[Samba] Samba PDC 3.4 + wins server
Gaiseric Vandal
gaiseric.vandal at gmail.com
Wed Jul 27 08:18:18 MDT 2011
On 07/27/2011 05:52 AM, Jubacca wrote:
> Hi , I use Samba 3.4.7 PDC + ldap backend . I can't put the machine if
> I don't specify
> the wins server on Pc-client. I try different name resolve order , but
> nothing change ? Can you help me ?
> My global is :
>
> [global]
> workgroup = workgroup
> netbios name = SERVER
> server string = Server Samba
> wins support = yes
> browse list = Yes
> remote announce = 10.0.0.255/workgroup
> lm announce = yes
> lm interval = 30
> dns proxy = yes
> hosts allow = 127.0.0.1 10.0.0.1/255.255.255.0
> name resolve order = wins lmhosts host bcast
> # name resolve order = bcast host lmhosts wins
> interfaces = bond0 , eth1 ,lo
> bind interfaces only = no
> log file = /var/log/samba/%U.%m.log
> log level = 0 passdb:6 auth:10 vfs:5 acls:3 msdfs:3
> max log size = 5000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> username map = /etc/samba/usermap
> case sensitive = no
> encrypt passwords = true
> enable privileges = yes
> passdb backend = ldapsam:ldap://server:389/
> ldap admin dn = cn=admin,dc=domain,dc=com
> ldap suffix = dc=domain,dc=com
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap machine suffix = ou=computers
> ldap idmap suffix = ou=idmap
> ldap ssl = off
> ldap delete dn = nomap to guest = bad user
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> os level = 255
> logon path = \\%N\profiles\%U
> logon drive = S:
> logon home = \\%N\%U
> logon script = logon.bat
> add user script = /usr/sbin/smbldap-useradd -a -m %u
> delete user script = /usr/sbin/smbldap-userdel %u
> add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
> delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
> set primary group script = /usr/sbin/smbldap-usermod -g %g %u
> add machine script = /usr/sbin/smbldap-useradd -t 0 -w %u
> add group script = /usr/sbin/smbldap-groupadd -p %g
> delete group script = /usr/sbin/smbldap-groupdel %g
> printing = cups
> socket options = TCP_NODELAY
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> time server = yes
> null passwords = no
> idmap backend = ldap:ldap://server:389/
> obey pam restrictions = yes
> ldap passwd sync = yes
> unix password sync = no
> passwd program = /usr/sbin/smbldap-passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes
>
What OS?
Did you compile from source? I ran into the following weird issue once:
Two servers with samba bundled with the OS.
One server with samba compiled from source.
Windows machines connecting from VPN- with the firewall blocking
netbios traffic.
The Windows clients could connect by name to the 1st 2 servers,
but only by IP to the 3rd one, even tho DNS name resolution worked. (I
could add an lmhosts entry on the client but this is clunky.)
This indicated to be that the server does try to resolve client names or
ip's and that something I did when I compiled samba broke this
functionality. Snooping traffic DID show the client reaching the server
but some sort of handshaking NOT completing.
I would turn up the general log level. I would also snoop traffic for a
client with out WINS to see if it is even locating the samba server.
More information about the samba
mailing list