I'm running 3.0.2rc1. User authentication was working, until I got the bright idea to change ntgroup _users_ to users Now no one can login, any ideas how to fix? I've tried deleting the tree & starting over from scratch, no joy:
[EMAIL PROTECTED] root]# smbclient //chs/tmp -U doj Password: tree connect failed: Call returned zero bytes (EOF) [EMAIL PROTECTED] root]#
When I run pdbedit -v, the use is listed
I can browse the LDAP tree with Jarek Gawor's LDAP Browser\Editor
smb.conf is as follows: [global] force user = root hosts allow = 192.168.10. 192.168.20. hosts deny = all interfaces = eth0 eth1 passdb backend = ldapsam ldap suffix = dc=hbclp,dc=com #ldap machine suffix = ou=_COMPUTERS_ #ldap user suffix = ou=_USERS_ #ldap group suffix = ou=_GROUPS_ ldap machine suffix = ou=computers ldap group suffix = ou=groups ldap user suffix = ou=users
ldap admin dn = "cn=root,dc=hbclp,dc=com" #not using ssl because this is all happening on the localhost ldap ssl = no #ldap ssl = Yes #ldap ssl = start tls idmap backend = ldap:ldap://127.0.0.1 winbind separator = + winbind enum users = yes winbind enum groups = yes wins support = yes idmap gid = 10000-20000 idmap uid = 10000-20000
passwd chat debug = Yes passwd program =/usr/bin/smbldap-passwd.pl -o %u passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*
#mentioned that these options improve performance
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add machine script = /usr/bin/smbldap-useradd.pl -w %ms" add user script = /usr/bin/smbldap-useradd.pl -a %u delete user script = /usr/bin/smbldap-userdel.pl %u add group script = /usr/bin/smbldap-groupadd.pl %g delete group script = /usr/bin/smbldap-groupdel.pl %g add user to group script = /usr/bin/smbldap-groupmod.pl" -m %u %g delete user from group script = /usr/bin/smbldap-groupmod.pl -x %u %g set primary group script = /usr/bin/smbldap-usermod.pl -G %g %u
workgroup = workgroup
netbios name = chs comment = Chesterfield Server
server string = Chesterfield Server
security = user
null passwords = yes
encrypt passwords = yes
logon script=logon.bat
### These left Blank will force local profiles but will not override LDAP config ##if set LDAP takes precedence. logon drive = logon path =
domain master = yes domain logons = yes preferred master = yes os level = 33
wins support = no wins proxy = no
log file = /var/log/samba/%m.log
public = No browseable = yes writable = No
; necessary share for domain controller
[netlogon]
path = /netlogon
locking = no
read only = yes
write list = ntadmin
;test share
[tmp]
writeable = yes
public = yes
path = /tmp[profiles] path = /profiles read only = no writeable = yes create mask = 0600 directory mask = 0700
[sys]
public=yes
path = /home/sys
read only = No[vol1]
public=yes
path = /home/vol1
read only = No[cdroms]
public=yes
path = /home/cdroms
read only = No
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
