Samba PDC a Samba Member Server

jmlika na volny.cz jmlika na volny.cz
Úterý Červen 1 17:28:08 CEST 2004



     Vážení kolegové,

     mám dva počítače se Sambou 3.0.2a. Jeden je konfigurován jako PDC s
učty uloženými v LDAPu, druhý je konfigurován jako Domain Member Server.
Oba by pochopitelně měly být ve stejné doméně. Bohužel se mi nedaří přidat
Member Server do domény. Účet stroje se sice v LDAPu  vytvoří, ale
nefunguje.


Na Member Serveru provádím příkaz:
-------------------------------------------------------------------------------
#  net rpc join -U Administrator -S SRV1
Password:
Create of workstation account failed
User specified does not have administrator privileges
Unable to join domain BOLEVEC.
-------------------------------------------------------------------------------


     Jak vidíte, nezadaří se. Uživatel "Administrator" je v LDAPu zaveden
takto:
-------------------------------------------------------------------------------
dn: uid=Administrator, ou=People, dc=bolevec,dc=pilsfree,dc=czf
sambaLMPassword: :-)
displayName: System User
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
userPassword:: :-)
sambaLogonTime: 0
uid: Administrator
uidNumber: 0
cn: Administrator
sambaLogoffTime: 2147483647
sambaPwdLastSet: 1086102958
sambaAcctFlags: [U]
loginShell: /bin/bash
gidNumber: 513
sambaPwdMustChange: 1089990958
sambaNTPassword: :-)
sambaPwdCanChange: 0
gecos: System User
sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
description: System User
homeDirectory: /home/Administrator
sambaKickoffTime: 2147483647
sn: Administrator
-------------------------------------------------------------------------------


Můj smb.conf na PDC:
-------------------------------------------------------------------------------
[global]
        dos charset = CP852
        unix charset = iso8859-2
        workgroup = BOLEVEC
        server string = Server pro Bolevec
        map to guest = Bad User
        passdb backend = ldapsam:ldap://localhost
        log level = 1
        log file = /var/log/samba/log.%m
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = cups
        add user script = /usr/bin/smbldap-useradd -am %u
        delete user script = /usr/bin/smbldap-userde %u
        add group script = /usr/bin/smbldap-groupadd -a %g
        delete group script = /usr/bin/smbldap-groupdel %g
        add user to group script = /usr/bin/smbldap-groupmod -m %u %g
        delete user from group script = /usr/bin/smbldap-groupmod -x %u %g
        set primary group script = /usr/bin/smbldap-usermod -g %g %u
        add machine script = /usr/bin/smbldap-useradd -w %u
        domain logons = Yes
        os level = 33
        preferred master = Yes
        domain master = Yes
        ldap suffix = dc=bolevec,dc=pilsfree,dc=czf
        ldap machine suffix = ou=People
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
        ldap admin dn = cn=Manager,dc=bolevec,dc=pilsfree,dc=czf
        ldap ssl = no
        printer admin = @adm
        map acl inherit = Yes
        printing = cups
-------------------------------------------------------------------------------

Můj smb.conf na Member Serveru:
-------------------------------------------------------------------------------
[global]
        dos charset = CP852
        workgroup = BOLEVEC
        server string = Mudrc
        security = DOMAIN
        map to guest = Bad User
        password server = SRV1, *
        log file = /var/log/samba/log.%m
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = cups
        local master = No
        dns proxy = No
        ldap ssl = no
        printer admin = @adm
        printing = cups
-------------------------------------------------------------------------------


Další informace o konferenci Linux