<div class="gmail_quote">Boa noite Senhores....<br><br>Ando quebrando a cabeça com openLDAP e Samba aqui, só que neste momento estou enfrentando alguns problemas, pois o domínio existe, mas não consigo colocar uma máquina do domínio nem a pau, seguem meus arquivos de configuração e os erros que aparecem aqui:<br>
<br>Erros:<br><br>/var/log/messages<br><br>Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>
Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] nsswitch/idmap.c:idmap_alloc_init(820)<br>Jun 12 00:31:34 server01 winbindd[4853]: ERROR: Initialization failed for alloc backend, deferred!<br>Jun 12 00:31:34 server01 smbd[4847]: [2009/06/12 00:31:34, 0] auth/auth_util.c:create_builtin_administrators(844)<br>
Jun 12 00:31:34 server01 smbd[4847]: create_builtin_administrators: Failed to create Administrators<br>Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>
Jun 12 00:31:35 server01 winbindd[4853]: [2009/06/12 00:31:35, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:35 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>Jun 12 00:31:36 server01 winbindd[4853]: [2009/06/12 00:31:36, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>
Jun 12 00:31:36 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>Jun 12 00:31:37 server01 winbindd[4853]: [2009/06/12 00:31:37, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:37 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>
Jun 12 00:31:38 server01 winbindd[4853]: [2009/06/12 00:31:38, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:38 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>Jun 12 00:31:39 server01 winbindd[4853]: [2009/06/12 00:31:39, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>
Jun 12 00:31:39 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>Jun 12 00:31:40 server01 winbindd[4853]: [2009/06/12 00:31:40, 0] lib/smbldap.c:smb_ldap_setup_conn(636)<br>Jun 12 00:31:40 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine<br>
<br>Ao iniciar o serviço:<br><br>[root@server01 log]# service smb status<br>smbd morto mas o arquivo pid existe<br>nmbd (pid 4851 4850) está rodando...<br>[root@server01 log]#<br><br><br>/var/log/samba/smbd.log<br><br>[2009/06/12 00:28:47, 0] smbd/server.c:main(944)<br>
smbd version 3.0.33-3.7.el5 started.<br> Copyright Andrew Tridgell and the Samba Team 1992-2008<br>[2009/06/12 00:28:47, 0] services/services_db.c:svcctl_init_keys(420)<br> svcctl_init_keys: key lookup failed! (WERR_ACCESS_DENIED)<br>
[2009/06/12 00:28:47, 0] smbd/server.c:main(1059)<br> ERROR: failed to setup guest info.<br>[2009/06/12 00:29:03, 0] smbd/server.c:main(944)<br> smbd version 3.0.33-3.7.el5 started.<br> Copyright Andrew Tridgell and the Samba Team 1992-2008<br>
[2009/06/12 00:29:49, 0] auth/auth_util.c:create_builtin_administrators(844)<br> create_builtin_administrators: Failed to create Administrators<br>[2009/06/12 00:30:04, 0] auth/auth_util.c:create_builtin_users(810)<br> create_builtin_users: Failed to create Users<br>
[root@server01 samba]#<br><br>Meu smb.conf :<br><br><br>[global] <br><br> netbios name = SERVER01<br> workgroup = VIEGASEALMEIDA<br> # Seguranca e autenticacao<br>
security = user <br> encrypt passwords = yes <br> load printers = yes <br><br> # Opcoes de browser de dominio<br> domain master = yes <br> local master = yes <br>
domain logons = yes <br> unix charset = iso8859-1 <br> os level = 64 <br> preferred master = yes <br><br> # Log<br> log file = /var/log/samba/%m.log<br>
max log size = 500 <br> log level = 1 <br><br> # Resolucao de nomes<br> name resolve order = lmhosts wins bcast<br> # Samba rodara com wins <br>
wins support = yes <br><br> # Permite insercao de maquinas no dominio por meio de "Domain Admins"<br> enable privileges = yes <br>
<br> # Script que ficara no netlogon para carregamento na hora do login do usuario<br> logon script = login.bat <br><br> # Mapeamento de unidade de rede<br>
; logon drive = X: <br> # Mapeamento do home do usuario<br> ; logon home = \\%N\%U <br><br> # Perfil do usuario ficara na maquina local do usuario<br> # logon path = %windir%\inf\perfil <br>
<br> # Maquinas windows serao clients ntp do samba<br> time server = yes <br><br> # BASE DE AUTENTICACAO LDAP<br> passdb backend = ldapsam:ldap://<a href="http://127.0.0.1/" target="_blank">127.0.0.1/</a><br>
ldap admin dn = "cn=admind,dc=viegasealmeida,dc=com,dc=br"<br> ldap ssl = off <br> ldap delete dn = yes <br>
ldap user suffix = ou=Users <br>
ldap group suffix = ou=Groups <br> ldap machine suffix = ou=Computers <br> ldap suffix = "dc=viegasealmeida,dc=com,dc=br" <br>
ldap idmap suffix = ou = Idmap <br>
ldap passwd sync = Yes <br><br> # Controle de ACLs via Windows Explorer<br> map acl inherit = yes<br> inherit acls = yes<br> inherit permissions = yes<br>
nt acl support = yes<br><br> # Compatibilidade com o Office 2003<br> level2 oplocks = No<br><br> # Integracao com SMBLDAP-TOOLS<br> passwd program = /usr/sbin/smbldap-passwd %u<br> add user script = /usr/sbin/smbldap-useradd -m "%u"<br>
delete user script = /usr/sbin/smbldap-userdel "%u"<br> add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"<br> add group script = /usr/sbin/smbldap-groupadd -p "%g"<br>
# delete group script = /usr/sbin/smbldap-groupdel "%g"<br> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"<br> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"<br>
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"<br> idmap backend = ldap://<a href="http://127.0.0.1/" target="_blank">127.0.0.1/</a><br> idmap uid = 10000-15000<br>
idmap gid = 10000-15000<br>
<br> # Arquivos banidos do servidor!<br> veto files = /*.mp3 /*.avi /*.mpeg /*.mpg /*.wma /*.wmv /*.flv<br><br><br>Segue anexo erro que aparece ao tentar ingressar uma máquina XP no domínio.<br><br>Meu slapd.conf: <br>
<br>include /etc/openldap/schema/core.schema <br>include /etc/openldap/schema/cosine.schema <br>include /etc/openldap/schema/inetorgperson.schema <br>include /etc/openldap/schema/nis.schema <br>
include /etc/openldap/schema/samba.schema <br><br>allow bind_v2<br><br><br>pidfile /var/run/openldap/slapd.pid<br>argsfile /var/run/openldap/slapd.args<br><br>modulepath /usr/lib64/openldap<br>
backend bdb <br><br>schemachecking on<br><br>sizelimit unlimited<br><br>moduleload <a href="http://accesslog.la" target="_blank">accesslog.la</a><br>moduleload <a href="http://auditlog.la" target="_blank">auditlog.la</a> <br>
moduleload <a href="http://lastmod.la" target="_blank">lastmod.la</a> <br>
moduleload <a href="http://smbk5pwd.la" target="_blank">smbk5pwd.la</a> <br><br>database bdb<br>suffix "dc=viegasealmeida,dc=com,dc=br"<br>rootdn "cn=admind,dc=viegasealmeida,dc=com,dc=br"<br>
rootpw "secret"<br><br>directory /var/lib/ldap<br><br>index objectClass eq,pres<br>index ou,cn,mail,surname,givenname eq,pres,sub<br>index uidNumber,gidNumber,loginShell eq,pres<br>
index uid,memberUid eq,pres,sub<br>index nisMapName,nisMapEntry eq,pres,sub<br>index sambaSID eq<br>index sambaPrimaryGroupSID eq<br>index SambaDomainName eq<br>
<br><br><br>access to attrs=userPassword,sambaLMPassword,sambaNTPassword<br> by anonymous auth<br> by self write<br> by * none<br><br>access to attrs=shadowLastChange<br> by self write<br> by * none<br><br>
access to *<br> by * read<br><br><br><br>Alguem teria uma luz pra mim aí?<br><br>[]'s<br>T+...<br><br>Atenciosamente.<br><br>Leomar Viegas Junior.<br>LPIC-1 Linux Professional Institute Certified<br>MCP - Managing Windows XP & 2003 Server<br>
<br><br> .ýlý..ýlý.<br>Loading.... CISCO<br><br>**********************************************************************<br>Informação transmitida destina-se apenas à pessoa a quem foi endereçada e pode conter informação confidencial, legalmente protegida e para conhecimento exclusivo do destinatário. Se o leitor desta advertência não for o seu destinatário, fica ciente de que sua leitura, divulgação ou cópia é estritamente proibida. Caso a mensagem tenha sido recebida por engano, favor comunicar ao remetente e apagar o texto de qualquer computador.<br>
<br><br><br>**********************************************************************</div>