debian sarge samba + LDAP + smbldap-tools 不能登入網域?

這個版面主要討論 debian 在 server 端的應用問題, server 種類繁多..舉凡 Web Server 、 File Server、 DHCP Server..等等。

版主: 阿信

debian sarge samba + LDAP + smbldap-tools 不能登入網域?

文章訪客 » 週三 12月 22, 2004 10:23 pm

不登入 samba 網域在 Windows XP 用客戶帳戶可以連接 samba,但嘗試用 Windows XP 登入 samba 網域不能成功?


slapd.conf

#allow bind_v2

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema

schemacheck on

pidfile /var/run/slapd/slapd.pid

argsfile /var/run/slapd.args

loglevel 296

modulepath /usr/lib/ldap
moduleload back_bdb
password-hash {SSHA}

TLSCACertificateFile /etc/ssl/certs/cpnc-CA.crt
TLSCertificateFile /etc/ssl/certs/cpnc-ldap.crt
TLSCertificateKeyFile /etc/ssl/private/cpnc-ldap.key
TLSVerifyClient never

backend bdb

database bdb

suffix "dc=xxxxx,dc=com"

directory "/var/lib/ldap"

rootdn "cn=xxxx,dc=xxxx,dc=com"
rootpw xxxxxxxxxxxxxxxxx

index cn,mail,surname,givenname eq,subinitial
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq

mode 0600

lastmod on

access to *
by * write
access to dn.base="" by * read



smb.conf

[global]

workgroup = xxxxx

dos charset = utf8
unix charset = utf8
display charset = utf8


wins support = yes

dns proxy = no

log file = /var/log/samba/log.%m

max log size = 1000

syslog = 0

debug level = 5

panic action = /usr/share/samba/panic-action %d

logon script = %U.cmd

security = user

encrypt passwords = true

passdb backend = ldapsam guest

obey pam restrictions = yes

interfaces = 10.100.100.0/255.255.255.0 127.0.0.1

os level = 65

printer admin = @Print Operators"
printing = cups
printcap name = /etc/printcap
load printers = Yes
creat mask 0640
nt acl support = No
deadtime = 10
guest account nobody
map to guest = Bad User
dont descent = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
preserve case = yes
short preserve case = yes
case sensitive = no
mangling method = hash2
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
time server = yes
logon path = \\%L\Profiles\%U
passdb backend = ldapsam:ldap://127.0.0.1
ldap server = localhost
ldap port = 389
ldap filter = (uid=%u)
ldap admin dn = cn=admin,dc=cpnc,dc=no-ip,dc=com
ldap suffix = dc=cpnc,dc=no-ip,dc=com
ldap group suffix = ou=Group
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=People
ldap ssl = off
ldap passwd sync = yes
ldap delete dn = yes
ldap replication sleep = 1000

add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"


[homes]
comment = Home Directories
browseable = yes
writable = yes
create mask = 0700
directory mask = 0700
directory mask = 0700
nt acl support = yes
inherit acls = yes
guest ok = yes

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
tead only = yes
write list = leo
force user = leo

[printers]
comment = All Printers
printer admin = @"Print Operators"
guest ok = yes
printable = yes
browseable = no
path = /tmp
read only = yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
public = no
writable = no
create mode = 0700

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 775

[Profiles]

path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = yes
profile acls = yes
csc policy = disable
force user = %U
valid users = %U "Domain Admins"
訪客
 

文章kc19800322 » 週五 5月 02, 2008 2:02 pm

請把libnss-ldap.conf的設定檔貼出來,可以嗎?
kc19800322
可愛的小學生
可愛的小學生
 
文章: 41
註冊時間: 週五 5月 02, 2008 1:49 pm


回到 debian server

誰在線上

正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客