[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

samba+ldap

Пытаюсь сделать Samba+Ldap на Sarge
вроде все сделал, но компы никак не хотят входить в домен, при запросе имени ввожу admin:101010 говорят 

"The following error occurred attempting to join the domain  "test";
The user name could not be find."

в /var/log/auth.log при этом вываливается"
Nov 10 17:32:13 debian slapd[5475]: OTP unavailable because can't read/write key database /etc/opiekeys: No such file or directory

если создаю пустой файл или ставлю пакет opie-server и opie-client, то эти сообщения пропадают, но в домен по прежнему войти на получается

в /var/log/syslogе вроде все нормально, ошибок нет...

2й день уже туплю... ничего не выходи:((
вот конфиги(сори, конечно, что так много, но хотелось бы придоставить всю информацию)

###################################################
#cat /etc/samba/smb.conf
[global]
        workgroup = TEST
        netbios name = TEST
        security = user
        interfaces = 192.168.0.7
        admin users = admin
        passdb backend = ldapsam:ldap://127.0.0.1
        ldap suffix = dc=test,dc=az
        ldap user suffix = ou=Users
        ldap group suffix = ou=Groups
        ldap machine suffix = ou=Computers
        ldap filter = (uid=%u)
        ldap admin dn = cn=root,dc=test,dc=az
        ldap delete dn = no
        domain master = yes
        domain logons = yes
        logon script = %u.bat
        logon path = \\%L\Profiles\%u
        logon drive = H:
        dos charset = CP866
        unix charset = KOI8-R
        display charset = KOI8-R
[netlogon]
        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        browseable = no
        guest ok = yes
        writable = no
        share modes = no
[Profiles]
        path = /var/lib/samba/profiles
        browseable = no
        guest ok = yes
        writeable = yes
        nt acl support = no
[Home]
        comment = Home Directory
        browseable = yes
        writable = yes
        path = /home/%u
###########################################################
#cat /etc/ldap/slapd.conf
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/misc.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/openldap.schema
include         /etc/ldap/schema/samba.schema
schemacheck     on
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd.args
loglevel        256
modulepath      /usr/lib/ldap
moduleload      back_bdb
backend         bdb
checkpoint 512 30
database        bdb
suffix          "dc=test,dc=az"
rootdn          "cn=root,dc=test,dc=az"
rootpw          "101010"
directory       "/var/lib/ldap"

index           objectClass,uid,uidNumber,gidNumber eq
index           cn,mail,surname,givenname           eq,subinitial
index           sambaSID        eq
index           sambaPrimaryGroupSID eq
index           sambaDomainName eq

lastmod         on
replogfile      /var/lib/ldap/replog

access to attrs=userPassword
        by dn="cn=root,dc=test" write
        by anonymous auth
        by self write
        by * none
access to dn.base="" by * read
access to attrs=sambaLMPassword,sambaNTPassword
        by dn="cn=admin,ou=Users,dc=test,dc=az" write
        by * none
access to *
        by dn="cn=root,dc=test" write
        by * read
#####################################################################
#slapcat
dn: dc=test,dc=az
objectClass: dcObject
objectClass: organization
dc: test
o: test
structuralObjectClass: organization
entryUUID: 60f6fd82-e636-1029-9e4f-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130514Z
entryCSN: 20051110130514Z#000001#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130514Z

dn: ou=Users,dc=test,dc=az
objectClass: organizationalUnit
ou: Users
structuralObjectClass: organizationalUnit
entryUUID: 61012f0a-e636-1029-9e50-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000001#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: ou=Groups,dc=test,dc=az
objectClass: organizationalUnit
ou: Groups
structuralObjectClass: organizationalUnit
entryUUID: 6102bbcc-e636-1029-9e51-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000002#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: ou=Computers,dc=test,dc=az
objectClass: organizationalUnit
ou: Computers
structuralObjectClass: organizationalUnit
entryUUID: 61055904-e636-1029-9e52-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000003#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: cn=Domain Admins,ou=Groups,dc=test,dc=az
objectClass: posixGroup
gidNumber: 10000
memberUid: admin
cn: Domain Admins
structuralObjectClass: posixGroup
entryUUID: 6106066a-e636-1029-9e53-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000004#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: cn=Domain Guests,ou=Groups,dc=test,dc=az
objectClass: posixGroup
gidNumber: 10001
memberUid: nobody
cn: Domain Guests
structuralObjectClass: posixGroup
entryUUID: 610b3d9c-e636-1029-9e54-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000005#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: cn=Domain Users,ou=Groups,dc=test,dc=az
objectClass: posixGroup
gidNumber: 10002
memberUid: nobody
cn: Domain Users
structuralObjectClass: posixGroup
entryUUID: 610bffde-e636-1029-9e55-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
entryCSN: 20051110130515Z#000006#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130515Z

dn: uid=admin,ou=Users,dc=test,dc=az
cn: admin
objectClass: organizationalRole
objectClass: top
objectClass: sambaSamAccount
objectClass: posixAccount
gidNumber: 10000
uid: admin
uidNumber: 10000
homeDirectory: /home/admin
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdMustChange: 2147483647
sambaHomePath: \\LDAP\homes
sambaHomeDrive: H:
sambaProfilePath: \\LDAP\Profiles\admin
sambaPrimaryGroupSID: S-1-5-21-1289144422-1163469304-3487403948-512
sambaSID: S-1-5-21-1289144422-1163469304-3487403948-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
structuralObjectClass: organizationalRole
entryUUID: 610c8986-e636-1029-9e56-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130515Z
sambaLMPassword: 68B7F574B8B64096AAD3B435B51404EE
sambaNTPassword: B4D8506EDACA4BF4AB6AF61D88A6F454
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
 00000000
sambaAcctFlags: [U          ]
sambaPwdCanChange: 1131628106
sambaPwdLastSet: 1131628106
entryCSN: 20051110130826Z#000001#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130826Z

dn: sambaDomainName=TEST,dc=test,dc=az
sambaDomainName: TEST
sambaSID: S-1-5-21-3350632332-1734803903-1588077325
sambaAlgorithmicRidBase: 1000
objectClass: sambaDomain
structuralObjectClass: sambaDomain
entryUUID: 69e437f2-e636-1029-9e57-cc0676ac093b
creatorsName: cn=root,dc=test,dc=az
createTimestamp: 20051110130529Z
entryCSN: 20051110130529Z#000001#00#000000
modifiersName: cn=root,dc=test,dc=az
modifyTimestamp: 20051110130529Z
Reply to: