Hola a todos.<br><br>Estoy experimentando con el montaje de un PDC con LDAP y Samba. Aparentemente está instalado y los daemos correspondientes corriendo, pero algo no va bien. <br><br>Me ocurre lo siguiente. Esto, por ejemplo, sale bien:<br>
<br><span style="font-family: courier new,monospace;">smbclient -L localhost </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Password: </span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">Anonymous login successful</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Domain=[CENTRO] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> Sharename Type Comment</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> --------- ---- -------</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> Comun Disk Carpeta general del centro</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> Profesores Disk Carpeta general de profesores</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> Alumnos Disk Carpeta general de alumnos</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> apps Disk Aplicaciones</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> netlogon Disk Network Logon Service</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> profiles Disk Profile Share</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> profdata Disk Profile Data Share</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> print$ Disk Printer Drivers</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> IPC$ IPC IPC Service (Samba 3.0.33-3.7.el5)</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Anonymous login successful</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">Domain=[CENTRO] OS=[Unix] Server=[Samba 3.0.33-3.7.el5]</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> Server Comment</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> --------- -------</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> LINUXSRV Samba 3.0.33-3.7.el5</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> Workgroup Master</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> --------- -------</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> CENTRO LINUXSRV</span><br style="font-family: courier new,monospace;"><br><br>Pero si lo hago lo mismo con root:<br><br><span style="font-family: courier new,monospace;">smbclient -L localhost -U root%xxxxxxxx</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">session setup failed: NT_STATUS_LOGON_FAILURE</span><br><br>La password es correcta, porque es la misma que utilizo para acceder al sistema, la he puesto y repuesto con smbpassw -w xxxxxxxx ... ya no sé qué más mirar.<br>
<br>También ocurre que ...<br><br><span style="font-family: courier new,monospace;">getent passwd | grep root</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">root:x:0:0:root:/root:/bin/bash</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">operator:x:11:0:operator:/root:/sbin/nologin</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">root:x:0:0:root:/root:/bin/bash</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">operator:x:11:0:operator:/root:/sbin/nologin</span><br style="font-family: courier new,monospace;"><br>Entiendo que debería salir una vez nada más, no entiendo por qué sale dos.<br>
<br>Para rematar, desde un equipo Windows XP es imposible añadir dicho equipo al dominio, me da error de usuario / contraseña.<br><br>Agracederé enormemente cualquier ayuda al respecto.<br><br>Mis ficheros de configuración son.<br>
<br><u><b>smb.conf:</b></u><br><br><span style="font-family: courier new,monospace;">[global]</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> unix charset = LOCALE</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> workgroup = CENTRO</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> netbios name = LinuxSrv</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> admin users = Administrador @"Domain Admins"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> interfaces = eth0, lo</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> bind interfaces only = Yes</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> passdb backend = ldapsam:ldap://<a href="http://127.0.0.1">127.0.0.1</a></span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> enable privileges = Yes</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> username map = /etc/samba/smbusers</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> log level = 5</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> syslog = 0</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> log file = /var/log/samba/%m</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> max log size = 50</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> smb ports = 139</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> name resolve order = wins bcast hosts</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> time server = Yes </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> printcap name = CUPS</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> show add printer wizard = No</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> logon script = scripts\logon.bat</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> logon path = \\%L\profiles\%U</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> logon drive = X: </span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> domain logons = Yes </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> preferred master = Yes</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> wins support = Yes</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> add user script = /usr/sbin/smbldap-useradd -m "%u" </span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> delete user script = /usr/sbin/smbldap-userdel "%u" </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> add group script = /usr/sbin/smbldap-groupadd -p "%g"</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> delete group script = /usr/sbin/smbldap-groupdel "%g"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> add machine script = /usr/sbin/smbldap-useradd -w "%u"</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> ldap suffix = dc=centro,dc=lan </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> ldap machine suffix = ou=People</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> ldap user suffix = ou=People </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> ldap group suffix = ou=Group </span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> ldap idmap suffix = ou=Idmap</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> ldap admin dn = cn=Administrador,dc=centro,dc=lan</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> idmap backend = ldap:ldap://<a href="http://127.0.0.1">127.0.0.1</a></span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> idmap uid = 10000-20000</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> idmap gid = 10000-20000</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> map acl inherit = Yes</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> printing = cups</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> ldap passwd sync = yes</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> security = user</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">[homes]</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> comment = Carpetas particulares de usuario</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> valid users = %S</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> read only = No </span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> browseable = No</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">[Comun]</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> comment = Carpeta general del centro</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> path = /data/comun</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> read only = No</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">[Profesores]</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> comment = Carpeta general de profesores</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> path = /data/profesores</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> read only = No</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">[Alumnos]</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> comment = Carpeta general de alumnos</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> path = /data/alumnos</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> read only = No</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><u><b>/etc/openldap/slapd.conf</b></u><br><br><span style="font-family: courier new,monospace;">include /etc/openldap/schema/core.schema</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">include /etc/openldap/schema/cosine.schema</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">include /etc/openldap/schema/inetorgperson.schema</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">include /etc/openldap/schema/nis.schema</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">include /etc/openldap/schema/samba.schema</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">allow bind_v2</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">pidfile /var/run/openldap/slapd.pid</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">argsfile /var/run/openldap/slapd.args</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">database bdb</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">suffix "dc=centro,dc=lan"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">rootdn "cn=Administrador,dc=centro,dc=lan"</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">directory /var/lib/ldap/autenticar</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">index objectClass eq</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">index cn,sn,uid,displayName pres,sub,eq</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">index uidNumber eq</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">index gidNumber eq</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">index memberUID eq</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">index sambaSID eq,sub</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">index sambaPrimaryGroupSID eq</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">index sambaDomainName eq</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">index default sub</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><u><b>/etc/openldap/ldap.conf</b></u><br>
<br><span style="font-family: courier new,monospace;">URI ldap://<a href="http://127.0.0.1/">127.0.0.1/</a></span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">host 127.0.0.1</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">BASE dc=centro,dc=lan</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">TLS_CACERTDIR /etc/openldap/cacerts</span><br>
<br><u><b>/etc/ldap.conf</b></u><br>
<br><span style="font-family: courier new,monospace;"></span><span style="font-family: courier new,monospace;">host 127.0.0.1</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">base dc=centro,dc=lan</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">timelimit 120</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">bind_timelimit 120</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">bind_policy soft</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">idle_timelimit 3600</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">uri ldap://<a href="http://127.0.0.1/">127.0.0.1/</a></span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">ssl no</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">tls_cacertdir /etc/openldap/cacerts</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">pam_password md5</span><br style="font-family: courier new,monospace;"><br><u><b>/etc/nsswitch.conf</b></u><br>
<br><span style="font-family: courier new,monospace;">passwd: files ldap</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">shadow: files ldap</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">group: files ldap</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">hosts: files dns</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">bootparams: nisplus [NOTFOUND=return] files</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">ethers: files</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">netmasks: files</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">networks: files</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">protocols: files</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">rpc: files</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">services: files</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">netgroup: files ldap</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">publickey: nisplus</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">automount: files ldap</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">aliases: files nisplus</span><br><br>Gracias anticipadas y un cordial saludo,<br><br>Arturo Limon<br><br style="font-family: courier new,monospace;"><br>