• Willkommen im Linux Club - dem deutschsprachigen Supportforum für GNU/Linux. Registriere dich kostenlos, um alle Inhalte zu sehen und Fragen zu stellen.

samba dead wenn ldap Eintrag vorhanden ist

R

rprengel

Hallo,

ich habe heute einen 10.0 Printserver mit Cups und Samba von 10.0 auf 10.2 ubgedatet. Neben diverssen anderen Nickeligkeiten ahbe ich im Moment folgendes Problem:

Samba startet nicht mehr wenn die Zeile
ldap admin dn = cn=system,dc=firma,dc=com
eingetragen ist.
Die Konfiguration hat unter 10.0 gestern noch einwandfrei funktioniert.
Hat jemand dazu einen Tip?
Durch systematische Tests habe ich genau diese Zeile als Ursache ausfindig machen können.

Danke für Tips

[global]
unix charset = LOCALE
workgroup = Tfirma
server string = %h server (Samba %v)
map to guest = Bad User
passdb backend = ldapsam:ldap://kenobi.top-lamp.com
enable privileges = Yes
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
os level = 2

show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = Z:
logon home = \\%L\%U\.9xprofile
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap admin dn = cn=system,dc=firma,dc=com
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=machines
ldap suffix = dc=top-lamp,dc=com
ldap user suffix = ou=people

idmap backend = ldap:ldap://system.firma.com
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = ich
hosts allow = 192.168.3.
map acl inherit = Yes
include = /etc/samba/dhcp.conf
 
OP
R

rprengel

rprengel schrieb:
Hallo,

ich habe heute einen 10.0 Printserver mit Cups und Samba von 10.0 auf 10.2 ubgedatet. Neben diverssen anderen Nickeligkeiten ahbe ich im Moment folgendes Problem:

Samba startet nicht mehr wenn die Zeile
ldap admin dn = cn=system,dc=firma,dc=com
eingetragen ist.
Die Konfiguration hat unter 10.0 gestern noch einwandfrei funktioniert.
Hat jemand dazu einen Tip?
Durch systematische Tests habe ich genau diese Zeile als Ursache ausfindig machen können.

Danke für Tips

[global]
unix charset = LOCALE
workgroup = Tfirma
server string = %h server (Samba %v)
map to guest = Bad User
passdb backend = ldapsam:ldap://kenobi.top-lamp.com
enable privileges = Yes
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
os level = 2

show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = Z:
logon home = \\%L\%U\.9xprofile
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap admin dn = cn=system,dc=firma,dc=com
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=machines
ldap suffix = dc=top-lamp,dc=com
ldap user suffix = ou=people

idmap backend = ldap:ldap://system.firma.com
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = ich
hosts allow = 192.168.3.
map acl inherit = Yes
include = /etc/samba/dhcp.conf
Zum Vergrößern anklicken....


gerade noch gefunden

dooku:/var/log/samba # smbd -d2 -i
smbd version 3.0.23d-19.7-1354-SUSE-SL10.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
uid=0 gid=0 euid=0 egid=0
WARNING: The "printer admin" option is deprecated
Processing section "[printers]"
Processing section "[print$]"
Processing section "[n051-99]"
Processing section "[netlogon]"
added interface ip=192.168.3.164 bcast=192.168.3.255 nmask=255.255.255.0
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=firma))]
smbldap_open_connection: connection opened
init_sam_from_ldap: Entry found for user: root
init_services_keys: key lookup failed! (WERR_ACCESS_DENIED)
ERROR: failed to setup guest info.
dooku:/var/log/samba # smbd -d2 -i
 
OP
R

rprengel

rprengel schrieb:
rprengel schrieb:
Hallo,

ich habe heute einen 10.0 Printserver mit Cups und Samba von 10.0 auf 10.2 ubgedatet. Neben diverssen anderen Nickeligkeiten ahbe ich im Moment folgendes Problem:

Samba startet nicht mehr wenn die Zeile
ldap admin dn = cn=system,dc=firma,dc=com
eingetragen ist.
Die Konfiguration hat unter 10.0 gestern noch einwandfrei funktioniert.
Hat jemand dazu einen Tip?
Durch systematische Tests habe ich genau diese Zeile als Ursache ausfindig machen können.

Danke für Tips

[global]


unix charset = LOCALE
workgroup = Tfirma
server string = %h server (Samba %v)
map to guest = Bad User
passdb backend = ldapsam:ldap://kenobi.top-lamp.com
enable privileges = Yes
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
os level = 2

show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = Z:
logon home = \\%L\%U\.9xprofile
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap admin dn = cn=system,dc=firma,dc=com
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=machines
ldap suffix = dc=top-lamp,dc=com
ldap user suffix = ou=people

idmap backend = ldap:ldap://system.firma.com
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = ich
hosts allow = 192.168.3.
map acl inherit = Yes
include = /etc/samba/dhcp.conf
Zum Vergrößern anklicken....


gerade noch gefunden

dooku:/var/log/samba # smbd -d2 -i
smbd version 3.0.23d-19.7-1354-SUSE-SL10.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
uid=0 gid=0 euid=0 egid=0
WARNING: The "printer admin" option is deprecated
Processing section "[printers]"
Processing section "[print$]"
Processing section "[n051-99]"
Processing section "[netlogon]"
added interface ip=192.168.3.164 bcast=192.168.3.255 nmask=255.255.255.0
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=firma))]
smbldap_open_connection: connection opened
init_sam_from_ldap: Entry found for user: root
init_services_keys: key lookup failed! (WERR_ACCESS_DENIED)
ERROR: failed to setup guest info.
dooku:/var/log/samba # smbd -d2 -i
Zum Vergrößern anklicken....


Eine Erklärung aber wie werde ich das Problem los?
http://www.trojahn.de/no_cache/de/aktuelles.html?tx_eeblog%5Bpointer%5D=0&tx_eeblog%5BshowUid%5D=31
 
Du musst dich einloggen oder registrieren, um hier zu antworten.
Oben