[Fedora-directory-users] FDS && SAMBA

Ryan Taylor rtaylor82 at gmail.com
Tue Sep 27 16:30:48 UTC 2005


Ok, figured it out kinda... or at least got the groupmapping working and
thats a relief. The problem was in the smb.conf file which I will include
the updated one below. Which leaves me with only two questions:
When I run "ldapsearch -x -Z '(uid=testuser)' I get the following error and
info:
[root at beefylinux slapd-beefylinux]# ldapsearch -x -Z '(uid=testuser)'
ldap_start_tls: Protocol error (2)
additional info: unsupported extended operation
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=testuser)
# requesting: ALL
#

# testuser, People, beefylinux.com <http://beefylinux.com>
dn: uid=testuser,ou=People,dc=beefylinux,dc=com
uid: testuser
sambaSID: S-1-5-21-110894667-3098860623-2699652354-2006
sambaPrimaryGroupSID: S-1-5-21-110894667-3098860623-2699652354-513
displayName: Test domainshiat
sambaPwdCanChange: 1127837149
sambaPwdMustChange: 2147483647
sambaLMPassword: ECD96218B47A5336AAD3B435B51404EE
sambaNTPassword: 3F5A79137212E2026748DDA7A48F656C
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1127837149
sambaAcctFlags: [U ]
objectClass: sambaSamAccount
objectClass: account
objectClass: top

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1
[root at beefylinux slapd-beefylinux]#
******************************************************************************

last question is how to add a domain computer account to a windows machine
could join the domain..

Thank you again
Ryan

On 9/27/05, fedora-directory-users-request at redhat.com <
fedora-directory-users-request at redhat.com> wrote:
>
> Send Fedora-directory-users mailing list submissions to
> fedora-directory-users at redhat.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> or, via email, send a message with subject or body 'help' to
> fedora-directory-users-request at redhat.com
>
> You can reach the person managing the list at
> fedora-directory-users-owner at redhat.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Fedora-directory-users digest..."
>
>
> Today's Topics:
>
> 1. FC3 - AdminUtil - Prb3 (Jason Kullo Sam)
> 2. Re: FC3 - AdminUtil - Prb3 (Noriko Hosoi)
> 3. FDS && SAMBA (Ryan Taylor)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 26 Sep 2005 15:48:26 -0600
> From: Jason Kullo Sam <kullo at lws.bia.edu>
> Subject: [Fedora-directory-users] FC3 - AdminUtil - Prb3
> To: fedora-directory-users at redhat.com
> Message-ID: <43386CAA.2060208 at lws.bia.edu>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Ok...NEXT screwup on my part...here is below. Got past the perl
> scripts...now onto...???SOMETHING???
>
> FC3 box...adminutil setup...and once more...thanks for all your help so
> far guys!
>
> ===================================================================
> [root at genie fedora-adminutil-devel-7.1]# gmake BUILD_DEBUG=optimize
> BUILD_RPM=1
> cat:
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /Linux2.6/buildnum.dat:
> No such file or directory
> if test ! -d Linux2.6; then mkdir Linux2.6; fi;
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/buildnum.pl
> -p Linux2.6
> perl
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/pumpkin.pl 90
> pumpkin.dat
> if test ! -d
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal/include;
> then mkdir -p
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal/include;
> fi;
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/dirver.pl -v
> "7.1" -o
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal/include/dirver.h
> The components are up to date
>
> ==== Building AdminUtil ==========
>
> cd lib/libadminutil; gmake BUILD_OPT=1 NSPR_BASENAME= USE_PTHREADS=1
> SECURITY=domestic MOZILLA_SOURCE_ROOT_EXT= ICU_SOURCE_ROOT_EXT= USE_64=
> gmake[1]: Entering directory
> `/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /lib/libadminutil'
> echo
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.a
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.a
> echo
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.so
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.so
>
> ---------------------- SNIP MAKE CRUD
> -----------------------------------------
>
> -I../../../mozilla/dist/Linux2.6_x86_glibc_PTH_OPT.OBJ/include
> -I../../../mozilla/dist/public/nss -I../../../mozilla/dist/public/ldap
> -I../../../icu/built/include strlist.c -o
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/strlist.o
> gcc -c -fPIC -pipe -DLINUX -Dlinux -DBSD -D_POSIX_SOURCE -D_XOPEN_SOURCE
> -D_BSD_SOURCE -DHAVE_STRERROR -DNO_DBM -DNO_NODELOCK -DXP_UNIX -DLinux
> -O2 -DNET_SSL -DSPAPI20 -DBUILD_NUM=\"2005.269.2130\"
> -I/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/include
> -I../../../mozilla/dist/Linux2.6_x86_glibc_PTH_OPT.OBJ/include
> -I../../../mozilla/dist/public/nss -I../../../mozilla/dist/public/ldap
> -I../../../icu/built/include resource.c -o
> /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/resource.o
> resource.c:26:26: unicode/ures.h: No such file or directory
> resource.c:27:29: unicode/ustring.h: No such file or directory
> resource.c: In function `res_getstring':
> resource.c:90: error: `UResourceBundle' undeclared (first use in this
> function)
> resource.c:90: error: (Each undeclared identifier is reported only once
> resource.c:90: error: for each function it appears in.)
> resource.c:90: error: `bundle' undeclared (first use in this function)
> resource.c:91: error: `UErrorCode' undeclared (first use in this function)
> resource.c:91: error: syntax error before "status"
> resource.c:98: error: `status' undeclared (first use in this function)
> resource.c:102: error: syntax error before '*' token
> resource.c:104: error: `umsg' undeclared (first use in this function)
> resource.c:110: warning: assignment makes pointer from integer without a
> cast
> resource.c:113: error: `U_ZERO_ERROR' undeclared (first use in this
> function)
> gmake[1]: ***
> [/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/resource.o]
> Error 1
> gmake[1]: Leaving directory
> `/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1
> /lib/libadminutil'
> gmake: *** [buildAdminUtil] Error 2
> [root at genie fedora-adminutil-devel-7.1]#
>
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 26 Sep 2005 15:02:04 -0700
> From: Noriko Hosoi <nhosoi at redhat.com>
> Subject: Re: [Fedora-directory-users] FC3 - AdminUtil - Prb3
> To: "General discussion list for the Fedora Directory server project."
> <fedora-directory-users at redhat.com>
> Message-ID: <43386FDC.3070900 at redhat.com>
> Content-Type: text/plain; charset="us-ascii"
>
> An HTML attachment was scrubbed...
> URL:
> https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/attachment.html
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/x-pkcs7-signature
> Size: 3170 bytes
> Desc: S/MIME Cryptographic Signature
> Url :
> https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/smime.bin
>
> ------------------------------
>
> Message: 3
> Date: Tue, 27 Sep 2005 10:02:42 -0400
> From: Ryan Taylor <rtaylor82 at gmail.com>
> Subject: [Fedora-directory-users] FDS && SAMBA
> To: fedora-directory-users at redhat.com
> Message-ID: <611ae400050927070224ed2dc3 at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> hi,
>
> followed the howto at:
> http://directory.fedora.redhat.com/wiki/Howto:Sambaword for word and
> ran into same problems...
> When I try to exec net groupmap add... I get error:
>
> [root at beefylinux ~]# net groupmap add rid=512 ntgroup='Domain Admins'
> unixgroup='Domain Admins'
> Can't lookup UNIX group Domain Admins
> [root at beefylinux ~]#
> ************************************************
> if I run getent group:
> *************************************************
> [root at beefylinux ~]# getent group root::0:root
> bin::1:root,bin,daemon
> daemon::2:root,bin,daemon
> sys::3:root,bin,adm
> adm::4:root,adm,daemon
> tty::5:
> disk::6:root
> lp::7:daemon,lp
> mem::8:
> kmem::9:
> wheel::10:root
> mail::12:mail
> news::13:news
> uucp::14:uucp
> man::15:
> games::20:
> gopher::30:
> dip::40:
> ftp::50:
> lock::54:
> nobody::99:
> users:!!:100:micro
> dbus:x:81:
> floppy:x:19:
> vcsa:x:69:
> nscd:x:28:
> rpm:x:37:
> haldaemon:x:68:
> utmp:x:22:
> netdump:x:34:
> slocate:x:21:
> sshd:x:74:
> rpc:x:32:
> rpcuser:x:29:
> nfsnobody:x:65534:
> mailnull:x:47:
> smmsp:x:51:
> pcap:x:77:
> apache:x:48:
> squid:x:23:
> webalizer:x:67:
> xfs:x:43:
> ntp:x:38:
> gdm:x:42:
> mysql:x:27:
> micro:!:500:
> ldap:!:55:
> dcldap::501:
> Domain Admins:x:2512:
> Domain Users:x:2513:
> Domain Guests:x:2514:
> Domain Computers:x:2515:
> [root at beefylinux ~]#
> ******************************************************************
> Which is what I have read it is supposed to say...
> My smb.conf is as follows:
> ******************************************************************
>
> [root at beefylinux ~]# cat /etc/samba/smb.conf
> # This is the main Samba configuration file. You should read the
> # smb.conf(5) manual page in order to understand the options listed
> # here. Samba has a huge number of configurable options (perhaps too
> # many!) most of which are not shown in this example
> #
> # Any line which starts with a ; (semi-colon) or a # (hash)
> # is a comment and is ignored. In this example we will use a #
> # for commentry and a ; for parts of the config file that you
> # may wish to enable
> #
> # NOTE: Whenever you modify this file you should run the command
> "testparm"
> # to check that you have not made any basic syntactic errors.
> #
> #======================= Global Settings
> =====================================
> [global]
> log file = /var/log/samba/%m.log
> load printers = yes
> idmap gid = 16777216-33554431
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> null passwords = yes
> template shell = /bin/false
> dns proxy = no
> cups options = raw
> netbios name = beefylinux
> server string = BEEFYLINUX
> idmap uid = 16777216-33554431
> password server = None
> workgroup = workgroup
> os level = 33
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> wins support = yes
>
> logon home = \\%L\%u\profiles
> logon path = \\%L\profiles\%u
> logon drive = H:
> template shell = /bin/false
> winbind use default domain = no
> printcap name = /etc/printcap
> username map = /etc/samba/smbusers
> max log size = 50
> security = user
> passdb backend = ldapsam:ldap://beefylinux.com
> ldap admin dn = cn=Directory Manager
> ldap suffix = dc=beefylinux,dc=com
> ldap user suffix = ou=People
> ldap machine suffix = ou=Computers
> ldap group suffix = ou=Groups
>
> [netlogon]
> path = /var/lib/samba/netlogon
> read only = yes
> browsable = no
>
> [profiles]
> path = /var/lib/samba/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
>
> [homes]
> browsable = no
> writable = yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = no
> # Set public = yes to allow user 'guest account' to print
> public = yes
> printable = yes
>
> [Another]
> comment = The other one
> path = /another
> force user = netfiles
> force group = users
> read only = No
> guest ok = Yes
>
> [Share]
> comment = Our file share
> path = /linsys
> force user = netfiles
> force group = users
> read only = No
> guest ok = Yes
>
> [Wisker]
> comment = long
> path = /home/micro/Desktop/SHARED
> force user = micro
> force group = micro
> read only = No
> guest ok = Yes
>
>
> # This one is useful for people to share files
> ;[tmp]
> ; comment = Temporary file space
> ; path = /tmp
> ; read only = no
> ; public = yes
>
> # A publicly accessible directory, but read only, except for people in
> # the "staff" group
> ;[public]
> ; comment = Public Stuff
> ; path = /home/samba
> ; public = yes
> ; read only = yes
> ; write list = @staff
>
> # Other examples.
> #
> # A private printer, usable only by fred. Spool data will be placed in
> fred's
> # home directory. Note that fred must have write access to the spool
> directory,
> # wherever it is.
> ;[fredsprn]
> ; comment = Fred's Printer
> ; valid users = fred
> ; path = /homes/fred
> ; printer = freds_printer
> ; public = no
> ; writable = no
> ; printable = yes
>
> # A private directory, usable only by fred. Note that fred requires write
> # access to the directory.
> ;[fredsdir]
> ; comment = Fred's Service
> ; path = /usr/somewhere/private
> ; valid users = fred
> ; public = no
> ; writable = yes
> ; printable = no
>
> # a service which has a different directory for each machine that connects
> # this allows you to tailor configurations to incoming machines. You could
> # also use the %u option to tailor it by user name.
> # The %m gets replaced with the machine name that is connecting.
> ;[pchome]
> ; comment = PC Directories
> ; path = /usr/pc/%m
> ; public = no
> ; writable = yes
>
> # A publicly accessible directory, read/write to all users. Note that all
> files
> # created in the directory by users will be owned by the default user, so
> # any user with access can delete any other user's files. Obviously this
> # directory must be writable by the default user. Another user could of
> course
> # be specified, in which case all files would be owned by that user
> instead.
> ;[public]
> ; path = /usr/somewhere/else/public
> ; public = yes
> ; only guest = yes
> ; writable = yes
> ; printable = no
>
> # The following two entries demonstrate how to share a directory so that
> two
> # users can place files there that will be owned by the specific users. In
> this
> # setup, the directory should be writable by both users and should have
> the
> # sticky bit set on it to prevent abuse. Obviously this could be extended
> to
> # as many users as required.
> ;[myshare]
> ; comment = Mary's and Fred's stuff
> ; path = /usr/somewhere/shared
> ; valid users = mary fred
> ; public = no
> ; writable = yes
> ; printable = no
> ; create mask = 0765
>
> #[Share2]
> #comment = The other one
> #path = /home/micro/Desktop/SHARED
> #writeable = yes
> #guest ok = yes
> #read only = no
> #force user = netfiles
> #force group = users
>
> Anyhelp would be greatly appreciated... im also kinda looking ahead and
> wondering how you setup "Domain computer" accounts so you can add windows
> machines to domain.. but thats pointless until i can get past this hurdle.
>
> Thank you
> Ryan
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://www.redhat.com/archives/fedora-directory-users/attachments/20050927/dbf373f4/attachment.html
>
> ------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
> End of Fedora-directory-users Digest, Vol 4, Issue 22
> *****************************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050927/dbf0b2fb/attachment.htm>


More information about the Fedora-directory-users mailing list