Samba PDC a Samba Member Server
jmlika na volny.cz
jmlika na volny.cz
Úterý Červen 1 17:28:08 CEST 2004
Vážení kolegové,
mám dva počítače se Sambou 3.0.2a. Jeden je konfigurován jako PDC s
učty uloženými v LDAPu, druhý je konfigurován jako Domain Member Server.
Oba by pochopitelně měly být ve stejné doméně. Bohužel se mi nedaří přidat
Member Server do domény. Účet stroje se sice v LDAPu vytvoří, ale
nefunguje.
Na Member Serveru provádím příkaz:
-------------------------------------------------------------------------------
# net rpc join -U Administrator -S SRV1
Password:
Create of workstation account failed
User specified does not have administrator privileges
Unable to join domain BOLEVEC.
-------------------------------------------------------------------------------
Jak vidíte, nezadaří se. Uživatel "Administrator" je v LDAPu zaveden
takto:
-------------------------------------------------------------------------------
dn: uid=Administrator, ou=People, dc=bolevec,dc=pilsfree,dc=czf
sambaLMPassword: :-)
displayName: System User
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
userPassword:: :-)
sambaLogonTime: 0
uid: Administrator
uidNumber: 0
cn: Administrator
sambaLogoffTime: 2147483647
sambaPwdLastSet: 1086102958
sambaAcctFlags: [U]
loginShell: /bin/bash
gidNumber: 513
sambaPwdMustChange: 1089990958
sambaNTPassword: :-)
sambaPwdCanChange: 0
gecos: System User
sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
description: System User
homeDirectory: /home/Administrator
sambaKickoffTime: 2147483647
sn: Administrator
-------------------------------------------------------------------------------
Můj smb.conf na PDC:
-------------------------------------------------------------------------------
[global]
dos charset = CP852
unix charset = iso8859-2
workgroup = BOLEVEC
server string = Server pro Bolevec
map to guest = Bad User
passdb backend = ldapsam:ldap://localhost
log level = 1
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/bin/smbldap-useradd -am %u
delete user script = /usr/bin/smbldap-userde %u
add group script = /usr/bin/smbldap-groupadd -a %g
delete group script = /usr/bin/smbldap-groupdel %g
add user to group script = /usr/bin/smbldap-groupmod -m %u %g
delete user from group script = /usr/bin/smbldap-groupmod -x %u %g
set primary group script = /usr/bin/smbldap-usermod -g %g %u
add machine script = /usr/bin/smbldap-useradd -w %u
domain logons = Yes
os level = 33
preferred master = Yes
domain master = Yes
ldap suffix = dc=bolevec,dc=pilsfree,dc=czf
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap admin dn = cn=Manager,dc=bolevec,dc=pilsfree,dc=czf
ldap ssl = no
printer admin = @adm
map acl inherit = Yes
printing = cups
-------------------------------------------------------------------------------
Můj smb.conf na Member Serveru:
-------------------------------------------------------------------------------
[global]
dos charset = CP852
workgroup = BOLEVEC
server string = Mudrc
security = DOMAIN
map to guest = Bad User
password server = SRV1, *
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
local master = No
dns proxy = No
ldap ssl = no
printer admin = @adm
printing = cups
-------------------------------------------------------------------------------
Další informace o konferenci Linux