Re: [CentOS-es] Problemas con Samba + LDAP como PDC

[Germán C . Basisty]

 Fijate los comentarios que te hago en tu smb.conf. Mira esto a ver si te
sirve:

 

[global]

        workgroup = EIPSISTEMAS

        server string = MASTER SERVER

        log file = /var/log/samba/%m.log

        max log size = 50

        security = user

        domain master = yes

        domain logons = yes

        logon script = logon.bat

        logon path = \\MORIBB\Profiles\%U

        local master = yes

        os level = 65

        preferred master = yes

        time server = yes

        admin users = Administrator @"Domain Admins"

        passdb backend = ldapsam:ldap://localhost

        ldap suffix = dc=eipsistemas,dc=com,dc=ar

        ldap user suffix = ou=People

        ldap group suffix = ou=Groups

        ldap machine suffix = ou=Computers

        ldap admin dn = cn=root,dc=eipsistemas,dc=com,dc=ar

        ldap passwd sync = yes

        add machine script = /usr/sbin/smbldap-useradd -w %u

        add user script = /usr/sbin/smbldap-useradd -m "%u"

        ldap delete dn = Yes

        delete user script = /usr/sbin/smbldap-userdel "%u"

        add group script = /usr/sbin/smbldap-groupadd -p "%g"

        delete group script = /usr/sbin/smbldap-groupdel "%g"

        add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"

        delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"

        set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

 

Saludos.-

 

 

Germán C. Basisty

EIP SISTEMAS

Consultor - Tecnología Informática

tel./fax +54 (299) 436 6929

cel. +54 (2942) 15 472 223

german.basi...@eipsistemas.com.ar

 <http://ww.eipsistemas.com.ar/> http://ww.eipsistemas.com.ar

 

 

De: centos-es-boun...@centos.org [mailto:centos-es-boun...@centos.org] En
nombre de Dominguez, Gaston Matias
Enviado el: viernes, 04 de septiembre de 2009 08:50 p.m.
Para: centos-es@centos.org
Asunto: [CentOS-es] Problemas con Samba + LDAP como PDC

 

Estoy teniendo un problemas cuando quiero cambiar las claves de los usuarios
desde la sesión de Windows 

 

Les dejo aquí el smb.conf

 

[r...@srvdc01 ~]# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Processing section "[Profiles]"
Processing section "[netlogon]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

[global]
workgroup = EISAIII
server string = Samba Server Version %v on %L
smb passwd file = /usr/bin/smbpasswd <- No se si debería ir. Estas usando
LDAP
passdb backend = ldapsam:"ldap://127.0.0.1:389 <ldap://127.0.0.1:389%22> "
username map = /etc/samba/smbusers <- Tampoco. Estas usando LDAP
syslog = 2
log file = /var/log/samba/log.%m
max log size = 1000
time server = Yes
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w %u
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
logon drive = Z:
logon home = \\%L\%U
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins server = 192.168.6.3
ldap admin dn = cn=Administrador,dc=eisaIII,dc=com
ldap delete dn = Yes
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=eisaIII,dc=com
ldap user suffix = ou=People
idmap uid = 10000-20000
idmap gid = 10000-20000
admin users = Administrador, "@Domain Admins"
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[Profiles]
comment = Roaming Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
admin users = root, maryo
guest ok = Yes
browseable = No

 

Como pueden ver estoy usando los siguientes comandos para la sincronización
de claves pero de da error.

 

# Sincronizacion de cuentas LDAP, NT y LM
# unix password sync = Yes
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd -u "%u"
passwd chat = "Changing *\nNew password*" %n\n "*Retype new password*" %n\n"


[2009/09/03 14:05:16, 1] smbd/chgpasswd.c:change_oem_password(1057)
Sep 3 14:05:16 eisaIII smbd[4801]: user test1 cannot change password now,
must wait until vie, 04 sep 2009 17:29:06 ART

Alguien tiene alguna solución para esto.

 

Saludos.

Dominguez Gastón Matías

Informática y Telecomunicaciones

ELECTROINGENIERIA S.A.

División Nuclear

Tel.: 0054-03487-481880

Fax: 0054-03487-481880 Int. 120/121

E-mail: gdoming...@eling.com.ar

Web:  <http://www.eling.com.ar/> www.eling.com.ar

 


_______________________________________________
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es