SAMBA+LDAP
Senhores,
Debian 3.1r1 apenas pacotes estaveis
Estou com uma dificuldade em integrar o LDAP e o SAMBA, depois de tudo
instalado e funcionado, domínio ativo e maquinas Windows logando
perfeitamente no SAMBA+LDAP, aparece o seguinte problema.. A conta ROOT
local para deixa funcionar em quase todos os aplicativos apenas o
terminal continua funcionar. Segue abaixo os arquivos de configurações
para vê se alguém me da uma idéia do que é.
=== slapd.conf===
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
schemacheck on
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd.args
loglevel 256
modulepath /usr/lib/ldap
moduleload back_bdb
backend bdb
checkpoint 512 30
database bdb
suffix "dc=scifi,dc=brasil,dc=nom,dc=br"
rootdn "cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br"
rootpw {SSHA}xxxxxxxxxxxxx
directory "/var/lib/ldap"
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUID,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
lastmod on
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by dn="cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br" write
by * read
#### ldap.conf
HOST 127.0.0.1
BASE dc=scifi,dc=brasil,dc=nom,dc=br
BINDDN cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br
SIZELIMIT 12
TIMELIMIT 15
DEREF never
#### smb.conf
[global]
workgroup = scifi
server string = Servidor de Rede
netbios name = moya
printcap name = /etc/printcap
load printers = yes
printing = lprng
logon script = %G.bat
guest account=nobody
log file = /var/log/samba/log.%m
max log size = 50
security = user
encrypt passwords=yes
smb passwd file=/etc/samba/smbpasswd
passwd program=/usr/bin/passwd %u
passwd chat = *New*password* %n *Retype*new*password* %n
*passwd:*all*authentication*tokens*updated*successfully*
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
wins support = yes
wins proxy = yes
dns proxy = yes
time server = yes
name resolve order = bcast wins lmhosts
ldap ssl = no
passdb backend = ldapsam:ldap://127.0.0.1
ldap passwd sync = yes
ldap delete dn = Yes
ldap admin dn = cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br
ldap suffix = dc=scifi,dc=brasil,dc=nom,dc=br
ldap machine suffix = ou=Computadores
ldap user suffix = ou=Usuarios
ldap group suffix = ou=Grupos
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
##############/etc/pam.d/common-auth
auth required pam_unix.so nullok_secure
auth sufficient /lib/security/pam_ldap.so use_first_pass
account sufficient /lib/security/pam_ldap.so
password sufficient /lib/security/pam_ldap.so use_authtok
session optional /lib/security/pam_ldap.so
#####/etc/pam_ldap.conf
host 127.0.0.1
base dc=scifi,dc=brasil,dc=nom,dc=br
ldap_version 3
rootbinddn cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br
pam_password crypt
#####/etc/libnss-ldap.conf
host 127.0.0.1
base dc=scifi,dc=brasil,dc=nom,dc=br
ldap_version 3
######/etc/nsswitch.conf
passwd: ldap files compat
group: ldap files compat
shadow: ldap files compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
#####/etc/smbldap-tools/smbldap_bind.conf
slaveDN="cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br"
slavePw="xxxxxxxx"
masterDN="cn=admin,dc=scifi,dc=brasil,dc=nom,dc=br"
masterPw="xxxxxxxx"
##### /etc/smbldap-tools/smbldap.conf
SID="S-1-5-21-xxxxxxxxxxx-xxxxxxxxxxx-xxxxxxxxxxx"
sambaDomain="scifi"
slaveLDAP="127.0.0.1"
slavePort="389"
masterLDAP="127.0.0.1"
masterPort="389"
ldapTLS="0"
verify=""
cafile=""
clientcert=""
clientkey=""
suffix="dc=scifi,dc=brasil,dc=nom,dc=br"
usersdn="ou=Usuarios,${suffix}"
computersdn="ou=Computadores,${suffix}"
groupsdn="ou=Grupos,${suffix}"
idmapdn="ou=Idmap,${suffix}"
sambaUnixIdPooldn="sambaDomainName=scifi,${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format=""
userLoginShell="/bin/bash"
userHome="/home/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="45"
userSmbHome="\\MOYA\%U"
userProfile="\\MOYA\profiles\%U"
userHomeDrive="H:"
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
Reply to: