Sziasztok,
Azt szeretnem, hogy a Samba LDAP szerverbol authentikaljon, illetve
majd a nem windowsos kliensek is ldapbol authentikaljanak. Samba, ldap
egy szerveren van (debian etch Linux srv 2.6.18-5-686 #1 SMP)
Viszont mar ott elakadtam, hogy mikor kiadom a:
net groupmap add rid=513 unixgroup=ldapusers ntgroup='Domain Users'
parancsot ezt kapom: Can't lookup UNIX group ldapusers
es valoban a getent group sem adja vissza az ldapusers csoportot.
Pedig benne van az ldap adatbazisban, pam a leiras szerint van
bekonfigolva. Hol lehet a gond?
(ezt a leirast kovettem: http://www.mithrandir.hu/doc/book/node54.html)
Koszi a segitseget,
klajosh
- 1824 megtekintés
Hozzászólások
Ha a getent nem adja vissza az ldap-os informaciokat akkor valoszinuleg az nsswitch.conf -od nincs rendesen beallitva vagy nem megfeleloek a pam beallitasaid. Mellesleg a megjelolt doksi kovetkezo alfejezeteben ez is le van irva http://www.mithrandir.hu/doc/book/node55.html
-- Soha ne vitatkozz idiotakkal! Lesulyedsz az O szintjukre es legyoznek a rutinjukkal !!! --
- A hozzászóláshoz be kell jelentkezni
az a baj, hogy szo szerint az ott felsorol konfig beallitasok vannak
a fajlokban:
/etc/nsswitch.conf:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
srv:/etc/pam.d# cat ./common-account
account sufficient pam_ldap.so
account required pam_unix.so try_first_pass
srv:/etc/pam.d# cat ./common-auth
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure try_first_pass
srv:/etc/pam.d# cat ./common-password
password sufficient pam_ldap.so
password required pam_unix.so nullok obscure min=4 max=8 md5 try_first_pass
es nem megy .... otletem sincs mi lehet a baj.
- A hozzászóláshoz be kell jelentkezni
tegyéle egy loglevel=256-ot azt ldap konfigurációjába és figyeld az üzeneteket!
fogod látni, hogy
- egyáltalán kapcolódik-e a pam
- és ha igen, akkor mit csinál
- A hozzászóláshoz be kell jelentkezni
kossz kiprobalom. sajnos csak este van ra modom, hogy megnezzem.
az az erzesem, hogy meg se probal kapcsolodni...
- A hozzászóláshoz be kell jelentkezni
beallitottam a logolast... semmi se jelenik meg ha
a getent group -ot adom ki...
ellenben ha
ldapsearch -x akkor az latszik szepen a logban:
srv slapd[2419]: conn=0 fd=12 ACCEPT from IP=127.0.0.1:2340 (IP=127.0.0.1:389)
srv slapd[2419]: conn=0 op=0 BIND dn="" method=128
srv slapd[2419]: conn=0 op=0 RESULT tag=97 err=0 text=
srv slapd[2419]: conn=0 op=1 SRCH base="dc=test,dc=foo,dc=hu" scope=2 deref=0 filter="(objectClass=*)"
srv slapd[2419]: conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=11 text=
srv slapd[2419]: conn=0 op=2 UNBIND
srv slapd[2419]: conn=0 fd=12 closed
pam_ldap.conf:
host 127.0.0.1
base dc=test,dc=foo,dc=hu
ldap_version 3
rootbinddn cn=admin,dc=test,dc=foo,dc=hu
pam_password crypt
minden mas ki van kommentezve. hol lehet a gond?
- A hozzászóláshoz be kell jelentkezni
tehát nem is kapcsolódik. ha sima belogoláskor nézed, akkor sem?
libnss-ldap telepítve van?
- A hozzászóláshoz be kell jelentkezni
igy van nem kapcsolodik... de mikor belogolok akko meg igen
Jan 14 19:01:46 srv slapd[2419]: conn=1 fd=12 ACCEPT from IP=127.0.0.1:2030 (IP=127.0.0.1:389)
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=0 BIND dn="cn=admin,dc=test,dc=foo,dc=hu" method=128
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=0 BIND dn="cn=admin,dc=test,dc=foo,dc=hu" mech=SIMPLE ssf=0
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=0 RESULT tag=97 err=0 text=
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=1 SRCH base="dc=test,dc=foo,dc=hu" scope=2 deref=0 filter="(uid=ha)"
Jan 14 19:01:46 srv slapd[2419]: <= bdb_equality_candidates: (uid) index_param failed (18)
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=2 BIND anonymous mech=implicit ssf=0
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=2 BIND dn="cn=admin,dc=test,dc=foo,dc=hu" method=128
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=2 BIND dn="cn=admin,dc=test,dc=foo,dc=hu" mech=SIMPLE ssf=0
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=2 RESULT tag=97 err=0 text=
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=3 SRCH base="dc=test,dc=foo,dc=hu" scope=2 deref=0 filter="(uid=ha)"
Jan 14 19:01:46 srv slapd[2419]: <= bdb_equality_candidates: (uid) index_param failed (18)
Jan 14 19:01:46 srv slapd[2419]: conn=1 op=3 SEARCH RESULT tag=101 err=0 nentries=0 text=
ezt nem ertem...
(ugye az egesz onnan indul, hogy a samba nem latja a unixos groupokat es
igy nem tud csinalni groupmap-et)
ii libnss-ldap 251-7.5etch1 NSS module for using LDAP as a naming service
telepitve van...
- A hozzászóláshoz be kell jelentkezni
tehát a libpam-ldap installálása oké, csak a libnss-ldap-pal van a baj
nálam az nsswitch.conf host 127.0.0.1 sora helyett ilyen van
uri ldaps://gepnev:636/
nyilván neked nem kell ldapS és nem 636 hanem mittomén, fe hátha így jó lesz
- A hozzászóláshoz be kell jelentkezni
nem a pam_ldap.conf -ban?
ott kicsereltem a host 127.0.0.1 -et
erre uri ldap://127.0.0.1:389/
de nincs siker... :(
nem blokkolhatja valami? (iptables nem fut...)
host fajlok?
- A hozzászóláshoz be kell jelentkezni
az /etc/ldap.secret root.root 400 jogosultságú, és plaintextben tárolja a cn=admin jelszavát? ha slapd logjában nincs csatlakozási kísérlet, az azt jelenti hogy nss_ldap oldalon van a para. esetleg próbálkozz még ldapi -val, ne tcp-n.
ldap.conf -ban ha állítasz be debugot az sem ír semmit?
illetve, nsswitch.conf: nálam "files ldap" van működő konfigban, és nem "compat ldap".
[szerk: most nézem hogy a pam_ldap.conf -ból idéztél. az /etc/ldap.conf -ban is hasonlóknak kell lenniük; a pam_ldap-nak nincs köze a getenthez.
példák itt]
- A hozzászóláshoz be kell jelentkezni
kossz az otleteket vegul is sikerult megoldani. ez hianyzott:
/etc/libnss-ldap.conf:
host 127.0.0.1
base dc=test,dc=foo,dc=hu
ldap_version 3
rootbinddn cn=admin,dc=test,dc=foo,dc=hu
ez volt benne host ldapi://127.0.0.1/ ezt csereltem ki siman host 127.0.0.1 -re...
es mar latja a getent a csoportokat -> latja a samba is... boldogsag van.
kosz megegyszer a segitseget.
- A hozzászóláshoz be kell jelentkezni
Hi
Nekem is a fentihez hasonlo problemam van, nekem getent hozza szepen az LDAP ban levo usereket es csoportokat is.
Viszont csak akkor ha az /etc/libnss-ldap.conf ban ez van :
host 127.0.0.1
ldap_version 3
rootbinddn cn=admin,dc=sask
bind_policy soft
pam_password md5
nss_base_passwd ou=people,dc=sask?one
nss_base_shadow ou=people,dc=sask?one
nss_base_group ou=group,dc=sask?one
etc/ldap/ldap.conf ben ez van :
host localhost
base dc=sask
binddn cn=admin,dc=sask
bindpw be
bind_policy soft
pam_password exop
timelimit 15
nss_base_passwd ou=people,dc=sask?sub
nss_base_shadow ou=people,dc=sask?sub
nss_base_group ou=group,dc=sask?one
Leirasban ami alapjan csinaltam : http://edin.no-ip.com/content/ldap-samba-pdc-pamnss-debian-lenny-howto ott a nss_base_passwd nal ugyirjak hogy NEM KELL ele a ou=people, de ha ugy csinaltam akkor getent nem irta LDAP ban levo bejegyzeseket, es ugy az LDAP ban levo userekkel nem is engedett belepni linuxba sem.
Viszont fenti beallitassal meg nem engedi belepni klienst samba domainbe, samba logban ez van :
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w notebook27$' gave 9
Mindezek mellett az LDAP ban computers alatt ottvan a notebook27 szoval felveszi, de megisem jo valami, parancssorbol futtatom ezt a parancsot akkor hiba nelkul lefut.
Kliensen root userrel siman fel tudok csatolni samba megosztast.
megneztem hogy Ldap ban a root uid je 0 :
smbldap-usershow root
dn: uid=root,ou=people,dc=sask
cn: root
sn: root
objectClass: top,person,organizationalPerson,inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount
gidNumber: 0
uid: root
uidNumber: 0
homeDirectory: /home/root
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomeDrive: H:
sambaPrimaryGroupSID: S-1-5-21-3845877744-1762469679-394366858-512
sambaSID: S-1-5-21-3845877744-1762469679-394366858-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaLMPassword: E72E9B582DC4EFF3AAD3B435B51404EE
sambaAcctFlags: [U]
sambaNTPassword: 1D232BB1AF5A65D6FF47DC72BB16E654
sambaPwdLastSet: 1252917869
sambaPwdMustChange: 1284453869
userPassword: {MD5}kQlVqQfnObgeyIVXYxCKKQ==
shadowLastChange: 14501
shadowMax: 365
Mit kene allitanom ? es hol ? :(
slapd log gep felvitelekor :
ep 16 10:42:57 saskpdc slapd[2238]: conn=0 op=18 UNBIND
Sep 16 10:42:57 saskpdc slapd[2238]: conn=0 fd=14 closed
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 fd=14 ACCEPT from IP=127.0.0.1:39324 (IP=0.0.0.0:389)
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=0 RESULT tag=97 err=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=1 SRCH attr=supportedControl
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=2 SRCH base="sambaDomainName=sask,sambaDomainName=SASK,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=sask))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=2 SEARCH RESULT tag=101 err=32 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=3 SRCH base="dc=sask" scope=2 deref=0 filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=3 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=4 SRCH base="sambaDomainName=SASK,dc=sask" scope=0 deref=0 filter="(objectClass=*)"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=4 SRCH attr=sambaPwdHistoryLength
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=5 SRCH base="sambaDomainName=SASK,dc=sask" scope=0 deref=0 filter="(objectClass=*)"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=5 SRCH attr=sambaMaxPwdAge
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=5 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=6 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=6 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=6 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=7 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=7 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=7 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=8 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-544))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=8 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=8 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=9 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=9 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=9 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=10 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-500)(sambaSIDList=s-1-22-2-0)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-11)(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-512)(sambaSIDList=s-1-22-2-512)))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=10 SRCH attr=sambaSID
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=10 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=11 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-500)(sambaSIDList=s-1-22-2-0)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-11)(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-512)(sambaSIDList=s-1-22-2-512)))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=11 SRCH attr=sambaSID
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=11 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=12 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-1-0))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=12 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=12 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=13 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-2))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=13 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=13 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=14 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-11))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=14 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=14 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=15 SRCH base="dc=sask" scope=2 deref=0 filter="(&(sambaSID=s-1-5-21-3845877744-1762469679-394366858-512)(objectClass=sambaSamAccount))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=15 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=15 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=16 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-21-3845877744-1762469679-394366858-512))"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=16 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=16 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=17 SRCH base="sambaDomainName=SASK,dc=sask" scope=0 deref=0 filter="(objectClass=*)"
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=17 SRCH attr=sambaRefuseMachinePwdChange
Sep 16 10:42:57 saskpdc slapd[2238]: conn=15 op=17 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=15 fd=14 closed (connection lost)
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 fd=14 ACCEPT from IP=127.0.0.1:39325 (IP=0.0.0.0:389)
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=0 RESULT tag=97 err=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=1 SRCH attr=supportedControl
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=2 SRCH base="sambaDomainName=sask,sambaDomainName=SASK,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=sask))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=2 SEARCH RESULT tag=101 err=32 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=3 SRCH base="dc=sask" scope=2 deref=0 filter="(&(uid=root)(objectClass=sambaSamAccount))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=3 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=4 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=4 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=5 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=5 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=5 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=6 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-544))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=6 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=6 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=7 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-32-545))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=7 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=7 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=8 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-500)(sambaSIDList=s-1-22-2-0)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-11)(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-512)(sambaSIDList=s-1-22-2-512)))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=8 SRCH attr=sambaSID
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=8 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=9 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-500)(sambaSIDList=s-1-22-2-0)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-11)(sambaSIDList=s-1-5-21-3845877744-1762469679-394366858-512)(sambaSIDList=s-1-22-2-512)))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=9 SRCH attr=sambaSID
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=9 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=10 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-1-0))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=10 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=10 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=11 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-2))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=11 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=11 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=12 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-11))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=12 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=12 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=13 SRCH base="dc=sask" scope=2 deref=0 filter="(&(sambaSID=s-1-5-21-3845877744-1762469679-394366858-512)(objectClass=sambaSamAccount))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=13 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=13 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=14 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-21-3845877744-1762469679-394366858-512))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=14 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=14 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=15 SRCH base="dc=sask" scope=2 deref=0 filter="(&(uid=notebook27$)(objectClass=sambaSamAccount))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=15 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=15 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=16 SRCH base="ou=group,dc=sask" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(|(displayName=notebook27$)(cn=notebook27$)))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=16 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=16 op=16 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 fd=29 ACCEPT from IP=127.0.0.1:39326 (IP=0.0.0.0:389)
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=0 RESULT tag=97 err=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=1 SRCH base="ou=people,dc=sask" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=notebook27$))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=2 SRCH base="ou=people,dc=sask" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=notebook27$))"
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Sep 16 10:42:58 saskpdc slapd[2238]: conn=17 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 fd=30 ACCEPT from IP=127.0.0.1:39327 (IP=0.0.0.0:389)
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=0 RESULT tag=97 err=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=17 fd=29 closed (connection lost)
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=1 SRCH base="dc=sask" scope=2 deref=2 filter="(&(objectClass=posixAccount)(uid=notebook27$))"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=2 SRCH base="sambaDomainName=SASK,dc=sask" scope=0 deref=2 filter="(objectClass=sambaUnixIdPool)"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=3 MOD dn="sambaDomainName=SASK,dc=sask"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=3 MOD attr=uidNumber
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=3 RESULT tag=103 err=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=4 SRCH base="dc=sask" scope=2 deref=2 filter="(uidNumber=1008)"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 fd=29 ACCEPT from IP=127.0.0.1:39328 (IP=0.0.0.0:389)
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=0 RESULT tag=97 err=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=1 SRCH base="ou=people,dc=sask" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uidNumber=1008))"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=5 ADD dn="uid=notebook27$,ou=computer,dc=sask"
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=5 RESULT tag=105 err=0 text=
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 op=6 UNBIND
Sep 16 10:43:00 saskpdc slapd[2238]: conn=18 fd=30 closed
Sep 16 10:43:00 saskpdc slapd[2238]: connection_read(30): no connection!
Sep 16 10:43:00 saskpdc slapd[2238]: conn=19 fd=29 closed (connection lost)
Sep 16 10:43:00 saskpdc slapd[2238]: conn=16 fd=14 closed (connection lost)
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 fd=14 ACCEPT from IP=127.0.0.1:44156 (IP=0.0.0.0:389)
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=0 BIND dn="cn=admin,dc=sask" method=128
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=0 BIND dn="cn=admin,dc=sask" mech=SIMPLE ssf=0
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=0 RESULT tag=97 err=0 text=
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=1 SRCH base="dc=sask" scope=2 deref=2 filter="(&(objectClass=posixAccount)(uid=root))"
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 op=2 UNBIND
Sep 16 10:45:37 saskpdc slapd[2238]: conn=20 fd=14 closed
- A hozzászóláshoz be kell jelentkezni
megoldottam :
http://edin.no-ip.com/content/ldap-samba-pdc-pamnss-debian-lenny-howto
Ez a leiras ROSSZ !
az ldap.conf ba nemkellenek azok az nss bejegyzesek amiket irt, nevezetesen :
nss_base_passwd ou=people,dc=sask?one
nss_base_shadow ou=people,dc=sask?one
nss_base_group ou=group,dc=sask?one
valamint libnss.conf ba sem kellenek :
nss_base_passwd ou=people,dc=sask?sub
nss_base_shadow ou=people,dc=sask?sub
nss_base_group ou=group,dc=sask?one
Ezekutan megy samba domainbe leptetes
linux auth megsem megy :(
- A hozzászóláshoz be kell jelentkezni