Boa noite Senhores....
Ando quebrando a cabeça com openLDAP e Samba aqui, só que neste momento estou enfrentando alguns problemas, pois o domínio existe, mas não consigo colocar uma máquina do domínio nem a pau, seguem meus arquivos de configuração e os erros que aparecem aqui:
Erros:
/var/log/messages
Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] nsswitch/idmap.c:idmap_alloc_init(820)
Jun 12 00:31:34 server01 winbindd[4853]: ERROR: Initialization failed for alloc backend, deferred!
Jun 12 00:31:34 server01 smbd[4847]: [2009/06/12 00:31:34, 0] auth/auth_util.c:create_builtin_administrators(844)
Jun 12 00:31:34 server01 smbd[4847]: create_builtin_administrators: Failed to create Administrators
Jun 12 00:31:34 server01 winbindd[4853]: [2009/06/12 00:31:34, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:34 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:35 server01 winbindd[4853]: [2009/06/12 00:31:35, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:35 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:36 server01 winbindd[4853]: [2009/06/12 00:31:36, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:36 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:37 server01 winbindd[4853]: [2009/06/12 00:31:37, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:37 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:38 server01 winbindd[4853]: [2009/06/12 00:31:38, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:38 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:39 server01 winbindd[4853]: [2009/06/12 00:31:39, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:39 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Jun 12 00:31:40 server01 winbindd[4853]: [2009/06/12 00:31:40, 0] lib/smbldap.c:smb_ldap_setup_conn(636)
Jun 12 00:31:40 server01 winbindd[4853]: ldap_initialize: Bad parameter to an ldap routine
Ao iniciar o serviço:
[root@server01 log]# service smb status
smbd morto mas o arquivo pid existe
nmbd (pid 4851 4850) está rodando...
[root@server01 log]#
/var/log/samba/smbd.log
[2009/06/12 00:28:47, 0] smbd/server.c:main(944)
smbd version 3.0.33-3.7.el5 started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
[2009/06/12 00:28:47, 0] services/services_db.c:svcctl_init_keys(420)
svcctl_init_keys: key lookup failed! (WERR_ACCESS_DENIED)
[2009/06/12 00:28:47, 0] smbd/server.c:main(1059)
ERROR: failed to setup guest info.
[2009/06/12 00:29:03, 0] smbd/server.c:main(944)
smbd version 3.0.33-3.7.el5 started.
Copyright Andrew Tridgell and the Samba Team 1992-2008
[2009/06/12 00:29:49, 0] auth/auth_util.c:create_builtin_administrators(844)
create_builtin_administrators: Failed to create Administrators
[2009/06/12 00:30:04, 0] auth/auth_util.c:create_builtin_users(810)
create_builtin_users: Failed to create Users
[root@server01 samba]#
Meu smb.conf :
[global]
netbios name = SERVER01
workgroup = VIEGASEALMEIDA
# Seguranca e autenticacao
security = user
encrypt passwords = yes
load printers = yes
# Opcoes de browser de dominio
domain master = yes
local master = yes
domain logons = yes
unix charset = iso8859-1
os level = 64
preferred master = yes
# Log
log file = /var/log/samba/%m.log
max log size = 500
log level = 1
# Resolucao de nomes
name resolve order = lmhosts wins bcast
# Samba rodara com wins
wins support = yes
# Permite insercao de maquinas no dominio por meio de "Domain Admins"
enable privileges = yes
# Script que ficara no netlogon para carregamento na hora do login do usuario
logon script = login.bat
# Mapeamento de unidade de rede
; logon drive = X:
# Mapeamento do home do usuario
; logon home = \\%N\%U
# Perfil do usuario ficara na maquina local do usuario
# logon path = %windir%\inf\perfil
# Maquinas windows serao clients ntp do samba
time server = yes
# BASE DE AUTENTICACAO LDAP
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = "cn=admind,dc=viegasealmeida,dc=com,dc=br"
ldap ssl = off
ldap delete dn = yes
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap suffix = "dc=viegasealmeida,dc=com,dc=br"
ldap idmap suffix = ou = Idmap
ldap passwd sync = Yes
# Controle de ACLs via Windows Explorer
map acl inherit = yes
inherit acls = yes
inherit permissions = yes
nt acl support = yes
# Compatibilidade com o Office 2003
level2 oplocks = No
# Integracao com SMBLDAP-TOOLS
passwd program = /usr/sbin/smbldap-passwd %u
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
# delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
idmap backend = ldap://127.0.0.1/
idmap uid = 10000-15000
idmap gid = 10000-15000
# Arquivos banidos do servidor!
veto files = /*.mp3 /*.avi /*.mpeg /*.mpg /*.wma /*.wmv /*.flv
Segue anexo erro que aparece ao tentar ingressar uma máquina XP no domínio.
Meu slapd.conf:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
modulepath /usr/lib64/openldap
backend bdb
schemachecking on
sizelimit unlimited
moduleload accesslog.la
moduleload auditlog.la
moduleload lastmod.la
moduleload smbk5pwd.la
database bdb
suffix "dc=viegasealmeida,dc=com,dc=br"
rootdn "cn=admind,dc=viegasealmeida,dc=com,dc=br"
rootpw "secret"
directory /var/lib/ldap
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
index sambaSID eq
index sambaPrimaryGroupSID eq
index SambaDomainName eq
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by anonymous auth
by self write
by * none
access to attrs=shadowLastChange
by self write
by * none
access to *
by * read
Alguem teria uma luz pra mim aí?
[]'s
T+...
Atenciosamente.
Leomar Viegas Junior.
LPIC-1 Linux Professional Institute Certified
MCP - Managing Windows XP & 2003 Server
.ýlý..ýlý.
Loading.... CISCO
**********************************************************************
Informação transmitida destina-se apenas à pessoa a quem foi endereçada e pode conter informação confidencial, legalmente protegida e para conhecimento exclusivo do destinatário. Se o leitor desta advertência não for o seu destinatário, fica ciente de que sua leitura, divulgação ou cópia é estritamente proibida. Caso a mensagem tenha sido recebida por engano, favor comunicar ao remetente e apagar o texto de qualquer computador.
**********************************************************************