Buenas Tengo una duda con el servidor BDC que tengo montado. Esta montado con un samba + openldap y despues de configurar samba segun el manual oficial de samba no se si la replica del ldap tambien se activa correctamente. Alguna vez me encuentro que saltó pero no realiza las validaciones rebotando todos los usuarios.
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html Segun entiendo cuando monto el BDC tengo que activar la replica slave del openldap o no es necesario? O sea con la configuracion del smb.conf es suficiente o tambien tengo que configurar el slapd.conf? Os posteo ambas configs: smb.conf global: [global] workgroup = domain netbios name = domain-PDC security = user enable privileges = yes interfaces = 127.0.0.0/8 eth0 10.0.1.0/24 10.0.0.0/24 # bind interfaces only = yes server string = domain Primary Domain Controller encrypt passwords = true # obey pam restrictions = no # pam password change = yes unix password sync = no ldap passwd sync = yes passwd program = /usr/bin/smbldap-passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . log level = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = yes #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = UTF-8 logon path = \\%N\profiles\%U logon drive = logon home = logon script = domain logons = yes domain master = yes local master = yes preferred master = yes os level = 65 wins support = yes dns proxy = yes panic action = /usr/share/samba/panic-action %d server signing = auto server schannel = auto winbind trusted domains only = yes winbind use default domain = yes passdb backend = ldapsam:"ldap://127.0.0.1 ldap://moon.domain.es"; ldap admin dn = cn=admin,dc=domain,dc=es ldap suffix = dc=domain,dc=es ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap ssl = no ldap delete dn = yes add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" load printers = yes create mask = 0644 directory mask = 0755 nt acl support = no printing = cups printcap name = cups deadtime = 60 keepalive = 600 guest account = nobody map to guest = bad user dont descend = /proc,/dev,/etc,/lib,/lost+found show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no usershare allow guests = yes El slap.conf del PDC: # The distinguished name of the search base. base dc=domain,dc=es ldap_version 3 rootbinddn cn=admin,dc=domain,dc=es # Another way to specify your LDAP server is to provide an uri ldap:///127.0.0.1 pam_password md5 -exim,avahi,backup,bin,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,nagios,news ,ntp,openldap,polkituser,proxy,root,saned,snmp,sshd,sync,sys,syslog,uucp,www-data Si tienen algun howto ya me va bien, pero es que no tengo claro si hay que hacer algo mas para que funcione el bdc correctamente Un Saludo -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinkf4kezgr1tyh4q3vf2evmh6n41ujtptyfr...@mail.gmail.com
