[Fedora-users-br] Problemas com o samba+ldap
Sérgio Cioban Filho - TECJUMP
sergio em tecjump.com.br
Ter Jul 25 14:19:24 UTC 2006
salve galera,
Estou com problemas com o samba integrado com o LDAP.
Os usuários login normalmente normalmente, mas somente o root ou o
administrador conseguem acessar os compartilhamentos no servidor, os
outros usuários (do grupo Usuários do Domínio) não acessam nem as suas
pastas home, fica pedindo senha novamente (no Rwindows).
Segue o LOG do samba com o erro:
[2006/07/25 22:13:08, 0] smbd/service.c:make_connection(800)
172.16.16.13 (172.16.16.13) couldn't find service arquivos
[2006/07/25 22:13:10, 0] smbd/service.c:make_connection(800)
172.16.16.13 (172.16.16.13) couldn't find service arquivos
[2006/07/25 22:13:22, 0] smbd/service.c:make_connection_snum(620)
'/home/PASTA' does not exist or is not a directory, when connecting to
[pasta]
Segue o meu smb.conf:
# Global parameters
[global]
workgroup = PILOTO
server string = Servidor Samba LDAP
netbios name = LDAP
#unix password sync = yes
#ldap password sync = yes
ldap delete dn = yes
log file = /var/log/samba/samba.log
max log size = 50
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# logon script = %u.bat
#logon script = login.bat
#logon path = \\server\profiles\%u
#logon drive = \\server\profiles\%U
logon path =
logon drive =
domain logons = yes
os level = 130
preferred master = yes
domain master = yes
dns proxy = no
wins support = yes
ldap ssl = no
keepalive = 60
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
read raw = no
name resolve order = lmhosts wins hosts bcast
# passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
security = user
passdb backend = ldapsam:ldap://127.0.0.1/
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
# add machine script = /usr/sbin/smbldap-useradd -i -g 515 -w "%u"
add machine script = /usr/sbin/smbldap-useradd -w -i "%u"
ldap suffix = dc=ldap,dc=clemar
ldap machine suffix = ou=Computadores
ldap user suffix = ou=Usuarios
ldap group suffix = ou=Grupos
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=tecjump,dc=ldap,dc=clemar
idmap backend = ldap:ldap://127.0.0.1
# idmap uid = 10000-20000
# idmap gid = 10000-20000
admin users = administrador root
#winbind enum users = yes
#winbind enum groups = yes
### ACL
inherit acls = Yes
map acl inherit = Yes
nt acl support = yes
#inherit permissions = Yes
#acl compatibility = win2k
#### Erro "Unable to unmarshall SAMR_Q_SET_USERINFO"
#profile acls = yes
####
[homes]
comment = Diretorio de Usuarios
read only = No
create mask = 0700
browseable = Yes
#[netlogon]
# path = /home/samba/netlogon
# guest ok = Yes
#[profiles]
# path = /home/samba/profiles
# browseable = no
# read only = no
# guest ok = yes
# writable = yes
# directory mask = 0700
# create mask = 0600
# profile acls = yes
# nt acl support = yes
# csc policy = disable
# force user = %U
# valid users = %U @"Domain Admins"
[dados]
comment = DADOS Compartilhados do Servidor
path = /arquivos/dados
browseable = yes
public = yes
read only = no
writable = yes
# force user = administrador
# force group = 512
# create mask = 0770
# directory mask = 0770
[pasta]
comment = DADOS Compartilhados do Servidor
path = /home/PASTA
browseable = yes
public = yes
read only = no
writable = yes
# force user = administrador
# force group = 512
# create mask = 0770
# directory mask = 0770
### ACL
#inherit acls = Yes
#map acl inherit = Yes
#nt acl support = yes
#inherit permissions = Yes
#acl compatibility = win2k
Grato,
########################################
#!/bin/bash
nome="Sergio Cioban Filho"
cargo="Administrador Linux"
email="sergio em tecjump.com.br"
certificacao="Linux Professional Institute - Level 1"
export nome cargo email certificacao
exit 0
########################################
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://listman.redhat.com/archives/fedora-users-br/attachments/20060725/82bbac00/attachment.htm>
Mais detalhes sobre a lista de discussão Fedora-users-br