[Samba] Samba 3.5 + ldap backend - I can't logon under PDC

J. Echter j.echter at elektro-mayer-echter.de
Fri Aug 26 08:03:16 MDT 2011


Am 25.08.2011 12:55, schrieb Jubacca:
> Hi , I use Samba 3.5 PDC + ldap backend . I can't put the machine if I
> don't specify
> the wins server on Pc-client. I try different name resolve order , but
> nothing change ? Can you help me ?
> My global is :
>
> [global]
> workgroup = workgroup
> netbios name = SERVER
> server string = Server Samba
> wins support = yes
> browse list = Yes
> remote announce = 10.0.0.255/workgroup
> lm announce = yes
> lm interval = 30
> dns proxy = yes
> hosts allow = 127.0.0.1 10.0.0.1/255.255.255.0
> name resolve order = wins lmhosts host bcast
> # name resolve order = bcast host lmhosts wins
> interfaces = bond0 , eth1 ,lo
> bind interfaces only = no
> log file = /var/log/samba/%U.%m.log
> log level = 0 passdb:6 auth:10 vfs:5 acls:3 msdfs:3
> max log size = 5000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> username map = /etc/samba/usermap
> case sensitive = no
> encrypt passwords = true
> enable privileges = yes
> passdb backend = ldapsam:ldap://server:389/
> ldap admin dn = cn=admin,dc=domain,dc=com
> ldap suffix = dc=domain,dc=com
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap machine suffix = ou=computers
> ldap idmap suffix = ou=idmap
> ldap ssl = off
> ldap delete dn = nomap to guest = bad user
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> os level = 255
> logon path = \\%N\profiles\%U
> logon drive = S:
> logon home = \\%N\%U
> logon script = logon.bat
> add user script = /usr/sbin/smbldap-useradd -a -m %u
> delete user script = /usr/sbin/smbldap-userdel %u
> add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
> delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
> set primary group script = /usr/sbin/smbldap-usermod -g %g %u
> add machine script = /usr/sbin/smbldap-useradd -t 0 -w %u
> add group script = /usr/sbin/smbldap-groupadd -p %g
> delete group script = /usr/sbin/smbldap-groupdel %g
> printing = cups
> socket options = TCP_NODELAY
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> time server = yes
> null passwords = no
> idmap backend = ldap:ldap://server:389/
> obey pam restrictions = yes
> ldap passwd sync = yes
> unix password sync = no
> passwd program = /usr/sbin/smbldap-passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes

Hi,

which distro you are using?

i set up my ldap pdc with nsswitch.

on ubuntu you have to install libnss-ldapd.

greets

juergen


More information about the samba mailing list