| 1 |
On 11/13/06, Cameron Lowe <cameron@×××××××××××.com> wrote: |
| 2 |
> Raphael Melo de Oliveira Bastos Sales wrote: |
| 3 |
> > Hi everyone, |
| 4 |
> > |
| 5 |
> > I've been trying to set up an authentication server for a mixed LAN |
| 6 |
> > (Windows and Linux clientes ) and I'm having problems with Samba. |
| 7 |
> > |
| 8 |
> > The way it is today, the Windows clients can access the Samba |
| 9 |
> > server and each user can access it's home, by double-clicking on the |
| 10 |
> > server icon on the screen that shows all the machines on the network. |
| 11 |
> > |
| 12 |
> > But I'm unable to register the client workstations on the server. |
| 13 |
> > It says something like "user name not found" when I try to do it. But |
| 14 |
> > the odd thing is, when I look in the LDAP server, there is a registry |
| 15 |
> > of the client there. |
| 16 |
> > |
| 17 |
> > I'd like to know if anyone has managed to do this type of thing |
| 18 |
> > and, if possible, could send me the Samba config file (smb.conf) so I |
| 19 |
> > can see what I'm doing wrong. |
| 20 |
> > |
| 21 |
> > Here is my smb.conf file. If anyone detects what I'm doing wrong, |
| 22 |
> > I'd be grateful. :) |
| 23 |
> > |
| 24 |
> > [global] |
| 25 |
> > server string = %L |
| 26 |
> > workgroup = WORKGROUP |
| 27 |
> > announce as = NT Server |
| 28 |
> > |
| 29 |
> > hosts allow = 192.168.0.0/24 |
| 30 |
> > security = user |
| 31 |
> > encrypt passwords = yes |
| 32 |
> > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 |
| 33 |
> > interfaces = lo eth1 |
| 34 |
> > bind interfaces only = yes |
| 35 |
> > |
| 36 |
> > local master = yes |
| 37 |
> > os level = 100 |
| 38 |
> > domain master = yes |
| 39 |
> > preferred master = yes |
| 40 |
> > |
| 41 |
> > null passwords = no |
| 42 |
> > #hide unreadable = yes |
| 43 |
> > |
| 44 |
> > enable privileges = yes |
| 45 |
> > |
| 46 |
> > domain logons = yes |
| 47 |
> > logon script = login.bat |
| 48 |
> > logon path = \\%L\profiles\%U |
| 49 |
> > logon drive = H: |
| 50 |
> > logon home = \\%L\%U\.9xprofile |
| 51 |
> > |
| 52 |
> > wins support = yes |
| 53 |
> > name resolve order = wins lmhosts host bcast |
| 54 |
> > dns proxy = no |
| 55 |
> > |
| 56 |
> > time server = yes |
| 57 |
> > log file = /var/log/samba/log.%m |
| 58 |
> > max log size = 50 |
| 59 |
> > |
| 60 |
> > passdb backend = ldapsam:ldaps://127.0.0.1:636/ |
| 61 |
> > |
| 62 |
> > ldap admin dn = cn=Laboratorio,dc=lara,dc=cic,dc=unb,dc=br |
| 63 |
> > ldap port = 636 |
| 64 |
> > ldap suffix = dc=lara,dc=cic,dc=unb,dc=br |
| 65 |
> > ldap server = ldaps://127.0.0.1:636/ |
| 66 |
> > ldap machine suffix = ou=Computers |
| 67 |
> > ldap user suffix = ou=Users |
| 68 |
> > ldap group suffix = ou=Groups |
| 69 |
> > ldap idmap suffix = ou=Idmap |
| 70 |
> > ldap delete dn = Yes |
| 71 |
> > ldap password sync = yes |
| 72 |
> > |
| 73 |
> > add group script = /usr/sbin/smbldap-groupadd -p "%g" |
| 74 |
> > add machine script = /usr/sbin/smbldap-useradd -w "%u" |
| 75 |
> > add user script = /usr/sbin/smbldap-useradd -m "%u" |
| 76 |
> > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" |
| 77 |
> > delete group script = /usr/sbin/smbldap-groupdel "%g" |
| 78 |
> > delete user script = /usr/sbin/smbldap-userdel "%u" |
| 79 |
> > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" |
| 80 |
> > passwd program = /usr/sbin/smbldap-passwd |
| 81 |
> > passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \ |
| 82 |
> > "*Password changed*" |
| 83 |
> > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" |
| 84 |
> > |
| 85 |
> > idmap backend = ldap:ldaps://127.0.0.1:636/ |
| 86 |
> > idmap uid = 10000-20000 |
| 87 |
> > idmap gid = 10000-20000 |
| 88 |
> > |
| 89 |
> > unix charset = ISO8859-1 |
| 90 |
> > |
| 91 |
> > profile acls = yes |
| 92 |
> > |
| 93 |
> > [netlogon] |
| 94 |
> > path = /var/lib/samba/netlogon |
| 95 |
> > guest ok = no |
| 96 |
> > read only = yes |
| 97 |
> > browseable = no |
| 98 |
> > |
| 99 |
> > [profiles] |
| 100 |
> > path = /var/lib/samba/profiles |
| 101 |
> > browseable = no |
| 102 |
> > writeable = yes |
| 103 |
> > default case = lower |
| 104 |
> > preserve case = no |
| 105 |
> > short preserve case = no |
| 106 |
> > case sensitive = no |
| 107 |
> > hide files = /desktop.ini/ntuser.ini/NTUSER.*/ |
| 108 |
> > write list = @smbusers @root |
| 109 |
> > create mask = 0600 |
| 110 |
> > directory mask = 0700 |
| 111 |
> > csc policy = disable |
| 112 |
> > |
| 113 |
> > [homes] |
| 114 |
> > path = /home/%U |
| 115 |
> > browseable = no |
| 116 |
> > valid users = %S |
| 117 |
> > read only = no |
| 118 |
> > guest ok = no |
| 119 |
> > inherit permissions = yes |
| 120 |
> Last time I had to do something similar (no LDAP). I had to put a reg |
| 121 |
> hack on the XP machines. A quick search in Google shoud come up with the |
| 122 |
> reg hack. |
| 123 |
|
| 124 |
Hi Cameron, |
| 125 |
|
| 126 |
thanks for the reply. Unfortunately, all the reg hacks I found |
| 127 |
didn't work. If I find one that does, I'll post it here. :) |
| 128 |
|
| 129 |
Regards, |
| 130 |
|
| 131 |
Raphael |
| 132 |
|
| 133 |
> -- |
| 134 |
> gentoo-user@g.o mailing list |
| 135 |
> |
| 136 |
> |
| 137 |
-- |
| 138 |
gentoo-user@g.o mailing list |
Archives