-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hye Gurus !
i'am newbie on this maillist - and my english is not very good -> sorry!
i'am verry interrested in samba using ldap authentifiaction i have see many howto on internet about this subject.
However my win XP sp2 do not want connect to my Samba pdc server perhaps something wrong...
OS debian etch
i add user like this :
# smbldap-useradd -a -P -c "toto DUPONT" toto # smbldap-useradd -a -P toto
on windows : i see my domaine and i can use authentification to acces on folder on the pdc !
but when i want add my win xp into the domaine ! impossible !
can someone help me ?
###################### smb.conf ###########################" [global]
workgroup = minou
netbios name = debian server string = Samba-LDAP PDC Server domain master = Yes local master = Yes domain logons = Yes os level = 40 #passwd program = /usr/sbin/smbldap-passwd ?u %u ldap passwd sync = Yes passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=mondomaine,dc=net
ldap suffix = dc=mondomaine,dc=net ldap group suffix = ou=Group ldap user suffix = ou=users ldap machine suffix = ou=machines add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" logon path = \%L\profile%U logon drive = P: logon home = \%L%U socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 case sensitive = No default case = lower preserve case = yes short preserve case = Yes #character set = iso8859-1 #domain admin group = @admin dns proxy = No wins support = Yes
hosts allow = 192.168.0. 127. winbind use default domain = Yes nt acl support = Yes msdfs root = Yes hide files = /desktop.ini/ntuser.ini/NTUSER.*/
[netlogon] path = /home/netlogon writable = No browseable = No write list = Administrateur # [profile] path = /home/export/profile browseable = No writeable = Yes profile acls = yes create mask = 0700 directory mask = 0700 # [homes] comment = Repertoire Personnel browseable = yes writeable = Yes # [partage] comment = Repertoire commun browseable = Yes writeable = Yes public = No path = /data
############################ slapd.conf ################################
SID="S-1-5-21-862544283-2880828001-3584954034"
slaveLDAP="127.0.0.1" slavePort="389"
masterLDAP="127.0.0.1" masterPort="389"
ldapTLS="0" verify="none" suffix="dc=mondomaine,dc=net" usersdn="ou=People,${suffix}" computersdn="ou=People,${suffix}"
groupsdn="ou=Group,${suffix}"
idmapdn="ou=People,${suffix}"
e sambaUnixIdPooldn="cn=debian,${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format="$1$%.8s" userLoginShell="/bin/bash"
userHome="/home/%U"
userGecos="System User" defaultUserGid="513" defaultComputerGid="515" skeletonDir="/etc/skel"
defaultMaxPasswordAge="90"
userSmbHome="\debian\homes%U" userProfile="\debian\profiles%U"
userHomeDrive="U:" userScript="logon.bat"
mailDomain="mondomaine.net" with_smbpasswd="0" smbpasswd="/usr/bin/smbpasswd"
#################### nssswitch.conf################ passwd: compat ldap group: compat ldap shadow: compat ldap
hosts: files dns networks: files
protocols: db files services: db files ethers: db files rpc: db files
netgroup: nis
################ export ldif ###################### # LDIF Export for: dc=mondomaine,dc=net # Generated by phpLDAPadmin ( http://phpldapadmin.sourceforge.net/ ) on March 12, 2008 4:20 pm # Server: My LDAP Server (localhost) # Search Scope: sub # Search Filter: (objectClass=*) # Total Entries: 30
dn: dc=mondomaine,dc=net objectClass: dcObject objectClass: organization o: Example Company dc: mondomaine
dn: cn=debian,dc=mondomaine,dc=net gidNumber: 1000 objectClass: inetOrgPerson objectClass: sambaUnixIdPool cn: debian sn: debian uidNumber: 1007
dn: cn=Manager,dc=mondomaine,dc=net cn: Manager telephoneNumber: 0663057489 description: Manager du domaine postalAddress: 15 rue du mauconduit postalCode: 76540 postalCode: Criquetot le mauconduit objectClass: organizationalRole
dn: ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: organizationalUnit ou: Group
dn: cn=Account Operators,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 548 cn: Account Operators description: Netbios Domain Users to manipulate users accounts sambaSID: S-1-5-32-548 sambaGroupType: 5 displayName: Account Operators
dn: cn=Administrators,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 544 cn: Administrators description: Netbios Domain Members can fully administer the computer/sambaD omainName sambaSID: S-1-5-32-544 sambaGroupType: 5 displayName: Administrators
dn: cn=Backup Operators,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 551 cn: Backup Operators description: Netbios Domain Members can bypass file security to back up file s sambaSID: S-1-5-32-551 sambaGroupType: 5 displayName: Backup Operators
dn: cn=Domain Admins,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 512 cn: Domain Admins memberUid: root description: Netbios Domain Administrators sambaSID: S-1-5-21-862544283-2880828001-3584954034-512 sambaGroupType: 2 displayName: Domain Admins
dn: cn=Domain Computers,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 515 cn: Domain Computers description: Netbios Domain Computers accounts sambaSID: S-1-5-21-862544283-2880828001-3584954034-515 sambaGroupType: 2 displayName: Domain Computers
dn: cn=Domain Guests,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 514 cn: Domain Guests description: Netbios Domain Guests Users sambaSID: S-1-5-21-862544283-2880828001-3584954034-514 sambaGroupType: 2 displayName: Domain Guests
dn: cn=Domain Users,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 513 cn: Domain Users description: Netbios Domain Users sambaSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaGroupType: 2 displayName: Domain Users
dn: cn=Print Operators,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 550 cn: Print Operators description: Netbios Domain Print Operators sambaSID: S-1-5-32-550 sambaGroupType: 5 displayName: Print Operators
dn: cn=Replicators,ou=Group,dc=mondomaine,dc=net objectClass: top objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 552 cn: Replicators description: Netbios Domain Supports file replication in a sambaDomainName sambaSID: S-1-5-32-552 sambaGroupType: 5 displayName: Replicators
dn: ou=Idmap,dc=mondomaine,dc=net objectClass: top objectClass: organizationalUnit ou: Idmap
dn: ou=machines,dc=mondomaine,dc=net ou: machines objectClass: organizationalUnit objectClass: top
dn: uid=serve$,ou=Machines,dc=mondomaine,dc=net uid: serve$ sambaSID: S-1-5-21-1244034782-2093432471-748532972-3010 sambaPwdCanChange: 1205279569 sambaPwdMustChange: 2147483647 sambaLMPassword: 587574A5B695D85AAAD3B435B51404EE sambaNTPassword: 072321F3EEF2DDA2DB88A5C7BB3628FD sambaPwdLastSet: 1205279569 sambaAcctFlags: [W ] objectClass: sambaSamAccount objectClass: account
dn: ou=People,dc=mondomaine,dc=net objectClass: top objectClass: organizationalUnit ou: People
dn: uid=franck,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: franck sn: franck givenName: franck uid: franck uidNumber: 1005 gidNumber: 513 homeDirectory: /home/franck loginShell: /bin/bash gecos: System User sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 displayName: System User sambaSID: S-1-5-21-862544283-2880828001-3584954034-3010 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\franck sambaHomePath: \debian\homes\franck sambaHomeDrive: U: sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdMustChange: 2147483647 sambaPasswordHistory: 000000000000000000000000000000000000000000000000000000 0000000000 sambaAcctFlags: [U ] sambaPwdCanChange: 1205279981 sambaPwdLastSet: 1205279981 userPassword: {SSHA}lMkPUMvpX7SLDjXnUsXX1UHUM7AYQ23v
dn: uid=garfield,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: garfield sn: garfield givenName: garfield uid: garfield uidNumber: 1003 gidNumber: 513 homeDirectory: /home/garfield loginShell: /bin/bash gecos: garfield minou sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 displayName: garfield minou sambaSID: S-1-5-21-862544283-2880828001-3584954034-3006 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\garfield sambaHomePath: \debian\homes\garfield sambaHomeDrive: U: sambaPwdCanChange: 1205279649 sambaPwdMustChange: 2147483647 sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPasswordHistory: 000000000000000000000000000000000000000000000000000000 0000000000 sambaPwdLastSet: 1205279649 sambaAcctFlags: [U ] userPassword: {SSHA}FKQbeCHIYn4y+jANJrUKzcXD5ZryJFjE
dn: uid=nobody,ou=People,dc=mondomaine,dc=net cn: nobody sn: nobody objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 514 uid: nobody uidNumber: 999 homeDirectory: /dev/null sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 sambaHomePath: \debian\homes\nobody sambaHomeDrive: U: sambaProfilePath: \debian\profiles\nobody sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-514 sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX sambaAcctFlags: [NUD ] sambaSID: S-1-5-21-862544283-2880828001-3584954034-2998 loginShell: /bin/false
dn: uid=nouille,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: nouille sn: nouille givenName: nouille uid: nouille uidNumber: 1004 gidNumber: 513 homeDirectory: /home/nouille loginShell: /bin/bash gecos: nouille nouille sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 displayName: nouille nouille sambaSID: S-1-5-21-862544283-2880828001-3584954034-3008 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\nouille sambaHomePath: \debian\homes\nouille sambaHomeDrive: U: sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaAcctFlags: [U] sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdLastSet: 1205278395 sambaPwdMustChange: 1213054395 userPassword: {SSHA}jmgi/WJRb4LWGubiY0ESLi0fhex3ajdM
dn: uid=oops,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: oops sn: oops givenName: oops uid: oops uidNumber: 1006 gidNumber: 513 homeDirectory: /home/oops loginShell: /bin/bash gecos: System User userPassword: {crypt}x sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 displayName: System User sambaAcctFlags: [UX] sambaSID: S-1-5-21-862544283-2880828001-3584954034-3012 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\oops sambaHomePath: \debian\homes\oops sambaHomeDrive: U:
dn: uid=root,ou=People,dc=mondomaine,dc=net cn: root sn: root objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: root uidNumber: 0 homeDirectory: /home/root sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaHomePath: \debian\homes\root sambaHomeDrive: U: sambaProfilePath: \debian\profiles\root sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-512 sambaSID: S-1-5-21-862544283-2880828001-3584954034-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaAcctFlags: [U] sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdLastSet: 1205275706 sambaPwdMustChange: 1213051706 userPassword: {SSHA}fkTC1ohX/oH6mYphnQa6Z+aEJ+lvcHVQ
dn: uid=sabrina,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: sabrina sn: sabrina givenName: sabrina uid: sabrina uidNumber: 1001 gidNumber: 513 homeDirectory: /home/sabrina loginShell: /bin/bash gecos: sabrina FONTAINE sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 displayName: sabrina FONTAINE sambaSID: S-1-5-21-862544283-2880828001-3584954034-3002 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\sabrina sambaHomePath: \debian\homes\sabrina sambaHomeDrive: U: sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaAcctFlags: [U] sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdLastSet: 1205270017 sambaPwdMustChange: 1213046017 userPassword: {SSHA}5CAQIwSoOKfNSYhgu+TLbMA/RAtQNlhE
dn: uid=test,ou=People,dc=mondomaine,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: test sn: test givenName: test uid: test uidNumber: 1002 gidNumber: 513 homeDirectory: /home/test loginShell: /bin/bash gecos: test sa sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 displayName: test sa sambaSID: S-1-5-21-862544283-2880828001-3584954034-3004 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-513 sambaLogonScript: logon.bat sambaProfilePath: \debian\profiles\test sambaHomePath: \debian\homes\test sambaHomeDrive: U: sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaAcctFlags: [U] sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdLastSet: 1205275224 sambaPwdMustChange: 1213051224 userPassword: {SSHA}RHUCgviMgeeMWQnqzaAummLi//FSdi45
dn: ou=users,dc=mondomaine,dc=net ou: users objectClass: organizationalUnit objectClass: top
dn: uid=nobody,ou=Users,dc=mondomaine,dc=net cn: nobody sn: nobody objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 514 uid: nobody uidNumber: 999 homeDirectory: /dev/null sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-514 sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX sambaAcctFlags: [NUD ] sambaSID: S-1-5-21-862544283-2880828001-3584954034-2998 loginShell: /bin/false
dn: uid=root,ou=Users,dc=mondomaine,dc=net cn: root sn: root objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: root uidNumber: 0 homeDirectory: /home/root sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPrimaryGroupSID: S-1-5-21-862544283-2880828001-3584954034-512 sambaSID: S-1-5-21-862544283-2880828001-3584954034-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: 5ABB8B7D728DAD9FAAD3B435B51404EE sambaAcctFlags: [U] sambaNTPassword: 30FE997E5B1952EADD217C9F8D01375F sambaPwdLastSet: 1205269850 sambaPwdMustChange: 1209157850 userPassword: {SSHA}ERELK5S1k93p0lJuU/SHzuoy2q10RGww
dn: sambaDomainName=DEBIAN,dc=mondomaine,dc=net sambaDomainName: DEBIAN sambaSID: S-1-5-21-862544283-2880828001-3584954034 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaNextUserRid: 1000 sambaMinPwdLength: 5 sambaPwdHistoryLength: 0 sambaLogonToChgPwd: 0 sambaMaxPwdAge: -1 sambaMinPwdAge: 0 sambaLockoutDuration: 30 sambaLockoutObservationWindow: 30 sambaLockoutThreshold: 0 sambaForceLogoff: -1 sambaRefuseMachinePwdChange: 0
dn: sambaDomainName=MINOU,dc=mondomaine,dc=net sambaDomainName: MINOU sambaSID: S-1-5-21-1244034782-2093432471-748532972 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaNextUserRid: 1000 sambaMinPwdLength: 5 sambaPwdHistoryLength: 0 sambaLogonToChgPwd: 0 sambaMaxPwdAge: -1 sambaMinPwdAge: 0 sambaLockoutDuration: 30 sambaLockoutObservationWindow: 30 sambaLockoutThreshold: 0 sambaForceLogoff: -1 sambaRefuseMachinePwdChange: 0