Good day.
Help me please to solve my problem to login a user to samba domain.
Samba accepts user authorisation only if a user account exists both in
master.password and LDAP database.
Note that uid and gid are taken from master.password instead of LDAP
database.
Why?
my smb.cf
[global]
dos charset = CP866
unix charset = KOI8-R
workgroup = FISH
server string = Samba Server
passdb backend = ldapsam:ldap://localhost
passwd program = /usr/local/smbLDAPtools/sbin/smbldap-passwd
log file = /var/log/samba/log.%m
max log size = 50
load printers = No
add user script = /usr/local/smbLDAPtools/sbin/smbldap-useradd -a -m %u
delete user script = /usr/local/smbLDAPtools/sbin/smbldap-userdel %u
add group script = /usr/local/smbLDAPtools/sbin/smbldap-groupadd -p %g
delete group script = /usr/local/smbLDAPtools/sbin/smbldap-groupdel %g
add user to group script =
/usr/local/smbLDAPtools/sbin/smbldap-groupmod -m %u %g
delete user from group script =
/usr/local/smbLDAPtools/sbin/smbldap-groupmod -x %u %g
set primary group script = /usr/local/smbLDAPtools/sbin/smbldap-usermod
-g %g %u
add machine script = /usr/local/smbLDAPtools/sbin/smbldap-useradd -w -i
%u
domain logons = Yes
os level = 60
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = cn=root,dc=offs,dc=tp
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap suffix = dc=offs,dc=tp
ldap ssl = no
ldap user suffix = ou=Users
Error message:
User serg in passdb, but getpwnam() fails!
nsswitch.conf
group: files ldap
group_compat: nis
hosts: files
networks: files
passwd: files ldap
passwd_compat: nis
shells: files
serg.ldif
#-------------------------------------------------------------------------------
# This file has been generated on 12.23.2005 at 12:16 from 192.168.1.254:389
# by Softerra LDAP Browser 2.6 (http://www.ldapbrowser.com)
#-------------------------------------------------------------------------------
version: 1
dn: uid=serg,ou=Users,dc=offs,dc=tp
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: serg
sn: serg
uid: serg
uidNumber: 1002
gidNumber: 513
homeDirectory: /home/serg
loginShell: /sbin/nologin
gecos: System User
description: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: System User
sambaSID: S-1-5-21-2252347010-2415896038-3271642905-3004
sambaPrimaryGroupSID: S-1-5-21-2252347010-2415896038-3271642905-513
sambaLogonScript: serg.bat
sambaProfilePath: \\offs\profiles\serg
sambaHomePath: \\offs\serg
sambaHomeDrive: Z:
sambaLMPassword: C2265B23734E0DACAAD3B435B51404EE
sambaAcctFlags: [U]
sambaNTPassword: 69943C5E63B4D2C104DBBCC15138B72B
sambaPwdLastSet: 1135351413
sambaPwdMustChange: 1139239413
userPassword: {SSHA}ZUR6trRjWg9PigrZbQAKXQ01gHx2OTBX
Software:
FreeBSD 6.0
samba-3.0.14a_1
nss_ldap-1.239
openldap-client-2.2.27
openldap-server-2.2.27
p5-perl-ldap-0.33
pam_ldap-1.8.0
smbldap-tools-0.9.1_1
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
