From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-54710-garchives=archives.gentoo.org@gentoo.org>)
	id 1GjwtE-0001Ay-Vg
	for garchives@archives.gentoo.org; Tue, 14 Nov 2006 11:55:45 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.8/8.13.8) with SMTP id kAEBrY0Y007069;
	Tue, 14 Nov 2006 11:53:34 GMT
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174])
	by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id kAEBpTxh005041
	for <gentoo-user@lists.gentoo.org>; Tue, 14 Nov 2006 11:51:29 GMT
Received: by ug-out-1314.google.com with SMTP id z38so1340312ugc
        for <gentoo-user@lists.gentoo.org>; Tue, 14 Nov 2006 03:51:29 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=FrYLCrFq2MGTKGU+9oCrj/+X3Lg7r8Ah/cPN5fl0lGGMskBkadrTHwt9F8qJXd4xulSH3PmVjFjRtzS3TYeL8siywfPIZDuE+9z1ZpY5lIhIB3oZMdQoYyVFNc7mD190sihd3XpfIJHOrowVbjAm2n4Z9lfHjPuAE5SSZSvuSrw=
Received: by 10.78.139.1 with SMTP id m1mr897414hud.1163505088981;
        Tue, 14 Nov 2006 03:51:28 -0800 (PST)
Received: by 10.78.156.8 with HTTP; Tue, 14 Nov 2006 03:51:28 -0800 (PST)
Message-ID: <8f7a9d580611140351y7d379cfs6347fee246b9ed9b@mail.gmail.com>
Date: Tue, 14 Nov 2006 09:51:28 -0200
From: "Raphael Melo de Oliveira Bastos Sales" <raphael.melo21@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] LDAP + Samba as PDC
In-Reply-To: <455898FE.1030101@cameronlowe.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <8f7a9d580611121635m2bf1d0b4j37d59495c3d7f7e0@mail.gmail.com>
	 <455898FE.1030101@cameronlowe.com>
X-Archives-Salt: 3f08a57c-6daf-450b-9291-68c9d76c07c1
X-Archives-Hash: 15dfd43082d09f3add492507181f9712

On 11/13/06, Cameron Lowe <cameron@cameronlowe.com> wrote:
> Raphael Melo de Oliveira Bastos Sales wrote:
> > Hi everyone,
> >
> >   I've been trying to set up an authentication server for a mixed LAN
> > (Windows and Linux clientes ) and I'm having problems with Samba.
> >
> >   The way it is today, the Windows clients can access the Samba
> > server and each user can access it's home, by double-clicking on the
> > server icon on the screen that shows all the machines on the network.
> >
> >   But I'm unable to register the client workstations on the server.
> > It says something like "user name not found" when I try to do it. But
> > the odd thing is, when I look in the LDAP server, there is a registry
> > of the client there.
> >
> >   I'd like to know if anyone has managed to do this type of thing
> > and, if possible, could send me the Samba config file (smb.conf) so I
> > can see what I'm doing wrong.
> >
> >  Here is my smb.conf file. If anyone detects what I'm doing wrong,
> > I'd be grateful.  :)
> >
> > [global]
> > server string = %L
> > workgroup = WORKGROUP
> > announce as = NT Server
> >
> > hosts allow = 192.168.0.0/24
> > security = user
> > encrypt passwords = yes
> > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > interfaces = lo eth1
> > bind interfaces only = yes
> >
> > local master = yes
> > os level = 100
> > domain master = yes
> > preferred master = yes
> >
> > null passwords = no
> > #hide unreadable = yes
> >
> > enable privileges = yes
> >
> > domain logons = yes
> > logon script = login.bat
> > logon path = \\%L\profiles\%U
> > logon drive = H:
> > logon home = \\%L\%U\.9xprofile
> >
> > wins support = yes
> > name resolve order = wins lmhosts host bcast
> > dns proxy = no
> >
> > time server = yes
> > log file = /var/log/samba/log.%m
> > max log size = 50
> >
> > passdb backend = ldapsam:ldaps://127.0.0.1:636/
> >
> > ldap admin dn = cn=Laboratorio,dc=lara,dc=cic,dc=unb,dc=br
> > ldap port = 636
> > ldap suffix = dc=lara,dc=cic,dc=unb,dc=br
> > ldap server = ldaps://127.0.0.1:636/
> > ldap machine suffix = ou=Computers
> > ldap user suffix = ou=Users
> > ldap group suffix = ou=Groups
> > ldap idmap suffix = ou=Idmap
> > ldap delete dn = Yes
> > ldap password sync = yes
> >
> > add group script = /usr/sbin/smbldap-groupadd -p "%g"
> > add machine script = /usr/sbin/smbldap-useradd -w "%u"
> > add user script = /usr/sbin/smbldap-useradd -m "%u"
> > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> > delete group script = /usr/sbin/smbldap-groupdel "%g"
> > delete user script = /usr/sbin/smbldap-userdel "%u"
> > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
> > passwd program = /usr/sbin/smbldap-passwd
> > passwd chat = "*New password:*" %n\r "*New password (again):*" %n\r \
> > "*Password changed*"
> > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
> >
> > idmap backend = ldap:ldaps://127.0.0.1:636/
> > idmap uid = 10000-20000
> > idmap gid = 10000-20000
> >
> > unix charset = ISO8859-1
> >
> > profile acls = yes
> >
> > [netlogon]
> > path = /var/lib/samba/netlogon
> > guest ok = no
> > read only = yes
> > browseable = no
> >
> > [profiles]
> > path = /var/lib/samba/profiles
> > browseable = no
> > writeable = yes
> > default case = lower
> > preserve case = no
> > short preserve case = no
> > case sensitive = no
> > hide files = /desktop.ini/ntuser.ini/NTUSER.*/
> > write list = @smbusers @root
> > create mask = 0600
> > directory mask = 0700
> > csc policy = disable
> >
> > [homes]
> > path = /home/%U
> > browseable = no
> > valid users = %S
> > read only = no
> > guest ok = no
> > inherit permissions = yes
> Last time I had to do something similar (no LDAP). I had to put a reg
> hack on the XP machines. A quick search in Google shoud come up with the
> reg hack.

Hi Cameron,

    thanks for the reply. Unfortunately, all the reg hacks I found
didn't work. If I find one that does, I'll post it here. :)

Regards,

Raphael

> --
> gentoo-user@gentoo.org mailing list
>
>
-- 
gentoo-user@gentoo.org mailing list