Hello group,
I am trying to configure ldap backend to samba.
My samba and ldap machines are on different machines.
I am using samba3.0.22 and openldap-2.3.11.
I got two smb.conf files.
One in /etc/samba/smb.conf and another in
/usr/share/doc/samba-3.0.22/examples/LDAP/smbldap-tools-0.9.1/smb.conf.
Now the problem is when iam using 2nd smb.conf,
smbclient is showing the share info. for any user, i
mean if we give no username and wrong passwd it is
showing shares.
But when i use the 1st smb.conf file, smbclient is
giving
NT_STATUS_FAILED error, for all ldap users.
I am giving the two files's contents here.
Pls tell me the reason why it is behaving like that.
Also i was able to add samba users into ldap servers.
Pls let me know that existing ldap users and users i
added under objectclass sambaSambAccount are different
or same.If different, pls let me know how to give
username and password in ldif file.
contents of/etc/samba/smb.conf
-
# This is the main Samba configuration file. You
should read the
# smb.conf(5) manual page in order to understand the
options listed
# here. Samba has a huge number of configurable
options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a #
(hash)
# is a comment and is ignored. In this example we will
use a #
# for commentry and a ; for parts of the config file
that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run
the command "testparm"
# to check that you have not made any basic syntactic
errors.
#
#=== Global Settings
=
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MYGROUP
# server string is the equivalent of the NT
Description field
server string = Samba Server
# This option is important for security. It allows you
to restrict
# connections to machines which are on your local
network. The
# following example restricts access to two C class
networks and
# the "loopback" interface. For more examples of the
syntax see
# the smb.conf man page
; hosts allow = 192.168.1.21 192.168.1.62 127.0.0.1
# if you want to automatically load your printer list
rather
# than setting them up individually then you'll need
this
printcap name = /etc/printcap
load printers = yes
# It should not be necessary to spell out the print
system type unless
# yours is non-standard. Currently supported print
systems include:
# bsd, sysv, plp, lprng, aix, hpux, qnx
; printing = bsd
# Uncomment this if you want a guest account, you must
add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each
machine
# that connects
# log file = /var/log/samba/%m.log
# all log information in one file
log file = /var/log/samba/log.smbd
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Security mode. Most people will want user level
security. See
# security_level.txt for details.
security = user
# Use password server option only with security =
server
; password server =
# Password Level allows matching of _n_ characters of
the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba
documentation.
# Do not enable this option unless you have read those
documents
encrypt passwords = yes
; smb passwd file = /etc/samba/smbpasswd
# The following are needed to allow password changing
from Windows to
# update the Linux system password also.
# NOTE: Use these with 'encrypt passwords' and 'smb
passwd file' above.
# NOTE2: You do NOT need these to allow workstations
to change only
#the encrypted SMB passwords. They allow the
Unix password
#to be kept in sync with the SMB password.
; unix password sync = Yes
; passwd program = /usr/bin/passwd %u
; passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
# Unix users can map to different SMB User names
; username map = /etc/samba/smbusers
# Using the following line enables you to customise
your configuration
# on a per machine basis. The %m gets replaced with
the netbios name
# of the machine that is connecting
; include = /etc/samba/smb.conf.%m
# Most people will find that this option gives better
performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you
must list them
# here. See the man page for details.
;interfaces = 192.168.1.21 192.168.1.62
192.168.12.2/24 192.168.13.2/24
# Configure remote browse list synchronisation here
# request announcement to, or browse list sync from:
# a specific host or from
