[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: problema openldap+samba



chechu chechu wrote:

hola¡¡

cuando uso openldap 2.3.25 (del apt de debian unstable) y
samba3.0.23b(del apt debian unstable)  log.smbd me muestra este error:

[2006/08/23 14:00:41, 1] param/loadparm.c:lp_do_parameter(3434)
 WARNING: The "printer admin" option is deprecated
[2006/08/23 14:00:42, 0] services/services_db.c:svcctl_init_keys(420)
 init_services_keys: key lookup failed! (WERR_ACCESS_DENIED)
[2006/08/23 14:00:42, 0]
printing/nt_printing.c:upgrade_to_version_4(460)
 upgrade_to_version_4: upgrading printer security descriptors
[2006/08/23 14:00:42, 0]
printing/nt_printing.c:upgrade_to_version_5(527)
 upgrade_to_version_5: normalizing printer keys
[2006/08/23 14:00:42, 0] smbd/server.c:main(960)
 ERROR: failed to setup guest info.

El log tira errores, pero cuál es el error que ves tú, puedes autenticar en samba ¿qué sucede? Al parecer tienes algunas opciones en smb.conf que ya no se usan con esta versión de samba.

Si quito la linea del backend del smb.conf:

passdb backend = ldapsam:ldaps://shogun.ironman.es:636

Parece que funciona, por lo menos arranca, el problema es que necesito
ese backend para autentificar a los usuarios . Cuando uso la version
3.0.14 de samba el error desaparece pero no funciona bien.

¿qué es lo que no funciona?

       Esta configuracion funcionaba en un debian stable hsata que que
actualice a unstable y crassssssssshhhhhhhhh.

mi  smb.conf es :
####AUTENTIFICACION######

  security = user
  encrypt passwords = true
  passdb backend = ldapsam:ldaps://shogun.ironman.es:636
 ;ldappassword sync =yes
;  guest account = guest
####;   invalid users = root####
  unix password sync = no
  ldap password sync = yes
 passwd program = /usr/local/sbin/bin/smbldap-passwd -o %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX
\spassword:* %n\n .
;  obey pam restrictions = yes
;  pam password change = no


#####LDAP#####


  ldap admin dn = cn=admin,dc=ironman,dc=es
;  ldap server = morena.atc.unican.es
;  ldap port = 389
  ldap ssl = on
  ldap delete dn = no

;   ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
  ldap suffix = dc=ironman,dc=es
  ldap user suffix = ou=people
  ldap group suffix = ou=groups
  ldap machine suffix = ou=machines
########## Printing ##########

# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
  load printers = yes

# lpr(ng) printing. You may wish to override the location of the
# printcap file
;   printing = bsd
;   printcap name = /etc/printcap

# CUPS printing.  See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
  printing = cups
  printcap name = cups

# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
  printer admin = @domainprintoperators

#######PDC###########3

  os level = 80
  preferred master = yes
  domain master = yes
  local master = yes
  domain logons = yes
 ; logon path = //SHOGUN/profiles/%u
  logon drive = V:
  logon home = //SHOGUN/%u
  logon script =%u.bat
;   domain admin group = @domainadmins
     add user script = /usr/local/sbin/smbldap-useradd -w %u
######## File sharing ########
# Name mangling options
;   preserve case = yes
;   short preserve case = yes


############ Misc ############

  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  idmap uid = 10000-20000
  idmap gid = 10000-20000
  template shell = /bin/bash
  add user script = /usr/local/sbin/smbldap-useradd -w %u

#======================= Share Definitions =======================

[homes]
  comment = Home Directories
  browseable = no
writable = yes
  create mask = 0700
  directory mask = 0700

[printers]
  comment = All Printers
  browseable = no
  path = /var/spool/samba
  browseable = no
  guest ok = no
  create mask = 0700

 use client driver = no
  printable = yes
  public = yes
  writable = no
  printer admin = root, @domainprintoperators


[print$]
  comment = Printer Drivers
  path = /var/lib/samba/printers
  browseable = yes
  read only = yes
  guest ok = no
;   write list = root, chechu

[netlogon]
  comment = Network Logon Service
  path = /home/users/netlogon
  writeable = no
  share modes = no
  guest ok = yes
  write list = @domainadmins

[profiles]
  comment = User's Profiles
  path =  /home/users/profiles
  writeable = yes
  browseable = no
  create mask = 0600
  directory mask = 0700
  guest ok = yes


aver si alguien me hecha un cable ¡¡
gracias






Reply to: