Raphael Melo de Oliveira Bastos Sales wrote:
Hi everyone,
I've been trying to set up an authentication server for a mixed LAN
(Windows and Linux clientes ) and I'm having problems with Samba.
The way it is today, the Windows clients can access the Samba
server and each user can access it's home, by double-clicking on the
server icon on the screen that shows all the machines on the network.
But I'm unable to register the client workstations on the server.
It says something like "user name not found" when I try to do it. But
the odd thing is, when I look in the LDAP server, there is a registry
of the client there.
I'd like to know if anyone has managed to do this type of thing
and, if possible, could send me the Samba config file (smb.conf) so I
can see what I'm doing wrong.
Here is my smb.conf file. If anyone detects what I'm doing wrong,
I'd be grateful. :)
[global]
server string = %L
workgroup = WORKGROUP
announce as = NT Server
hosts allow = 192.168.0.0/24
security = user
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = lo eth1
bind interfaces only = yes
local master = yes
os level = 100
domain master = yes
preferred master = yes
null passwords = no
#hide unreadable = yes
enable privileges = yes
domain logons = yes
logon script = login.bat
logon path = \\%L\profiles\%U
logon drive = H:
logon home = \\%L\%U\.9xprofile
wins support = yes
name resolve order = wins lmhosts host bcast
dns proxy = no
time server = yes
log file = /var/log/samba/log.%m
max log size = 50
passdb backend = ldapsam:ldaps://127.0.0.1:636/
ldap admin dn = cn=Laboratorio,dc=lara,dc=cic,dc=unb,dc=br
ldap port = 636
ldap suffix = dc=lara,dc=cic,dc=unb,dc=br
ldap server = ldaps://127.0.0.1:636/
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap delete dn = Yes
ldap password sync = yes
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add user script = /usr/sbin/smbldap-useradd -m "%u"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
delete user script = /usr/sbin/smbldap-userdel "%u"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
passwd program = /usr/sbin/smbldap-passwd
passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \
"*Password changed*"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
idmap backend = ldap:ldaps://127.0.0.1:636/
idmap uid = 10000-20000
idmap gid = 10000-20000
unix charset = ISO8859-1
profile acls = yes
[netlogon]
path = /var/lib/samba/netlogon
guest ok = no
read only = yes
browseable = no
[profiles]
path = /var/lib/samba/profiles
browseable = no
writeable = yes
default case = lower
preserve case = no
short preserve case = no
case sensitive = no
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
write list = @smbusers @root
create mask = 0600
directory mask = 0700
csc policy = disable
[homes]
path = /home/%U
browseable = no
valid users = %S
read only = no
guest ok = no
inherit permissions = yes
Last time I had to do something similar (no LDAP). I had to put a reg
hack on the XP machines. A quick search in Google shoud come up with the
reg hack.
--
gentoo-user@gentoo.org mailing list
