1 |
Raphael Melo de Oliveira Bastos Sales wrote: |
2 |
> Hi everyone, |
3 |
> |
4 |
> I've been trying to set up an authentication server for a mixed LAN |
5 |
> (Windows and Linux clientes ) and I'm having problems with Samba. |
6 |
> |
7 |
> The way it is today, the Windows clients can access the Samba |
8 |
> server and each user can access it's home, by double-clicking on the |
9 |
> server icon on the screen that shows all the machines on the network. |
10 |
> |
11 |
> But I'm unable to register the client workstations on the server. |
12 |
> It says something like "user name not found" when I try to do it. But |
13 |
> the odd thing is, when I look in the LDAP server, there is a registry |
14 |
> of the client there. |
15 |
> |
16 |
> I'd like to know if anyone has managed to do this type of thing |
17 |
> and, if possible, could send me the Samba config file (smb.conf) so I |
18 |
> can see what I'm doing wrong. |
19 |
> |
20 |
> Here is my smb.conf file. If anyone detects what I'm doing wrong, |
21 |
> I'd be grateful. :) |
22 |
> |
23 |
> [global] |
24 |
> server string = %L |
25 |
> workgroup = WORKGROUP |
26 |
> announce as = NT Server |
27 |
> |
28 |
> hosts allow = 192.168.0.0/24 |
29 |
> security = user |
30 |
> encrypt passwords = yes |
31 |
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 |
32 |
> interfaces = lo eth1 |
33 |
> bind interfaces only = yes |
34 |
> |
35 |
> local master = yes |
36 |
> os level = 100 |
37 |
> domain master = yes |
38 |
> preferred master = yes |
39 |
> |
40 |
> null passwords = no |
41 |
> #hide unreadable = yes |
42 |
> |
43 |
> enable privileges = yes |
44 |
> |
45 |
> domain logons = yes |
46 |
> logon script = login.bat |
47 |
> logon path = \\%L\profiles\%U |
48 |
> logon drive = H: |
49 |
> logon home = \\%L\%U\.9xprofile |
50 |
> |
51 |
> wins support = yes |
52 |
> name resolve order = wins lmhosts host bcast |
53 |
> dns proxy = no |
54 |
> |
55 |
> time server = yes |
56 |
> log file = /var/log/samba/log.%m |
57 |
> max log size = 50 |
58 |
> |
59 |
> passdb backend = ldapsam:ldaps://127.0.0.1:636/ |
60 |
> |
61 |
> ldap admin dn = cn=Laboratorio,dc=lara,dc=cic,dc=unb,dc=br |
62 |
> ldap port = 636 |
63 |
> ldap suffix = dc=lara,dc=cic,dc=unb,dc=br |
64 |
> ldap server = ldaps://127.0.0.1:636/ |
65 |
> ldap machine suffix = ou=Computers |
66 |
> ldap user suffix = ou=Users |
67 |
> ldap group suffix = ou=Groups |
68 |
> ldap idmap suffix = ou=Idmap |
69 |
> ldap delete dn = Yes |
70 |
> ldap password sync = yes |
71 |
> |
72 |
> add group script = /usr/sbin/smbldap-groupadd -p "%g" |
73 |
> add machine script = /usr/sbin/smbldap-useradd -w "%u" |
74 |
> add user script = /usr/sbin/smbldap-useradd -m "%u" |
75 |
> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" |
76 |
> delete group script = /usr/sbin/smbldap-groupdel "%g" |
77 |
> delete user script = /usr/sbin/smbldap-userdel "%u" |
78 |
> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" |
79 |
> passwd program = /usr/sbin/smbldap-passwd |
80 |
> passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \ |
81 |
> "*Password changed*" |
82 |
> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" |
83 |
> |
84 |
> idmap backend = ldap:ldaps://127.0.0.1:636/ |
85 |
> idmap uid = 10000-20000 |
86 |
> idmap gid = 10000-20000 |
87 |
> |
88 |
> unix charset = ISO8859-1 |
89 |
> |
90 |
> profile acls = yes |
91 |
> |
92 |
> [netlogon] |
93 |
> path = /var/lib/samba/netlogon |
94 |
> guest ok = no |
95 |
> read only = yes |
96 |
> browseable = no |
97 |
> |
98 |
> [profiles] |
99 |
> path = /var/lib/samba/profiles |
100 |
> browseable = no |
101 |
> writeable = yes |
102 |
> default case = lower |
103 |
> preserve case = no |
104 |
> short preserve case = no |
105 |
> case sensitive = no |
106 |
> hide files = /desktop.ini/ntuser.ini/NTUSER.*/ |
107 |
> write list = @smbusers @root |
108 |
> create mask = 0600 |
109 |
> directory mask = 0700 |
110 |
> csc policy = disable |
111 |
> |
112 |
> [homes] |
113 |
> path = /home/%U |
114 |
> browseable = no |
115 |
> valid users = %S |
116 |
> read only = no |
117 |
> guest ok = no |
118 |
> inherit permissions = yes |
119 |
Last time I had to do something similar (no LDAP). I had to put a reg |
120 |
hack on the XP machines. A quick search in Google shoud come up with the |
121 |
reg hack. |
122 |
-- |
123 |
gentoo-user@g.o mailing list |