openSUSE 11 as PDC with Samba and LDAP
- From: hsimon@xxxxxxxxxxxxxxx
- Date: Fri, 8 Aug 2008 17:40:05 -0700 (PDT)
Hi,
I have openSUSE 10.3 with Samba and LDAP as a PDC working perfect. I
tried to do the same on a new install of openSUSE 11.0 using the same
procedure and same smb.conf, ldap.conf, slapd.conf and /etc/ldap.conf
with smbldap-tools 0.9.5, created a new smbldap.conf and
smbldap_bind.conf, using the supplied configure script from smbldap-
tools. I followed the same procedure as I did in 10.3 and Workstations
can be added to the Domain and are registered in Ldap. Unix users can
authenticated to LDAP, but a user registered in LDAP can not logon to
a workstation and it gives an error "The system cannot log you on now
because the Domain XYZ is not available. When I logon on to the
workstation as a local Administrator I can browse the Domain and a
user can open folders after login on to the Domain, but this user can
not logon on the initial workstation logon screen.
Following is my smb.conf:
[global]
workgroup = XWZ
netbios name = Neptune
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
username map = /etc/samba/smbusers
guest account = nobody
map to guest = Bad User
passdb backend = ldapsam:"ldap://127.0.0.1/";
ldap admin dn = cn=Manager,dc=xyz,dc=com,dc=au
ldap suffix = dc=xyz,dc=com,dc=au
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Users
ldap ssl = No
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
"%u"
enable privileges = yes
domain master = yes
domain logons = yes
encrypt passwords = yes
ldap passwd sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/log.%m
time server = Yes
interfaces = 127.0.0.1 192.168.1.5/24
hosts allow = 192.168.1.0/255.255.255.0
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
wins support = yes
Dos charset = 850
Unix charset = ISO8859-1
os level = 255
# Where to store NT user profiles? (passdb)
logon path = \\Neptune\profiles\.msprofile
# Where to store 9x/ ME roaming profiles
logon home = \\Neptune\profiles\.9xprofile
logon drive = U:
logon script = %U.bat
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
directory mask = 0750
inherit acls = Yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
browseable = no
guest ok = yes
writable = no
share modes = no
[profiles]
comment = Network Profiles Service
path = %H
browseable = no
read only = No
writeable = yes
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
browseable = No
guest ok = Yes
public = Yes
writeable = No
read only = Yes
[Share]
comment = Share Directory
path = /export/shares
public = yes
writeable = yes
printable = no
create mask = 0770
directory mask = 0770
Are there any security changes between 10.3 and 11 which could cause
this problems and has anyone this working on openSUSE 11?
Thanks and Regards,
Horst
.
- Follow-Ups:
- Re: openSUSE 11 as PDC with Samba and LDAP
- From: hsimon
- Re: openSUSE 11 as PDC with Samba and LDAP
- Prev by Date: Re: K3b can't verify with 11.0 Kde 3.4
- Next by Date: Re: openSUSE 11 as PDC with Samba and LDAP
- Previous by thread: <Question about Usenet Groups>
- Next by thread: Re: openSUSE 11 as PDC with Samba and LDAP
- Index(es):
Relevant Pages
|
