problema openldap+samba
hola¡¡
cuando uso openldap 2.3.25 (del apt de debian unstable) y
samba3.0.23b(del apt debian unstable) log.smbd me muestra este error:
[2006/08/23 14:00:41, 1] param/loadparm.c:lp_do_parameter(3434)
WARNING: The "printer admin" option is deprecated
[2006/08/23 14:00:42, 0] services/services_db.c:svcctl_init_keys(420)
init_services_keys: key lookup failed! (WERR_ACCESS_DENIED)
[2006/08/23 14:00:42, 0]
printing/nt_printing.c:upgrade_to_version_4(460)
upgrade_to_version_4: upgrading printer security descriptors
[2006/08/23 14:00:42, 0]
printing/nt_printing.c:upgrade_to_version_5(527)
upgrade_to_version_5: normalizing printer keys
[2006/08/23 14:00:42, 0] smbd/server.c:main(960)
ERROR: failed to setup guest info.
Si quito la linea del backend del smb.conf:
passdb backend = ldapsam:ldaps://shogun.ironman.es:636
Parece que funciona, por lo menos arranca, el problema es que necesito
ese backend para autentificar a los usuarios . Cuando uso la version
3.0.14 de samba el error desaparece pero no funciona bien.
Esta configuracion funcionaba en un debian stable hsata que que
actualice a unstable y crassssssssshhhhhhhhh.
mi smb.conf es :
####AUTENTIFICACION######
security = user
encrypt passwords = true
passdb backend = ldapsam:ldaps://shogun.ironman.es:636
;ldappassword sync =yes
; guest account = guest
####; invalid users = root####
unix password sync = no
ldap password sync = yes
passwd program = /usr/local/sbin/bin/smbldap-passwd -o %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
\spassword:* %n\n .
; obey pam restrictions = yes
; pam password change = no
#####LDAP#####
ldap admin dn = cn=admin,dc=ironman,dc=es
; ldap server = morena.atc.unican.es
; ldap port = 389
ldap ssl = on
ldap delete dn = no
; ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap suffix = dc=ironman,dc=es
ldap user suffix = ou=people
ldap group suffix = ou=groups
ldap machine suffix = ou=machines
########## Printing ##########
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = yes
# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap
# CUPS printing. See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
printing = cups
printcap name = cups
# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
printer admin = @domainprintoperators
#######PDC###########3
os level = 80
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
; logon path = //SHOGUN/profiles/%u
logon drive = V:
logon home = //SHOGUN/%u
logon script =%u.bat
; domain admin group = @domainadmins
add user script = /usr/local/sbin/smbldap-useradd -w %u
######## File sharing ########
# Name mangling options
; preserve case = yes
; short preserve case = yes
############ Misc ############
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
add user script = /usr/local/sbin/smbldap-useradd -w %u
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0700
directory mask = 0700
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
browseable = no
guest ok = no
create mask = 0700
use client driver = no
printable = yes
public = yes
writable = no
printer admin = root, @domainprintoperators
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
; write list = root, chechu
[netlogon]
comment = Network Logon Service
path = /home/users/netlogon
writeable = no
share modes = no
guest ok = yes
write list = @domainadmins
[profiles]
comment = User's Profiles
path = /home/users/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700
guest ok = yes
aver si alguien me hecha un cable ¡¡
gracias
Reply to: