[Samba] ldap users with users samba
rodrigo tavares
rodrigofariat at yahoo.com.br
Fri Jan 18 11:13:26 MST 2013
Hello !
I trying sync ldap users with users samba.
I´m using a interface, by create ldap users.
So, when ldap user be created, i want account e password samba be created.
No my smb.conf I put the follow lines:
ldap admin dn = cn=admin,dc=def,dc=mg,dc=gov,dc=br
ldap group suffix = ou = groups
ldap machine suffix = ou = computers
ldap passwd sync = yes
encrypt passwords = Yes
ldap suffix = dc=def,dc=mg,dc=gov,dc=br
ldap ssl = no
ldap user suffix = ou = defensory
smb ports = 445 139
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
passwd program = /usr/sbin/smbldap-passwd -s "%u"
passdb backend = ldapsam:ldap://10.65.8.95
passdb backend = tdbsam
hosts allow = 127.0.0.1, 10.65.8.0/255.255.252.0
pam password change = yes
passwd program = /usr/bin/passwd %u
I make a configure in sladp.conf:
include /etc/ldap/schema/ppolicy.schema
moduleload ppolicy.so
overlay ppolicy
access to attrs=userPassword,shadowLastChange,sambaPwdMustChange,sambaLMPassword,sambaPwdLastSet,sambaNTPassword
by dn="cn=admin,dc=def,dc=mg,dc=gov,dc=br" write
by anonymous auth
by self write
by * none
The user ldap is done, but samba user is not created.
See some logs:
Jan 18 16:09:01 defensoria slapd[6210]: conn=2455 fd=50 ACCEPT from IP=10.65.8.95:54507 (IP=0.0.0.0:389)
So its bad.
root at replica:/etc/ldap# smbclient -L 10.65.8.95 -U xbox
Enter xbox's password:
session setup failed: NT_STATUS_LOGON_FAILURE
Thanks !
Rodrigo Faria Tavares
More information about the samba
mailing list