Re: openSUSE 11 as PDC with Samba and LDAP
- From: hsimon@xxxxxxxxxxxxxxx
- Date: Fri, 8 Aug 2008 18:07:01 -0700 (PDT)
On Aug 9, 10:40 am, hsi...@xxxxxxxxxxxxxxx wrote:
Hi,
I have openSUSE 10.3 with Samba and LDAP as a PDC working perfect. I
tried to do the same on a new install of openSUSE 11.0 using the same
procedure and same smb.conf, ldap.conf, slapd.conf and /etc/ldap.conf
with smbldap-tools 0.9.5, created a new smbldap.conf and
smbldap_bind.conf, using the supplied configure script from smbldap-
tools. I followed the same procedure as I did in 10.3 and Workstations
can be added to the Domain and are registered in Ldap. Unix users can
authenticated to LDAP, but a user registered in LDAP can not logon to
a workstation and it gives an error "The system cannot log you on now
because the Domain XYZ is not available. When I logon on to the
workstation as a local Administrator I can browse the Domain and a
user can open folders after login on to the Domain, but this user can
not logon on the initial workstation logon screen.
Following is my smb.conf:
[global]
workgroup = XWZ
netbios name = Neptune
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
username map = /etc/samba/smbusers
guest account = nobody
map to guest = Bad User
passdb backend = ldapsam:"ldap://127.0.0.1/";
ldap admin dn = cn=Manager,dc=xyz,dc=com,dc=au
ldap suffix = dc=xyz,dc=com,dc=au
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Users
ldap ssl = No
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
"%u"
enable privileges = yes
domain master = yes
domain logons = yes
encrypt passwords = yes
ldap passwd sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/log.%m
time server = Yes
interfaces = 127.0.0.1 192.168.1.5/24
hosts allow = 192.168.1.0/255.255.255.0
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
wins support = yes
Dos charset = 850
Unix charset = ISO8859-1
os level = 255
# Where to store NT user profiles? (passdb)
logon path = \\Neptune\profiles\.msprofile
# Where to store 9x/ ME roaming profiles
logon home = \\Neptune\profiles\.9xprofile
logon drive = U:
logon script = %U.bat
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
directory mask = 0750
inherit acls = Yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
browseable = no
guest ok = yes
writable = no
share modes = no
[profiles]
comment = Network Profiles Service
path = %H
browseable = no
read only = No
writeable = yes
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
browseable = No
guest ok = Yes
public = Yes
writeable = No
read only = Yes
[Share]
comment = Share Directory
path = /export/shares
public = yes
writeable = yes
printable = no
create mask = 0770
directory mask = 0770
Are there any security changes between 10.3 and 11 which could cause
this problems and has anyone this working on openSUSE 11?
Thanks and Regards,
Horst
One more followup, If I logon on as the local Administrator and try to
add a Domain User from the Control Panel/User Accounts I get following
error:
The user could not be added because the following error has occurred:
The trust relationship between this workstation and the primary domain
failed.
Horst
.
- References:
- openSUSE 11 as PDC with Samba and LDAP
- From: hsimon
- openSUSE 11 as PDC with Samba and LDAP
- Prev by Date: openSUSE 11 as PDC with Samba and LDAP
- Next by Date: Re: NFS on 11.0
- Previous by thread: openSUSE 11 as PDC with Samba and LDAP
- Index(es):
Relevant Pages
|
