Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-user-hu
Navigation:
Lists: gentoo-user-hu: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-user-hu@g.o
From: "George Hron" <hrgyster@...>
Subject: Re: Samba PDC
Date: Thu, 12 Apr 2007 08:37:32 +0200
A user/group scripteket vedd ki, nem érik el amit te szeretrnél, a user to group script még meg is fog halni neked.<br>Nem tudom, hogy a login scriptet szereti-e ha így adják meg. szerintem vedd ki.<br>Felejtsd el, hogy van swat.
<br>Én leüríteném a mostani tdbsam adatbázist, felvennék KÉZZEL 2 usert és megpróbálnék csatlakozni így.<br><br>Ami fontos még: MINDENKÉPP kell egy root nevű egyén is az adatbázisba, mert csak ő rendelkezik a Domain Admins tagsággal. 
<br>Egyébként szerintem túl van forszolva a dolog.<br><br>Itt az enyém (kivettem belőle az LDAP-ra vonatkozó részeket):<br><br>[global]<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; workgroup = HRONSZOFT<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #workgroup = MUNKACSOPORT<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; unix charset = iso-8859-2
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dos charset = 852<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; encrypt passwords = yes # important<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; passdb backend = tdbsam<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; logon path = \\%N\%U\profile<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; logon home = \\%N\%U<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; logon drive = O:<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; security = user # Important<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; log file = /var/log/samba/log.%m<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; max log size = 60<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; syslog only = no<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; domain logons = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; local master = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; domain master = Yes
<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; printcap name = cups<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; printing = cups<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; hosts allow = <a href="http://192.168.2.0/24">192.168.2.0/24</a><br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; wins support = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; name resolve order = wins lmhosts hosts bcast
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dns proxy = Yes<br><br>A scriptekről: A tdbsam esetén valóban félig a PAM kezeli a dolgokat, de csak félig. Attól, hogy te a PAM-hoz usereket meg csoportokat adsz, attól a samba nem fogja látni és kezelni ezeket a csoportokat. Egyéni scripteket kell írni, amik felveszik mind2 helyre a embereket. 
<br>Amúgy hacsak nem&nbsp; valami 3 felhasználós a dolog, a tdbsam-ot el kellene felejteni, és áttenni az egészet PAM-ostól LDAP-ba. A samba amúgy is azt szereti a legjobban ha LDAP van mögötte. Ilyenkor pl. a kész megoldás a smbldap scriptek alkalmazása, amik képesek a usereket/felhasználókat kezelni - hisz minden LDAP-ba van.
<br><br><div><span class="gmail_quote">2007/4/11, Ábrahám Péter &lt;<a href="mailto:pabraham@...">pabraham@...</a>&gt;:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
George Hron írta:<br>&gt; 1. NEM teszünk aláhúzásjelet a tartomány nevébe. Kötöjelet sem. Pontot<br>&gt; meg<br>&gt; pláne. [A-Z]. ...<br><br>&nbsp;&nbsp;&nbsp;&nbsp;Ok. Felsorolt hibák orvosolva. A SWAT-tal állítgatom a samba-t.<br>Testparm nem jelzett hibát. Az 
smb.conf-ot a levél végére illesztettem.<br><br>&nbsp;&nbsp;&nbsp;&nbsp;köszönöm,<br><br>&nbsp;&nbsp;&nbsp;&nbsp;Péter<br><br>---------------&nbsp;&nbsp; smb.conf&nbsp;&nbsp;-----------------------<br><br># Samba config file created using SWAT<br># from <a href="http://192.168.0.110">
192.168.0.110</a> (<a href="http://192.168.0.110">192.168.0.110</a>)<br># Date: 2007/04/11 13:48:31<br><br>[global]<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;dos charset = CP852<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;unix charset = ISO8859-2<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;display charset = UTF8<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;workgroup = DENTEST
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;netbios name = MYTEST<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;server string = Samba server %v<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;interfaces = lo, eth1<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;map to guest = Bad User<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;passdb backend = tdbsam<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;passwd program = /usr/bin/passwd %u
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log level = 3 passdb:5 auth:10 winbind:2<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log file = /var/log/samba/log.%m<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max log size = 50<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;time server = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
<br>IPTOS_LOWDELAY<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;add user script = /usr/sbin/useradd -m %u<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;delete user script = /usr/sbin/userdel -r %u<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;add group script = /usr/sbin/groupadd %g<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;delete group script = /usr/sbin/groupdel %g
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;add user to group script = /usr/sbin/usermod -G %g %u<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logon script = login.bat OR %U.bat<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logon path = \\%L\profiles\%U
<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logon drive = H:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logon home = \\%L\%U\.9xprofile<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;domain logons = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;os level = 65<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;preferred master = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;domain master = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;dns proxy = No<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wins support = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ldap ssl = no<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;idmap uid = 500-20000<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;idmap gid = 500-20000<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;create mask = 0644<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hosts allow = <a href="http://192.168.0.0/24">192.168.0.0/24</a>
, <a href="http://127.0.0.0/8">127.0.0.0/8</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;profile acls = Yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hide unreadable = Yes<br>--<br><a href="mailto:gentoo-user-hu@g.o">gentoo-user-hu@g.o</a> mailing list<br><br></blockquote>
</div><br>
Replies:
Re: Samba PDC
-- Ábrahám Péter
References:
Samba PDC
-- Ábrahám Péter
Re: Samba PDC
-- George Hron
Re: Samba PDC
-- Ábrahám Péter
Navigation:
Lists: gentoo-user-hu: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Samba PDC
Next by thread:
Re: Samba PDC
Previous by date:
Re: Visszaolalkodo csomagok
Next by date:
Re: Samba PDC


Updated Jun 17, 2009

Summary: Archive of the gentoo-user-hu mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.