doesn't see the domain until I manually add an entry for it in
> > /etc/passwd
> >
> >
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list