1 |
On 11/13/06, Cameron Lowe <cameron@×××××××××××.com> wrote: |
2 |
> Raphael Melo de Oliveira Bastos Sales wrote: |
3 |
> > Hi everyone, |
4 |
> > |
5 |
> > I've been trying to set up an authentication server for a mixed LAN |
6 |
> > (Windows and Linux clientes ) and I'm having problems with Samba. |
7 |
> > |
8 |
> > The way it is today, the Windows clients can access the Samba |
9 |
> > server and each user can access it's home, by double-clicking on the |
10 |
> > server icon on the screen that shows all the machines on the network. |
11 |
> > |
12 |
> > But I'm unable to register the client workstations on the server. |
13 |
> > It says something like "user name not found" when I try to do it. But |
14 |
> > the odd thing is, when I look in the LDAP server, there is a registry |
15 |
> > of the client there. |
16 |
> > |
17 |
> > I'd like to know if anyone has managed to do this type of thing |
18 |
> > and, if possible, could send me the Samba config file (smb.conf) so I |
19 |
> > can see what I'm doing wrong. |
20 |
> > |
21 |
> > Here is my smb.conf file. If anyone detects what I'm doing wrong, |
22 |
> > I'd be grateful. :) |
23 |
> > |
24 |
> > [global] |
25 |
> > server string = %L |
26 |
> > workgroup = WORKGROUP |
27 |
> > announce as = NT Server |
28 |
> > |
29 |
> > hosts allow = 192.168.0.0/24 |
30 |
> > security = user |
31 |
> > encrypt passwords = yes |
32 |
> > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 |
33 |
> > interfaces = lo eth1 |
34 |
> > bind interfaces only = yes |
35 |
> > |
36 |
> > local master = yes |
37 |
> > os level = 100 |
38 |
> > domain master = yes |
39 |
> > preferred master = yes |
40 |
> > |
41 |
> > null passwords = no |
42 |
> > #hide unreadable = yes |
43 |
> > |
44 |
> > enable privileges = yes |
45 |
> > |
46 |
> > domain logons = yes |
47 |
> > logon script = login.bat |
48 |
> > logon path = \\%L\profiles\%U |
49 |
> > logon drive = H: |
50 |
> > logon home = \\%L\%U\.9xprofile |
51 |
> > |
52 |
> > wins support = yes |
53 |
> > name resolve order = wins lmhosts host bcast |
54 |
> > dns proxy = no |
55 |
> > |
56 |
> > time server = yes |
57 |
> > log file = /var/log/samba/log.%m |
58 |
> > max log size = 50 |
59 |
> > |
60 |
> > passdb backend = ldapsam:ldaps://127.0.0.1:636/ |
61 |
> > |
62 |
> > ldap admin dn = cn=Laboratorio,dc=lara,dc=cic,dc=unb,dc=br |
63 |
> > ldap port = 636 |
64 |
> > ldap suffix = dc=lara,dc=cic,dc=unb,dc=br |
65 |
> > ldap server = ldaps://127.0.0.1:636/ |
66 |
> > ldap machine suffix = ou=Computers |
67 |
> > ldap user suffix = ou=Users |
68 |
> > ldap group suffix = ou=Groups |
69 |
> > ldap idmap suffix = ou=Idmap |
70 |
> > ldap delete dn = Yes |
71 |
> > ldap password sync = yes |
72 |
> > |
73 |
> > add group script = /usr/sbin/smbldap-groupadd -p "%g" |
74 |
> > add machine script = /usr/sbin/smbldap-useradd -w "%u" |
75 |
> > add user script = /usr/sbin/smbldap-useradd -m "%u" |
76 |
> > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" |
77 |
> > delete group script = /usr/sbin/smbldap-groupdel "%g" |
78 |
> > delete user script = /usr/sbin/smbldap-userdel "%u" |
79 |
> > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" |
80 |
> > passwd program = /usr/sbin/smbldap-passwd |
81 |
> > passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \ |
82 |
> > "*Password changed*" |
83 |
> > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" |
84 |
> > |
85 |
> > idmap backend = ldap:ldaps://127.0.0.1:636/ |
86 |
> > idmap uid = 10000-20000 |
87 |
> > idmap gid = 10000-20000 |
88 |
> > |
89 |
> > unix charset = ISO8859-1 |
90 |
> > |
91 |
> > profile acls = yes |
92 |
> > |
93 |
> > [netlogon] |
94 |
> > path = /var/lib/samba/netlogon |
95 |
> > guest ok = no |
96 |
> > read only = yes |
97 |
> > browseable = no |
98 |
> > |
99 |
> > [profiles] |
100 |
> > path = /var/lib/samba/profiles |
101 |
> > browseable = no |
102 |
> > writeable = yes |
103 |
> > default case = lower |
104 |
> > preserve case = no |
105 |
> > short preserve case = no |
106 |
> > case sensitive = no |
107 |
> > hide files = /desktop.ini/ntuser.ini/NTUSER.*/ |
108 |
> > write list = @smbusers @root |
109 |
> > create mask = 0600 |
110 |
> > directory mask = 0700 |
111 |
> > csc policy = disable |
112 |
> > |
113 |
> > [homes] |
114 |
> > path = /home/%U |
115 |
> > browseable = no |
116 |
> > valid users = %S |
117 |
> > read only = no |
118 |
> > guest ok = no |
119 |
> > inherit permissions = yes |
120 |
> Last time I had to do something similar (no LDAP). I had to put a reg |
121 |
> hack on the XP machines. A quick search in Google shoud come up with the |
122 |
> reg hack. |
123 |
|
124 |
Hi Cameron, |
125 |
|
126 |
thanks for the reply. Unfortunately, all the reg hacks I found |
127 |
didn't work. If I find one that does, I'll post it here. :) |
128 |
|
129 |
Regards, |
130 |
|
131 |
Raphael |
132 |
|
133 |
> -- |
134 |
> gentoo-user@g.o mailing list |
135 |
> |
136 |
> |
137 |
-- |
138 |
gentoo-user@g.o mailing list |