Rodrigo,
It's not hard to fix your LDAP data, but you must find why it sambaSID
values were stored the wrong way. Maybe your LDAP config files
(/etc/slapd.conf?) on the slave point to the wrong schema definitions?
As for the space it may be there because of phpLdapAdmin. Try another
LDAP browser, like the GUI (Windows) Ldap Admin or GC (for Gnome) to
check the values.
[]s, Fernando Lozano
On 19:43:51 wrote rodrigo tavares:
Hello !
Today I have a ldap server, it replicate the database from another
machine SMB-LDAP. See the result:
dn: cn=informatica,ou=defensoria,dc=defensoria,dc=br
cn: informatica
description: Informatica
gidNumber: 2451
phpgwAccountExpires: -1
phpgwAccountType: g
userPassword:
mail: informat...@defensoria.br
memberUid: diego.santos
memberUid: alan.murta
memberUid: bruce.borba
memberUid: william.mor
memberUid: manuel.neto
memberUid: eli.set
memberUid: rodrigo.tavares
memberUid: faria.tavares
structuralObjectClass: posixGroup
entryUUID: e0cf40fa-b0af-1031-9098-b773bfdd8a70
creatorsName: cn=admin,dc=defensoria,dc=br
createTimestamp: 20121022161837Z
objectClass: top
objectClass: posixGroup
objectClass: phpgwAccount
objectClass: sambaGroupMapping
sambaGroupType: 2
displayName: informatica
sambaSID::
IFMtMS01LTIxLTM2OTQ4MTM4NjctMjE3NjUzNTQ2Ny0xMzMzMDcxNTk2LTU5MDM=
The field "sambaSID" should never be base64 encoded!
There is a space before "S-1-5", but should not ;-)
$ echo IFMtMS01LTIxLTM2OTQ4MTM4NjctMjE3NjUzNTQ2Ny0xMzMzMDcxNTk2LTU5MDM=|
base64 -d
S-1-5-21-3694813867-2176535467-1333071596-5903
check your smbldap config file.
Maybe that all or most sambaSid attributes are wrong.
entryCSN: 20121112130102.988770Z#000000#000#000000
modifiersName: cn=admin,dc=defensoria,dc=mg,dc=gov,dc=br
modifyTimestamp: 20121112130102Z
I my smb.conf
[system]
comment = system
path = /home/system
public = yes
printable = no
browseable = no
guest ok = yes
read only = yes
write list = @informatica
domain logons = yes
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%u" add machine script = /usr/sbin/smbldap-useradd -w "%u"
ldap user suffix = ou=defensoria
ldap group suffix = ou=grupos
ldap machine suffix = ou=computadores
ldap passwd sync = yes
ldap admin dn = cn=admin,dc=defensoria,dc=mg,dc=gov,dc=br
ldap suffix = dc=defensoria,dc=mg,dc=gov,dc=br
ldap ssl = no
passdb backend = ldapsam:ldap://10.26.7.249
http://rodrigofariat.files.wordpress.com/2012/11/ldap-smb.png
When I try mapping the folder, come a screen with login/password,
then i type password but is not login is not access. Why is not
access ?
Rodrigo Faria
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba