I have the following system:
- Samba 3 using LDAP backend.
- Every old windows user has been inserted in LDAP database.
- Samba is configured (or is trying to be) as a PDC.
- Win2k is working by now with workgroups, not with domains.
The idea now is use this new Samba schema for user authentication in the
company. From a workstation I changed the workgroup use to domain, and I
inserted the one in Samba. It seems to connect to it, but no user can log in
(wrong username and password), and all of them are already inserted in LDAP.
Furthermore, whenever a look up in Samba (pdbedit -vL), I can see that all the
users are accesible by Samba.
What is the problem?
I will attach my smb.conf file:
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/02/16 15:42:24
# Global parameters
[global]
domain master = Yes
preferred master = yes
local master = yes
domain logons = yes
directory mask = 0770
passdb backend = ldapsam:ldap://localhost:389
logon script = logon.cmd
veto files = /*.eml/*.nws/riched20.dll/*.{*}/
printing = cups
force directory mode = 0770
ldap admin dn = cn=root,dc=my,dc=domain
#logon path = \{}\{}%N\{}profiles\{}%U
#logon path = /var/lib/samaba/netlogon
workgroup = LINUXTEST
os level = 255
create mask = 0770
wins support = true
ldap machine suffix = ou=machines
printcap name = CUPS
#logon home = \{}\{}%N\{}\{}%u\{}winprofile
netbios name = LINUXTEST
force create mode = 0770
ldap group suffix = ou=Groups
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
logon drive = H:
ldap user suffix = ou=People
auto services = homes
time server = Yes
security = user
map to guest = Bad User
socket options = TCP_NODELAY SO_RCVBUF=8192 IPTOS_LOWDELAY
SO_SNDBUF=8192
ldap suffix = dc=my,dc=domain
ldap ssl = off
hide unreadable = yes
#hosts allow = 192.168.0.0/255.255.255.0 127.0.0.1
#hosts deny = all
idmap uid = 10000-20000
idmap gid = 10000-20000
idmap backend = ldap:ldap://localhost:389
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0740
directory mask = 0750
browseable = No
[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
[supersamba]
user = @ldapusers
path = /usr/local/shares/super
writeable = yes
comment = Samba ist Super
valid users = @ldapusers
[netlogon]
path = /var/lib/samba/netlogon
write list = root
read only = yes
guest ok = yes
browseable = no
[profiles]
path = /var/lib/samba/profiles
browseable = no
read only = no
directory mask = 0700
create mask = 0600
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
