robert23
22.11.04, 20:50
Also ich habe hier nen OpenLDAP Server ( 2.1.30 ) und nen Samba 3.0.7-Debian am laufen.
Das ganze wie vielleicht schon erraten wurde unter Debian ;-)
Nun will ich der Domain einen neuen Benutzer hinzufuegen wozu man ja auch die Daten eines berechtigten Accounts angeben muss.
Aber ich bekomme dann immer nur
"Der Computer konnte der Domaene nicht hinzugefuegt werden, da der folgede Fehler aufgetreten ist:
Anmeldung fehlgeschlagen: unbekannter Benutzername oder falsches Kennwort"
Nun gibt mir leider Samba und LDAP nichts weiter in der syslog aus :-/
slapd.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
#Angabe des Defaultzugriffs auf den Verzeichnisdienst
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd.args
# Read slapd.conf(5)
loglevel 1024
modulepath /usr/lib/ldap
moduleload back_ldb
backend ldbm
database ldbm
suffix "dc=home,dc=lan"
# LDAP manager und Passwort
rootdn "cn=Manager,dc=home,dc=lan"
rootpw PASSWORD
defaultaccess write
# Where the database file are physically stored for database #1
directory "/var/lib/ldap"
# Indexing options for database #1
index objectClass eq
# Save the time that the entry gets modified, for database #1
lastmod on
# Where to store the replica logs for database #1
# replogfile /var/lib/ldap/replog
access to attribute=userPassword
by dn="cn=Admin,dc=home,dc=lan" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=Admin,dc=home,dc=lan" write
by * read
ldap.conf
host localhost
base dc=home,dc=lan
pam_filter objectClass=posixAccount
pam_login_attribute uid
pam_password crypt
nss_base_passwd ou=people,dc=home,dc=lan?one
nss_base_shadow ou=people,dc=home,dc=lan?one
nss_base_group ou=groups,dc=home,dc=lan?one
smb.conf
[global]
workgroup = home.lan
netbios name = smbserver
server string = Samba
time server = Yes
encrypt passwords = Yes
domain logons = Yes
domain master = Yes
security = domain
admin users = @administrator administrator root Admin Manager
domain admin group = @administrator administrator root Admin Manager
os level = 65
preferred master = Yes
logon home = \\%L\%U
logon path = \\%L\%U\profile
logon script = logon.bat
logon drive = l:
map to guest = Bad User
hosts allow = 127.0.0.1/32 192.168.0.0/24
username map = /etc/samba/smbusers
log file = /var/log/samba/%U.log
ldap server = localhost
ldap port = 389
ldap suffix = dc=home,dc=lan
ldap admin dn = cn=Manager,dc=home,dc=lan
ldap filter = ($(objectclass=sambaaccount) (uid=%u))
ldap ssl = off
add user script = /usr/sbin/useradd -c Machine -d /dev/null -s /bin/false %m\$
[homes]
comment = User-Verzeichnis
valid users = %S
browseable = no
writeable = Yes
read only = No
create mask = 0640
directory mask = 0750
guest ok = no
printable = no
[netlogon]
comment = Domain Anmeldeservice
path = /etc/samba/netlogon/
browseable = No
write list = Admin
guest ok = no
printable = no
[public]
comment = Public
path = /public
browseable = Yes
writeable = Yes
guest ok = Yes
printable = No
Desweiteren habe ich noch den Befehl
ldapadd -x -W -D"cn=Manager,dc=home,dc=lan" -f initial.ldif
ausgefuehrt
Ich hoffe ihr koennt mir weiter helfen, danke
\\Robert
Das ganze wie vielleicht schon erraten wurde unter Debian ;-)
Nun will ich der Domain einen neuen Benutzer hinzufuegen wozu man ja auch die Daten eines berechtigten Accounts angeben muss.
Aber ich bekomme dann immer nur
"Der Computer konnte der Domaene nicht hinzugefuegt werden, da der folgede Fehler aufgetreten ist:
Anmeldung fehlgeschlagen: unbekannter Benutzername oder falsches Kennwort"
Nun gibt mir leider Samba und LDAP nichts weiter in der syslog aus :-/
slapd.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
#Angabe des Defaultzugriffs auf den Verzeichnisdienst
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd.args
# Read slapd.conf(5)
loglevel 1024
modulepath /usr/lib/ldap
moduleload back_ldb
backend ldbm
database ldbm
suffix "dc=home,dc=lan"
# LDAP manager und Passwort
rootdn "cn=Manager,dc=home,dc=lan"
rootpw PASSWORD
defaultaccess write
# Where the database file are physically stored for database #1
directory "/var/lib/ldap"
# Indexing options for database #1
index objectClass eq
# Save the time that the entry gets modified, for database #1
lastmod on
# Where to store the replica logs for database #1
# replogfile /var/lib/ldap/replog
access to attribute=userPassword
by dn="cn=Admin,dc=home,dc=lan" write
by anonymous auth
by self write
by * none
access to dn.base="" by * read
access to *
by dn="cn=Admin,dc=home,dc=lan" write
by * read
ldap.conf
host localhost
base dc=home,dc=lan
pam_filter objectClass=posixAccount
pam_login_attribute uid
pam_password crypt
nss_base_passwd ou=people,dc=home,dc=lan?one
nss_base_shadow ou=people,dc=home,dc=lan?one
nss_base_group ou=groups,dc=home,dc=lan?one
smb.conf
[global]
workgroup = home.lan
netbios name = smbserver
server string = Samba
time server = Yes
encrypt passwords = Yes
domain logons = Yes
domain master = Yes
security = domain
admin users = @administrator administrator root Admin Manager
domain admin group = @administrator administrator root Admin Manager
os level = 65
preferred master = Yes
logon home = \\%L\%U
logon path = \\%L\%U\profile
logon script = logon.bat
logon drive = l:
map to guest = Bad User
hosts allow = 127.0.0.1/32 192.168.0.0/24
username map = /etc/samba/smbusers
log file = /var/log/samba/%U.log
ldap server = localhost
ldap port = 389
ldap suffix = dc=home,dc=lan
ldap admin dn = cn=Manager,dc=home,dc=lan
ldap filter = ($(objectclass=sambaaccount) (uid=%u))
ldap ssl = off
add user script = /usr/sbin/useradd -c Machine -d /dev/null -s /bin/false %m\$
[homes]
comment = User-Verzeichnis
valid users = %S
browseable = no
writeable = Yes
read only = No
create mask = 0640
directory mask = 0750
guest ok = no
printable = no
[netlogon]
comment = Domain Anmeldeservice
path = /etc/samba/netlogon/
browseable = No
write list = Admin
guest ok = no
printable = no
[public]
comment = Public
path = /public
browseable = Yes
writeable = Yes
guest ok = Yes
printable = No
Desweiteren habe ich noch den Befehl
ldapadd -x -W -D"cn=Manager,dc=home,dc=lan" -f initial.ldif
ausgefuehrt
Ich hoffe ihr koennt mir weiter helfen, danke
\\Robert