Hallo Forum
ICh hab ein kleines Problem auf dem BDC wo ich nicht ganz verstehe.
pdb_get_group_sid: Failed to find Unix account for test
pdbedit -Lv test
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=server))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=server))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
init_sam_from_ldap: Entry found for user: test
Unix username: test
NT username: test
Account Flags: [U ]
User SID: S-1-5-21-3991578539-3149662252-1894531253-21424
pdb_get_group_sid: Failed to find Unix account for test
Primary Group SID: (NULL SID)
Full Name: test
Home Directory:
HomeDir Drive: H:
Logon Script: logon.bat
Profile Path: \\ldapslave\profiles\.msprofile
Domain: server
Account desc: test
Workstations:
Munged dial:
Logon time: 0
Logoff time: Di, 19 Jan 2038 04:14:07 CET
Kickoff time: Di, 19 Jan 2038 04:14:07 CET
Password last set: Mi, 03 Okt 2007 13:08:35 CEST
Password can change: 0
Password must change: Di, 19 Jan 2038 04:14:07 CET
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
und auf dem PDC Funktioniert es, da kommt kein Fehler
auf dem BDC kann ich den user finden mit ldapsearch -x -h localhost uid=test
ldapsearch -x -h localhost uid=test
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: uid=test
# requesting: ALL
#
# test, users, server.intern
dn: uid=test,ou=users,dc=server,dc=intern
objectClass: sambaSamAccount
objectClass: shadowAccount
objectClass: posixAccount
objectClass: inetOrgPerson
sambaDomainName: server
sambaHomeDrive: H:
sambaPrimaryGroupSID: S-1-5-21-3991578539-3149662252-1894531253-513
sambaAcctFlags: [U ]
displayName: test
sambaLMPassword: 624AAC413795CDC1AAD3B435B51404EE
sambaNTPassword: C5A237B7E9D8E708D8436B6148A25FA1
sambaSID: S-1-5-21-3991578539-3149662252-1894531253-21424
shadowWarning: 10
shadowInactive: 10
shadowMin: 1
shadowMax: 365
shadowExpire: 14609
shadowLastChange: 13787
homeDirectory: /home/test
loginShell: /bin/false
gidNumber: 10000
uid: test
cn: test tester
uidNumber: 10212
title:
employeeType:
description: test
sn: tester
givenName: test
sambaPwdLastSet: 1191409715
sambaBadPasswordCount: 0
sambaBadPasswordTime: 0
Den BDC hab ich mit smbpasswd -w mit dem LDAP bekannt gemacht., die SAMBA SID ist auch die gleiche wie auf dem PDC.
BDC smb.conf
testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[profiles]"
Processing section "[users]"
Processing section "[groups]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[netlogon]"
Processing section "[startpage]"
Loaded services file OK.
Server role: ROLE_DOMAIN_BDC
Press enter to see a dump of your service definitions
[global]
workgroup = server
server string = Samba
map to guest = Bad User
passdb backend = ldapsam:ldap://ldapslave.server.intern
log level = 3
log file = /var/log/samba/%U.log
debug uid = Yes
smb ports = 139
deadtime = 120
printcap name = /etc/printcap
logon script = logon.bat
logon path = \\%L\profiles\.msprofile
logon drive = H:
logon home =
domain logons = Yes
os level = 65
domain master = No
ldap admin dn = cn=manager,dc=server,dc=intern
ldap group suffix = ou=groups
ldap machine suffix = ou=hosts
ldap passwd sync = Yes
ldap suffix = dc=server,dc=intern
ldap ssl = no
ldap user suffix = ou=users
usershare allow guests = Yes
cups options = raw
[homes]
comment = Home Directories
path = /mnt
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No
[profiles]
comment = Network Profiles Service
path = %H
read only = No
acl check permissions = No
create mask = 0600
directory mask = 0700
profile acls = Yes
store dos attributes = Yes
oplocks = No
level2 oplocks = No
[users]
comment = All users
path = /mnt
read only = No
inherit acls = Yes
oplocks = No
level2 oplocks = No
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
Danke für euren Support
MFG flippa
ICh hab ein kleines Problem auf dem BDC wo ich nicht ganz verstehe.
pdb_get_group_sid: Failed to find Unix account for test
pdbedit -Lv test
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=server))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=server))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
init_sam_from_ldap: Entry found for user: test
Unix username: test
NT username: test
Account Flags: [U ]
User SID: S-1-5-21-3991578539-3149662252-1894531253-21424
pdb_get_group_sid: Failed to find Unix account for test
Primary Group SID: (NULL SID)
Full Name: test
Home Directory:
HomeDir Drive: H:
Logon Script: logon.bat
Profile Path: \\ldapslave\profiles\.msprofile
Domain: server
Account desc: test
Workstations:
Munged dial:
Logon time: 0
Logoff time: Di, 19 Jan 2038 04:14:07 CET
Kickoff time: Di, 19 Jan 2038 04:14:07 CET
Password last set: Mi, 03 Okt 2007 13:08:35 CEST
Password can change: 0
Password must change: Di, 19 Jan 2038 04:14:07 CET
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
und auf dem PDC Funktioniert es, da kommt kein Fehler
auf dem BDC kann ich den user finden mit ldapsearch -x -h localhost uid=test
ldapsearch -x -h localhost uid=test
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: uid=test
# requesting: ALL
#
# test, users, server.intern
dn: uid=test,ou=users,dc=server,dc=intern
objectClass: sambaSamAccount
objectClass: shadowAccount
objectClass: posixAccount
objectClass: inetOrgPerson
sambaDomainName: server
sambaHomeDrive: H:
sambaPrimaryGroupSID: S-1-5-21-3991578539-3149662252-1894531253-513
sambaAcctFlags: [U ]
displayName: test
sambaLMPassword: 624AAC413795CDC1AAD3B435B51404EE
sambaNTPassword: C5A237B7E9D8E708D8436B6148A25FA1
sambaSID: S-1-5-21-3991578539-3149662252-1894531253-21424
shadowWarning: 10
shadowInactive: 10
shadowMin: 1
shadowMax: 365
shadowExpire: 14609
shadowLastChange: 13787
homeDirectory: /home/test
loginShell: /bin/false
gidNumber: 10000
uid: test
cn: test tester
uidNumber: 10212
title:
employeeType:
description: test
sn: tester
givenName: test
sambaPwdLastSet: 1191409715
sambaBadPasswordCount: 0
sambaBadPasswordTime: 0
Den BDC hab ich mit smbpasswd -w mit dem LDAP bekannt gemacht., die SAMBA SID ist auch die gleiche wie auf dem PDC.
BDC smb.conf
testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[profiles]"
Processing section "[users]"
Processing section "[groups]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[netlogon]"
Processing section "[startpage]"
Loaded services file OK.
Server role: ROLE_DOMAIN_BDC
Press enter to see a dump of your service definitions
[global]
workgroup = server
server string = Samba
map to guest = Bad User
passdb backend = ldapsam:ldap://ldapslave.server.intern
log level = 3
log file = /var/log/samba/%U.log
debug uid = Yes
smb ports = 139
deadtime = 120
printcap name = /etc/printcap
logon script = logon.bat
logon path = \\%L\profiles\.msprofile
logon drive = H:
logon home =
domain logons = Yes
os level = 65
domain master = No
ldap admin dn = cn=manager,dc=server,dc=intern
ldap group suffix = ou=groups
ldap machine suffix = ou=hosts
ldap passwd sync = Yes
ldap suffix = dc=server,dc=intern
ldap ssl = no
ldap user suffix = ou=users
usershare allow guests = Yes
cups options = raw
[homes]
comment = Home Directories
path = /mnt
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No
[profiles]
comment = Network Profiles Service
path = %H
read only = No
acl check permissions = No
create mask = 0600
directory mask = 0700
profile acls = Yes
store dos attributes = Yes
oplocks = No
level2 oplocks = No
[users]
comment = All users
path = /mnt
read only = No
inherit acls = Yes
oplocks = No
level2 oplocks = No
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
Danke für euren Support
MFG flippa