dae rapaz
tente autenticar primeiramente no seu sistema com ssh se funcionar
os usuarios estao sendo validados no banco via ldap depois veja
as configuracoes do seu smb.conf
fica com um tail -F /var/log/debug
principalmente no winbind ele pode te ajudar muito
estou configurando 1 pdc e um bdc esta tudo fuindo tranquila e longamente
vou postar o meu smb.conf pra vc ter uma referencia eu fiz o
ldap.conf e no nss_ldap.conf usar ssha como padrao de autenticacao
# Samba config file created using SWAT
# from 192.168.1.248 (192.168.1.248)
# Date: 2005/01/17 17:09:14
# Global parameters
[global]
Dos charset = CP437
Unix charset = ISO8859-1
# client code page = 850
# NetBIOS name of that comp
netbios name = intra
#Name of Domain
workgroup = Schintranet
#Comment
server string = Schwarz PDC %v
#Interface where samba works
# interfaces = 10.0.0.4/24 127.0.0.1/24
# bind interfaces only = yes
# hosts allow = 10.0.0.
name resolve order = hosts bcast
#DOMAIN CONFIG
encrypt passwords = Yes
domain master = Yes
local master = Yes
prefered master = Yes
security = user
# password server = ldap.intra.schwarz.com.br
domain logons = yes
restrict anonymous = 2
server signing = auto
# ONLY FOR 2K/XP!
lanman auth = Yes
ntlm auth = Yes
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
#Test this
disable netbios = no
#OS level!!!
os level = 65
#ALL about Loggin ^)
log level = 10
log file = /var/log/samba/%m.log
max log size = 2000
#WINBIND CONFIG!!!!
winbind separator = +
winbind use default domain = Yes
winbind uid =10000-20000
winbind gid =10000-20000
winbind enum users = yes
winbind enum groups = yes
password server= ldap.intra.schwarz.com.br
logon path = \\%L\profiles\%u
logon script = logon.bat
logon drive = H:
logon home = \\%L\%u\.win_profile\%m
# NO 9X HERE!!!
time server = yes
#LDAP STARTS HERE
passdb backend = ldapsam:ldap://ldap.intra.schwarz.com.br
ldap admin dn = "cn=samba,ou=DSA,dc=intra,dc=schwarz,dc=com,dc=br"
# ldap admin dn = "cn=Noc,dc=intra,dc=schwarz,dc=com,dc=br"
ldap delete dn = Yes
# ldap server = localhost
# ldap port = 389
ldap suffix = dc=intra,dc=schwarz,dc=com,dc=br
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
# ldap filter = "(&(uid%=%U)(ObjectClass=sambaSamAccount))"
#LDAP continue
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://ldap.intra.schwarz.com.br
idmap uid = 10000 - 20000
idmap gid = 10000 - 20000
#what is it?
map acl inherit = yes
# printing = cups
# printer admin = Administrator
#IDEALx SCRIPT's Rulezz
add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
# socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# load printers = No
# dns proxy = No
guest account = nobody
[netlogon]
path = /usr/home/samba/netlogon
writable = no
browsable = no
[profiles]
path = /home/samba/profiles
browsable = no
writable = yes
create mask = 0600
directory mask = 0700
guest ok = yes
profile acls = no
[homes]
read only = no
browsable = no
guest ok = no
map archive = yes
On Wed, 02 Feb 2005 11:44:09 -0200, Márcio Luciano Donada
<[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> William Armstrong wrote:
> |
> | fiz as alteracoes e o populate funcionou agora o smbldap-passwd
> | nao vai nem lascando acho que vou fazer o downgrade pra versao
> | smbldap-tools .8.5. 3 e continuar com ele ja que esta funcionando
> | legal
> |
> Fiz algumas alterações e ainda não estou conseguindo autenticar no ldap
> o PDC. Nos log's do sistema tenho isso:
>
> [2005/02/02 10:45:17, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1982)
> ~ ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
> invalid DN (Invalid DN syntax)
>
> Não sei oque está acontecendo, mas já tenho em minha base LDAP os
> usuários cadastrados (People) e ainda não consegui autenticar nada.
> Alguém que utiliza desse recurso podes me dar um help.
>
> []'s
> __
> Márcio Luciano Donada
> mdonada at auroraalimentos dot com dot br
> FreeBSD - The uptime is mesuared in years!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFCANkpyJq2hZEymxcRAiNjAJ4oV+ysM6gHOHzKhgEqkz0H6agVtwCgnA+B
> 4WUFLiAC1+T+IOr/VbrKfPw=
> =4YxW
> -----END PGP SIGNATURE-----
>
> _______________________________________________________________
> Para enviar um novo email para a lista: freebsd@fug.com.br
> Sair da Lista: http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
> Historico: http://www4.fugspbr.org/lista/html/FUG-BR/
>
--
-=-=-=-=-=-=-=-=-=-
William David Armstrong
Bio Systems Security.
ICQ 10253747 MSN [EMAIL PROTECTED]
_______________________________________________________________
Para enviar um novo email para a lista: freebsd@fug.com.br
Sair da Lista: http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/
