Re: [Samba] ldap users with users samba

[TAKAHASHI Motonobu]

From: rodrigo tavares rodrigofar...@yahoo.com.br
Date: Tue, 22 Jan 2013 03:17:44 -0800 (PST)

 Hello,
 
 I create one user, with the command.
 
 smbldap-useradd -a -P user
 
 The option -a (atributtes samba) and -P call smbldap-passwd.
 This command make atributtes.
 
 Then, i try to login in domain, but some error.
 
 root@replica:~# smbclient -L localhost -U user
 Enter user's password:
 session setup failed: NT_STATUS_LOGON_FAILURE

Because you set:

-
passdb backend = ldapsam:ldap://10.65.8.95
passdb backend = tdbsam
-

in your smb.conf. If you set a parameter twice in smb.conf, latter one is
enabled. So you use tdbsam now.

---
TAKAHASHI Motonobu mo...@monyo.com / @damemonyo 
   facebook.com/takahashi.motonobu



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] ldap users with users samba

[TAKAHASHI Motonobu]

From: rodrigo tavares rodrigofar...@yahoo.com.br
Date: Fri, 18 Jan 2013 10:13:26 -0800 (PST)

 I trying sync ldap users with users samba.
 
 I'm using a interface, by create ldap users.
 So, when ldap user be created, i want account e password samba be
 created.

To configure Samba, You can create a LDAP user automatically when you
create Samba user. But if you add a LDAP user directly (without using
Samba interface), you have to add a Samba user manually or with invoking
some script from your LDAP interface.

And if you want to change Samba users's password automatically when you
change LDAP users's password, you need to configure pam_smbpass.so
correctly.

---
TAKAHASHI Motonobu mo...@monyo.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] ldap users with users samba

[rodrigo tavares]

Hello !

I trying sync ldap users with users samba.

I´m using a interface, by create ldap users.

So, when ldap user be created, i want account e password samba be created. 



No my smb.conf I put the follow lines:

    ldap admin dn = cn=admin,dc=def,dc=mg,dc=gov,dc=br
    ldap group suffix = ou = groups
    ldap machine suffix = ou = computers
    ldap passwd sync = yes
    encrypt passwords = Yes
    ldap suffix = dc=def,dc=mg,dc=gov,dc=br
    ldap ssl = no
    ldap user suffix = ou = defensory
    smb ports = 445 139

    add user script = /usr/sbin/smbldap-useradd -a -m %u
    add group script = /usr/sbin/smbldap-groupadd -p %g
    add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
    delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
    set primary group script = /usr/sbin/smbldap-usermod -g %g %u
    add machine script = /usr/sbin/smbldap-useradd -w %u
    passwd program = /usr/sbin/smbldap-passwd -s %u
    passdb backend = ldapsam:ldap://10.65.8.95
    passdb backend = tdbsam
    hosts allow = 127.0.0.1, 10.65.8.0/255.255.252.0
    pam password change = yes
    passwd program = /usr/bin/passwd %u

I make a configure in  sladp.conf:

include    /etc/ldap/schema/ppolicy.schema

moduleload  ppolicy.so
overlay ppolicy
access to 
attrs=userPassword,shadowLastChange,sambaPwdMustChange,sambaLMPassword,sambaPwdLastSet,sambaNTPassword
    by dn=cn=admin,dc=def,dc=mg,dc=gov,dc=br write
    by anonymous auth
    by self write
    by * none

The user ldap is done, but samba user is not created.

See some logs:

Jan 18 16:09:01 defensoria slapd[6210]: conn=2455 fd=50 ACCEPT from 
IP=10.65.8.95:54507 (IP=0.0.0.0:389)

So its bad.


root@replica:/etc/ldap# smbclient -L 10.65.8.95 -U xbox
Enter xbox's password:
session setup failed: NT_STATUS_LOGON_FAILURE

Thanks !

Rodrigo Faria Tavares
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba