On Jan 26, 2012, at 10:55 AM, Jürgen Echter wrote:
Am 26.01.2012 17:51, schrieb Alex Moen:
Forgot to add... If I create a Unix account, and add it to the
local smbpasswd subsystem, it works fine. I can log in using the
credentials that I create. So, samba is working, and linux/ldap is
working, but samba/ldap has issues...
On Jan 26, 2012, at 9:54 AM, Alex Moen wrote:
Centos 6
Samba 3
smbldap-tools installed.
LDAP directory not on local host.
Example user LDIF:
dn: uid=testu...@mydomain.com,ou=mydomain,o=ndtc
mailHost: mailserver.mydomain.com
loginShell: /bin/bash
gidNumber: 500
uidNumber: 53112
uid: testu...@mydomain.com
sn: user
cn: test user
mail: testu...@mydomain.com
homeDirectory: /cust/mydomain/users/testuser
gecos: test user,,662-6123
objectClass: mirapointmailuser
objectClass: inetorgperson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSAMAccount
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaSID: S-1-5-21-3311107553-3899660464-2674327009-107224
sambaAcctFlags: [UX]
sambaHomeDrive: F:
sambaHomePath: \\ndtc-fs\cust\mydomain\users
sambaPwdLastSet: 1327615956
sambaPwdMustChange: 2147483647
getent passwd shows:
testu...@mydomain.com:x:53112:500:test user,,662-6123:/cust/
mydomain/users/testuser:/bin/bash
I can ssh to the server with this account. So, the linux/ldap
stuff seems to work properly.
However, I cannot connect with the smb proto. Continue to get a
username/password prompt.
My suspicion is the "@" in the uid, which as I understand it, in
the windoze world signifies a group... I think I am confusing
something in the process.
My question is: can Samba be configured to append the
"@mydomain.com" to the username, then authenticate the user? So
the user could use the testuser login via the windoze login and
drive mapping processes, but Samba would actually use testu...@mydomain.com
to actually authenticate?
All these accounts are already in use in the LDAP directory, and
so the uid cannot be changed.
lmk if there's anything else needed here... I'm willing to share
configs, command outputs, etc. to get this solved.
TIA!
sounds if samba isn't using LDAP properly.
would you mind to show us your config?
greets
juergen
Sure! Here it is:
[global]
workgroup = A36561
server string = My File Server
netbios name = NDTC-FS
interfaces = lo eth1
log file = /var/log/samba/log.%m
max log size = 50
ldap debug level = 1
ldap debug threshold = 5
log level = 3 all:5
security = user
passdb backend = ldapsam:ldap://66.163.128.204
ldap suffix = ou=mydomain,o=ndtc
ldap machine suffix = ou=People
ldap usersuffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,o=ndtc
ldap ssl = off
domain master = yes
domain logons = yes
wins support = yes
load printers = yes
cups options = raw
[homes]
comment = Home Directories
browseable = no
writable = yes
[groups]
comment = Group Directories
path = /cust/mydomain/groups
guest ok = no
writable = yes
[share]
comment = Share space
path = /cust/mydomain/share
public = yes
writeable = yes
read only = no
printable = no
write list = +users
force create mode = 660
force directory mode = 770
force user = nobody
force group = nobody
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
