Boa noite Senhores....
Ando quebrando a cabeça com openLDAP e Samba aqui, só que neste momento estou enfrentando alguns problemas, pois o domínio existe, mas não consigo colocar uma máquina do domínio nem a pau, seguem meus arquivos de configuração e os erros que aparecem aqui:
Erros:
/var/log/messages
Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] nsswitch/idmap.c:idmap_alloc_init(820) Jun 12 00:31:34 server01 winbindd[4853]: ERROR: Initialization failed for alloc backend, deferred! Jun 12 00:31:34 server01 smbd[4847]: [2009/06/12 00:31:34, 0] auth/auth_util.c:create_builtin_administrators(844) Jun 12 00:31:34 server01 smbd[4847]: create_builtin_administrators: Failed to create Administrators Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:35 server01 winbindd[4853]: [2009/06/12 00:31:35, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:35 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:36 server01 winbindd[4853]: [2009/06/12 00:31:36, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:36 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:37 server01 winbindd[4853]: [2009/06/12 00:31:37, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:37 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:38 server01 winbindd[4853]: [2009/06/12 00:31:38, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:38 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:39 server01 winbindd[4853]: [2009/06/12 00:31:39, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:39 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine Jun 12 00:31:40 server01 winbindd[4853]: [2009/06/12 00:31:40, 0] lib/smbldap.c:smb_ldap_setup_conn(636) Jun 12 00:31:40 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Ao iniciar o serviço:
[root@server01 log]# service smb status smbd morto mas o arquivo pid existe nmbd (pid 4851 4850) está rodando... [root@server01 log]#
/var/log/samba/smbd.log
[2009/06/12 00:28:47, 0] smbd/server.c:main(944) smbd version 3.0.33-3.7.el5 started. Copyright Andrew Tridgell and the Samba Team 1992-2008 [2009/06/12 00:28:47, 0] services/services_db.c:svcctl_init_keys(420) svcctl_init_keys: key lookup failed! (WERR_ACCESS_DENIED) [2009/06/12 00:28:47, 0] smbd/server.c:main(1059) ERROR: failed to setup guest info. [2009/06/12 00:29:03, 0] smbd/server.c:main(944) smbd version 3.0.33-3.7.el5 started. Copyright Andrew Tridgell and the Samba Team 1992-2008 [2009/06/12 00:29:49, 0] auth/auth_util.c:create_builtin_administrators(844) create_builtin_administrators: Failed to create Administrators [2009/06/12 00:30:04, 0] auth/auth_util.c:create_builtin_users(810) create_builtin_users: Failed to create Users [root@server01 samba]#
Meu smb.conf :
[global]
netbios name = SERVER01 workgroup = VIEGASEALMEIDA # Seguranca e autenticacao security = user encrypt passwords = yes load printers = yes
# Opcoes de browser de dominio domain master = yes local master = yes domain logons = yes unix charset = iso8859-1 os level = 64 preferred master = yes
# Log log file = /var/log/samba/%m.log max log size = 500 log level = 1
# Resolucao de nomes name resolve order = lmhosts wins bcast # Samba rodara com wins wins support = yes
# Permite insercao de maquinas no dominio por meio de "Domain Admins" enable privileges = yes
# Script que ficara no netlogon para carregamento na hora do login do usuario logon script = login.bat
# Mapeamento de unidade de rede ; logon drive = X: # Mapeamento do home do usuario ; logon home = \%N%U
# Perfil do usuario ficara na maquina local do usuario # logon path = %windir%\inf\perfil
# Maquinas windows serao clients ntp do samba time server = yes
# BASE DE AUTENTICACAO LDAP passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = "cn=admind,dc=viegasealmeida,dc=com,dc=br" ldap ssl = off ldap delete dn = yes ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap suffix = "dc=viegasealmeida,dc=com,dc=br" ldap idmap suffix = ou = Idmap ldap passwd sync = Yes
# Controle de ACLs via Windows Explorer map acl inherit = yes inherit acls = yes inherit permissions = yes nt acl support = yes
# Compatibilidade com o Office 2003 level2 oplocks = No
# Integracao com SMBLDAP-TOOLS passwd program = /usr/sbin/smbldap-passwd %u add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" # delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" idmap backend = ldap://127.0.0.1/ idmap uid = 10000-15000 idmap gid = 10000-15000
# Arquivos banidos do servidor! veto files = /*.mp3 /*.avi /*.mpeg /*.mpg /*.wma /*.wmv /*.flv
Segue anexo erro que aparece ao tentar ingressar uma máquina XP no domínio.
Meu slapd.conf:
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args
modulepath /usr/lib64/openldap backend bdb
schemachecking on
sizelimit unlimited
moduleload accesslog.la moduleload auditlog.la moduleload lastmod.la moduleload smbk5pwd.la
database bdb suffix "dc=viegasealmeida,dc=com,dc=br" rootdn "cn=admind,dc=viegasealmeida,dc=com,dc=br" rootpw "secret"
directory /var/lib/ldap
index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub index sambaSID eq index sambaPrimaryGroupSID eq index SambaDomainName eq
access to attrs=userPassword,sambaLMPassword,sambaNTPassword by anonymous auth by self write by * none
access to attrs=shadowLastChange by self write by * none
access to * by * read
Alguem teria uma luz pra mim aí?
[]'s T+...
Atenciosamente.
Leomar Viegas Junior. LPIC-1 Linux Professional Institute Certified MCP - Managing Windows XP & 2003 Server
.ılı..ılı. Loading.... CISCO
********************************************************************** Informação transmitida destina-se apenas à pessoa a quem foi endereçada e pode conter informação confidencial, legalmente protegida e para conhecimento exclusivo do destinatário. Se o leitor desta advertência não for o seu destinatário, fica ciente de que sua leitura, divulgação ou cópia é estritamente proibida. Caso a mensagem tenha sido recebida por engano, favor comunicar ao remetente e apagar o texto de qualquer computador.
**********************************************************************
