ldap или сабма?
Hello comp,
# ldapsearch -LL -H ldap://localhost -b"dc=sietlab,dc=com" -x "(uid="admin\$"
) "
version: 1
dn: uid=admin$,ou=Computers,dc=sietlab,dc=com
cn: admin$
sn: admin$
uid: admin$
uidNumber: 1008
gidNumber: 513
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 0
sambaAcctFlags: [I ]
sambaSID: S-1-5-21-1341436784-2440841702-2945358980-3016
sambaPrimaryGroupSID: S-1-5-21-1341436784-2440841702-2945358980-553
# id admin$
uid=1008(admin$) gid=513(Domain Users) groups=513(Domain Users)
имя машины система видит.
# id administrator
uid=0(Administrator) gid=512(Domain Admins) groups=512(Domain Admins)
# ldapsearch -LL -H ldap://localhost -b"dc=sietlab,dc=com" -x "(uid=administrator
) "
version: 1
dn: uid=Administrator,ou=Users,dc=sietlab,dc=com
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 512
uid: Administrator
uidNumber: 0
homeDirectory: /home/Administrator
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomePath: \\PDC\home\Administrator
sambaHomeDrive: T:
sambaProfilePath: \\PDC\Profiles\
sambaPrimaryGroupSID: S-1-5-21-1341436784-2440841702-2945358980-512
sambaSID: S-1-5-21-1341436784-2440841702-2945358980-2996
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaAcctFlags: [U]
sambaPwdLastSet: 1110875217
sambaPwdMustChange: 1114763217
аккаунт тоже видит.
самба в лог пишет:
[2005/03/15 20:07:56, 0] rpc_server/srv_netlog_nt.c:get_md4pw(261)
get_md4pw: Workstation ADMIN$: no account in domain
smb.conf
[global]
workgroup = SIETLAB
netbios name = PDC
security = user
passdb backend = ldapsam:ldapi://%2fvar%2frun%2fopenldap%2fldapi/
ldap suffix = dc=sietlab,dc=com
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = "cn=root,dc=sietlab,dc=com"
ldap delete dn = yes
ldap ssl = no
admin users = @"Domain Admins"
domain master = yes
domain logons = yes
preferred master = yes
wins support = yes
os level = 255
ldap delete dn = Yes
delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
logon script = login.bat
logon path = \\%L\Profiles\%u
logon drive = T:
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
dos charset = CP866
unix charset = KOI8-R
display charset = KOI8-R
preserve case = yes
short preserve case = yes
case sensitive = no
[netlogon]
comment = Network Logon Service
path = /home/netlogon
browseable = no
guest ok = yes
writable = no
share modes = no
[Profiles]
path = /home/%u/profiles
browseable = no
guest ok = yes
writeable = yes
nt acl support = no
force user = %U
valid users = %U @"Domain Admins"
[home]
comment = Home Directories
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No
кто настраивал связку samba+ldap откликнитесь.
