[SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Проблемы установки, настройки и работы Правильной Операционной Системы

Модератор: terminus

Правила форума
Убедительная просьба юзать теги [cоde] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

[SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 15:24:36

Сил моих больше нет... помогите пожалуйста пока я не выкинулся с окна серверной...

пускает полазить по шарам, в домен не заводит, а если и заводит с 10 попытки пишет
"интерактивный вход на данном компьютере запрещен локальной политикой"

в общем вот такая каша

ОБНОВИЛ КОФЕЙНУЮ ГУЩЮ!!!(тоесть все логи ниже)

debug.conf

Код: Выделить всё

Nov 13 22:35:01 office cron[15880]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 13 22:35:01 office cron[15880]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 13 22:35:01 office cron[15880]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 13 22:35:01 office cron[15880]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 13 22:35:34 office slapd[15207]: conn=47 fd=10 ACCEPT from IP=127.0.0.1:56966 (IP=127.0.0.1:389)
Nov 13 22:35:34 office slapd[15207]: conn=47 op=0 BIND dn="cn=root,dc=prodix,dc=spb,dc=ru" method=128
Nov 13 22:35:34 office slapd[15207]: conn=47 op=0 BIND dn="cn=root,dc=prodix,dc=spb,dc=ru" mech=SIMPLE ssf=0
Nov 13 22:35:34 office slapd[15207]: conn=47 op=0 RESULT tag=97 err=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=1 SRCH attr=supportedControl
Nov 13 22:35:34 office slapd[15207]: conn=47 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=2 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=2 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Nov 13 22:35:34 office slapd[15207]: conn=47 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=3 SRCH base="sambaDomainName=PRODIX,dc=prodix,dc=spb,dc=ru" scope=0 deref=0 filter="(objectClass=*)"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=3 SRCH attr=sambaPwdHistoryLength
Nov 13 22:35:34 office slapd[15207]: conn=47 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=4 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-2334200569-3155982173-1663192860-501)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-32-546)))"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=4 SRCH attr=sambaSID
Nov 13 22:35:34 office slapd[15207]: conn=47 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=5 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(|(objectClass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=s-1-5-21-2334200569-3155982173-1663192860-501)(sambaSIDList=s-1-1-0)(sambaSIDList=s-1-5-2)(sambaSIDList=s-1-5-32-546)))"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=5 SRCH attr=sambaSID
Nov 13 22:35:34 office slapd[15207]: conn=47 op=5 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=6 SRCH base="dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(uid=root)(objectClass=sambaSamAccount))"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=6 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber
Nov 13 22:35:34 office slapd[15207]: conn=47 op=6 SEARCH RESULT tag=101 err=0 nentries=1 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=7 SRCH base="sambaDomainName=PRODIX,dc=prodix,dc=spb,dc=ru" scope=0 deref=0 filter="(objectClass=*)"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=7 SRCH attr=sambaMaxPwdAge
Nov 13 22:35:34 office slapd[15207]: conn=47 op=7 SEARCH RESULT tag=101 err=0 nentries=1 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 op=8 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))"
Nov 13 22:35:34 office slapd[15207]: conn=47 op=8 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Nov 13 22:35:34 office slapd[15207]: conn=47 op=8 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 13 22:35:34 office slapd[15207]: conn=47 fd=10 closed (connection lost)
p.s. Новые данные для кофейной гущи :)

log.winbindd-idmap

Код: Выделить всё

[2008/11/13 22:15:48, 1] nsswitch/idmap.c:idmap_init(377)
  Initializing idmap domains
[2008/11/13 22:15:48, 0] nsswitch/idmap.c:idmap_init(388)
  idmap_init: Ignoring domain PRODIX
log.winbindd

Код: Выделить всё

[2008/11/13 22:15:16, 1] nsswitch/winbindd.c:main(1013)
  winbindd version 3.0.32 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/11/13 22:15:16, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache(2230)
  initialize_winbindd_cache: clearing cache and re-creating with version number 1
[2008/11/13 22:15:19, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine PRODIX pipe \lsarpc fnum 0x7740!
log.wb-PRODIX

Код: Выделить всё

[2008/11/13 22:15:19, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
  cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from remote machine PRODIX pipe \lsarpc fnum 0x7732!
log.smbd

Код: Выделить всё

[2008/11/13 22:15:16, 0] smbd/server.c:main(944)
  smbd version 3.0.32 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/11/13 22:15:16, 1] smbd/files.c:file_init(193)
  file_init: Information only: requested 10000 open files, 7129 are available.
log.nmbd

Код: Выделить всё

[2008/11/13 22:15:16, 0] nmbd/nmbd.c:main(723)
  Netbios nameserver version 3.0.32 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/11/13 22:15:16, 0] nmbd/asyncdns.c:start_async_dns(151)
  started asyncdns process 15767
[2008/11/13 22:15:16, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 192.168.0.6 rejected our name registration of PRODIX<00> IP 192.168.0.1 with error code 6.
[2008/11/13 22:15:16, 0] nmbd/nmbd_mynames.c:my_name_register_failed(36)
  my_name_register_failed: Failed to register my name PRODIX<00> on subnet 192.168.0.1.
[2008/11/13 22:15:16, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(304)
  standard_fail_register: Failed to register/refresh name PRODIX<00> on subnet 192.168.0.1
[2008/11/13 22:15:16, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
  add_domain_logon_names:
  Attempting to become logon server for workgroup PRODIX on subnet 192.168.0.1
[2008/11/13 22:15:16, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
  add_domain_logon_names:
  Attempting to become logon server for workgroup PRODIX on subnet UNICAST_SUBNET
[2008/11/13 22:15:16, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(335)
  become_domain_master_browser_wins:
  Attempting to become domain master browser on workgroup PRODIX, subnet UNICAST_SUBNET.
[2008/11/13 22:15:16, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(349)
  become_domain_master_browser_wins: querying WINS server from IP 192.168.0.1 for domain master browser name PRODIX<1b> on workgroup PRODIX
[2008/11/13 22:15:16, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: WINS server at IP 192.168.0.1 rejected our name registration of PRODIX<00> IP 192.168.0.1 with error code 5.
[2008/11/13 22:15:16, 0] nmbd/nmbd_workgroupdb.c:fail_register(226)
  fail_register: Failed to register name PRODIX<00> on subnet UNICAST_SUBNET.
[2008/11/13 22:15:16, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(304)
  standard_fail_register: Failed to register/refresh name PRODIX<00> on subnet UNICAST_SUBNET
[2008/11/13 22:15:16, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
  become_logon_server_success: Samba is now a logon server for workgroup PRODIX on subnet UNICAST_SUBNET
[2008/11/13 22:15:16, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
  *****
  
  Samba server PRODIX is now a domain master browser for workgroup PRODIX on subnet UNICAST_SUBNET
  
  *****
[2008/11/13 22:15:16, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
  become_domain_master_browser_bcast:
  Attempting to become domain master browser on workgroup PRODIX on subnet 192.168.0.1
[2008/11/13 22:15:16, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
  become_domain_master_browser_bcast: querying subnet 192.168.0.1 for domain master browser on workgroup PRODIX
[2008/11/13 22:15:21, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
  become_logon_server_success: Samba is now a logon server for workgroup PRODIX on subnet 192.168.0.1
[2008/11/13 22:15:25, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
  *****
  
  Samba server PRODIX is now a domain master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/13 22:15:40, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
  *****
  
  Samba name server PRODIX is now a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/13 22:17:43, 0] nmbd/nmbd_incomingdgrams.c:process_local_master_announce(309)
  process_local_master_announce: Server BUHPRODIX at IP 192.168.9.251 is announcing itself as a local master browser for workgroup PRODIX and we think we are master. Forcing election.
[2008/11/13 22:17:43, 0] nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
  *****
  
  Samba name server PRODIX has stopped being a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/13 22:18:00, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
  *****
  
  Samba name server PRODIX is now a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/13 22:29:43, 0] nmbd/nmbd_incomingdgrams.c:process_local_master_announce(309)
  process_local_master_announce: Server BUHPRODIX at IP 192.168.9.251 is announcing itself as a local master browser for workgroup PRODIX and we think we are master. Forcing election.
[2008/11/13 22:29:43, 0] nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
  *****
  
  Samba name server PRODIX has stopped being a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/13 22:30:00, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
  *****
  
  Samba name server PRODIX is now a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
slapd.conf

Код: Выделить всё

include		/usr/local/etc/openldap/schema/core.schema
include		/usr/local/etc/openldap/schema/cosine.schema
include		/usr/local/etc/openldap/schema/inetorgperson.schema
include		/usr/local/etc/openldap/schema/misc.schema
include		/usr/local/etc/openldap/schema/nis.schema
include		/usr/local/etc/openldap/schema/openldap.schema
include		/usr/local/etc/openldap/schema/samba.schema

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

# Load dynamic backend modules:

modulepath	/usr/local/libexec/openldap
moduleload	back_ldbm

access to attrs=userPassword
	by self write
	by anonymous auth
	by * none

access to *
	by self write
	by anonymous read
	by * none

#######################################################################
# BDB database definitions
#######################################################################

database	ldbm
suffix		"dc=prodix,dc=spb,dc=ru"
rootdn		"cn=root,dc=prodix,dc=spb,dc=ru"
#
# РБТПМШ ОБ ТХФБ НПЦОП УЗЕОЕТЙТПЧБФШ У РПНПЭША slappasswd
#
rootpw		*****************************

directory	/var/db/openldap-data

index	objectClass	eq
index	cn		eq
nss_ldap.conf

Код: Выделить всё

host 127.0.0.1

base dc=prodix,dc=spb,dc=ru

uri ldap://office.prodix/

ldap_version 3

port 389

scope one

timelimit 30

bind_timelimit 10

bind_policy soft

nss_connect_policy persist

idle_timelimit 3600

nss_paged_results yes

pagesize 1000

nss_base_passwd		ou=users,dc=prodix,dc=spb,dc=ru?one
nss_base_group		ou=groups,dc=prodix,dc=spb,dc=ru?one
nss_base_passwd		ou=computers,dc=prodix,dc=spb,dc=ru?one
nss_base_shadow		ou=users,dc=prodix,dc=spb,dc=ru?one
smb.conf

Код: Выделить всё

[global]

# ЙНС ДПНЕОБ
workgroup = PRODIX

#ЙНС ЛПНРБ У УБНВПК Ч УЕФЕЧПН ПЛТХЦЕОЙЙ
netbios name = PRODIX

# ФЙРБ ЛПНЕОФБТЙК УБНВБ УЕТЧЕТБ
server string = Domain Server for PRODIX
security = user
interfaces = 192.168.0.1/24
#hosts allow = 192.168.0. 192.168.9. 127.

load printers = no
log file = /var/log/samba/log.%m
max log size = 50
acl compatibility = win2k

encrypt passwords = yes
admin users = root
passdb backend = ldapsam:ldap://127.0.0.1/


# ЪДЕУШ ПРЙУЩЧБЕН МДБР
ldap suffix = dc=prodix,dc=spb,dc=ru
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap admin dn = "cn=root,dc=prodix,dc=spb,dc=ru"
ldap delete dn = no
ldap ssl = off
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = @
winbind use default domain = yes



# ДЕМБЕН PDC
socket options = TCP_NODELAY
local master = yes
os level = 65
domain master = yes 
preferred master = yes
domain logons = yes

# ЕУМЙ ИПЙЙФЕ АЪБФШ МПЗПО УЛТЙРФЩ, ФП ТБУЛПНЕОФБТЙЧБЕФЕ
;   logon script = %m.bat
;   logon script = %U.bat

# РХФШ Л РЕТЕНЕЭБЕНПНХ РТПЖЙМА
logon path = \\%L\profiles

# РХФШ Л ИПНСЛБН АЪЕТПЧ
logon home = \\%L\HOME
logon drive = H:


wins support = yes
dns proxy = yes


display charset = koi8-r
unix charset = koi8-r
dos charset = cp866
timeserver = yes

# УЛТЙРФЩ ДМС ДПВБЧМЕОЙС АЪЕТПЧ Й ЗТХРР (АЪБЕФУС Ч usermgr ПФ nt4)
add machine script = /usr/local/sbin/ldapaddmachine '%u' computers
add user script = /usr/local/sbin/ldapadduser '%u' users
add group script = /usr/local/sbin/ldapaddgroup '%g'
add user to group script = /usr/local/sbin/ldapaddusertogroup '%u' '%g'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
delete user from group script = /usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'


# ДЕМБЕН ЫБТХ ОБ ИПНСЛЙ
[HOME]
	comment = Home Directories
	path = /home/samba/homes/%U
	read only = no
	public = no
	writable = yes
	create mask = 0600
	browseable = no
	directory mask = 0700
	valid users = %S

# ДЕМБЕН ЫБТХ ОБ ОЕФМПЗПО (ДМС ЪБРХУЛБ УЛТЙРФПЧ)
[netlogon]
	comment = Network Logon Service
	path = /usr/local/etc/samba/netlogon
	guest ok = yes
	writable = no
	share modes = no
	browseable = no

# ДЕМБЕН ЫБТХ ОБ РЕТЕНЕЭБЕНЩЕ РТПЖЙМЙ
[profiles]
	create mask = 0777
	directory mask = 0700
	path = /home/samba/profiles/%u
	writeable = yes
	browseable = no
	map hidden = yes
	map system = yes
	locking = no
	csc policy = disable # ЬФБ УФТПЮЛБ ОЕПВИПДЙНБ ЮФПВЩ ПФЛМАЮЙФШ БЧФПОПНОПЕ ЛЕЫЙТПЧБОЙЕ

# РТПУФП ФБЛ :) ЮФПВЩ НПЦОП ВЩМП ОБ ФБЮЛХ ЪБИПДЙФШ
[IPC$]
	path = /tmp
	#hosts allow = 192.168.0.0/24 192.168.9.0/24 127.0.0.1
	#hosts deny = 0.0.0.0/0

[pub]
	comment = рБРЛБ ПВЭЕЗП РПМШЪПЧБОЙС
	path = /home/samba/pub
	create mode = 777
        directory mode = 777
        public = yes
        writable = yes
        printable = no
	browseable = yes

[pub_ftp]
        comment = рБРЛБ ПВЭЕЗП РПМШЪПЧБОЙС ДМС FTP
        path = /home/samba/pub_ftp
        create mode = 777
        directory mode = 777
        public = yes
        writable = yes
        printable = no
        browseable = yes
/etc/group

Код: Выделить всё

ntadmins:*:512:root
ntusers:*:513:
computers:*:515:
ntguests:*:514:
/etc/nsswitch.conf

Код: Выделить всё

passwd:     files ldap winbind
shadow:     files ldap winbind
group:      files ldap winbind
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   files ldap
publickey:  nisplus
automount:  files ldap
aliases:    files nisplus
$ net groupmap list

Код: Выделить всё

 
Domain Admins (S-1-5-21-2334200569-3155982173-1663192860-512) -> ntadmins
Domain Users (S-1-5-21-2334200569-3155982173-1663192860-513) -> ntusers
Domain Guests (S-1-5-21-2334200569-3155982173-1663192860-514) -> ntguests
Domain Computers (S-1-5-21-2334200569-3155982173-1663192860-515) -> computers
net rpc rights list root

Код: Выделить всё

Password:
SeMachineAccountPrivilege
SeAddUsersPrivilege
$ ldapsearch -LLL -x -b 'dc=prodix,dc=spb,dc=ru' '*'

Код: Выделить всё

dn: dc=prodix,dc=spb,dc=ru
objectClass: dcObject
objectClass: organization
objectClass: top
dc: prodix
o: prodix

dn: ou=users,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: organizationalUnit
ou: users

dn: ou=groups,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: organizationalUnit
ou: groups

dn: ou=computers,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: organizationalUnit
ou: computers

dn: uid=admin,ou=users,dc=prodix,dc=spb,dc=ru
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: admin
uid: admin
uidNumber: 10001
homeDirectory: /home/samba/homes/admin
loginShell: /usr/sbin/nologin
gecos: admin
description: User account
sambaKickoffTime: 2147483647
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-21002
sambaPwdMustChange: 0
sambaDomainName: PRODIX
sambaLMPassword: AA594EA9721DCCE81AA818381E4E281B
sambaNTPassword: 3D6D77C79FB6B965DFC45475C2A83CE7
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
 00000000
sambaPwdLastSet: 1226436552
sambaAcctFlags: [U          ]
sambaProfilePath: /home/samba/profiles/admin
gidNumber: 513
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-513

dn: sambaDomainName=PRODIX,dc=prodix,dc=spb,dc=ru
sambaAlgorithmicRidBase: 1000
sambaNextUserRid: 1000
sambaMinPwdLength: 5
sambaPwdHistoryLength: 0
sambaLogonToChgPwd: 0
sambaMaxPwdAge: -1
sambaMinPwdAge: 0
sambaLockoutDuration: 30
sambaLockoutObservationWindow: 30
sambaLockoutThreshold: 0
sambaForceLogoff: -1
sambaRefuseMachinePwdChange: 0
gidNumber: 30000
sambaDomainName: PRODIX
sambaSID: S-1-5-21-2334200569-3155982173-1663192860
sambaNextRid: 1000
uidNumber: 30000
objectClass: top
objectClass: sambaDomain
objectClass: sambaUnixIdPool

dn: uid=mrbg,ou=users,dc=prodix,dc=spb,dc=ru
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: mrbg
uid: mrbg
uidNumber: 10002
homeDirectory: /home/samba/homes/mrbg
loginShell: /usr/sbin/nologin
gecos: mrbg
description: User account
sambaKickoffTime: 2147483647
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-21004
sambaPwdMustChange: 0
sambaDomainName: PRODIX
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-513
sambaLMPassword: 35C8A7FB691EF5CDAAD3B435B51404EE
sambaNTPassword: 02271DE9195F1059A83D3537FA596BAB
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
 00000000
sambaPwdLastSet: 1226436542
sambaAcctFlags: [U          ]
gidNumber: 513

dn: uid=prodix$,ou=computers,dc=prodix,dc=spb,dc=ru
uid: prodix$
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-1002
displayName: computer_account
objectClass: sambaSamAccount
objectClass: account
sambaLMPassword: DAC0D4C2E1CA6695548CB5E8A251CF85
sambaNTPassword: F4716BA8C15BA4C70E77028BC766B9D2
sambaAcctFlags: [S          ]
description: server

dn: ou=Idmap,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: organizationalUnit
ou: Idmap

dn: uid=root,ou=Users,dc=prodix,dc=spb,dc=ru
cn: root
sn: root
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
uid: root
uidNumber: 0
homeDirectory: /home/samba/root
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaHomePath: \\PRODIX\root
sambaHomeDrive: H:
sambaProfilePath: \\PRODIX\profiles\root
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-512
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
 00000000
gidNumber: 512
sambaLMPassword: AA594EA9721DCCE81AA818381E4E281B
sambaAcctFlags: [U]
sambaNTPassword: 3D6D77C79FB6B965DFC45475C2A83CE7
sambaPwdLastSet: 1226591259
sambaPwdMustChange: 1230479259
shadowLastChange: 14196
shadowMax: 45

dn: uid=nobody,ou=Users,dc=prodix,dc=spb,dc=ru
cn: nobody
sn: nobody
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: shadowAccount
uid: nobody
uidNumber: 999
homeDirectory: /dev/null
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaHomePath: \\PRODIX\nobody
sambaHomeDrive: H:
sambaProfilePath: \\PRODIX\profiles\nobody
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaAcctFlags: [NUD        ]
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-2998
loginShell: /bin/false
gidNumber: 514
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-514

dn: cn=Domain Admins,ou=Groups,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: Domain Admins
memberUid: root
description: Netbios Domain Administrators
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-512
sambaGroupType: 2
displayName: Domain Admins

dn: cn=Domain Users,ou=Groups,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 513
cn: Domain Users
description: Netbios Domain Users
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-513
sambaGroupType: 2
displayName: Domain Users
memberUid: mrbg
memberUid: masik
memberUid: admin

dn: cn=Domain Guests,ou=Groups,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 514
cn: Domain Guests
description: Netbios Domain Guests Users
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-514
sambaGroupType: 2
displayName: Domain Guests
memberUid: nobody

dn: cn=Domain Computers,ou=Groups,dc=prodix,dc=spb,dc=ru
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 515
cn: Domain Computers
description: Netbios Domain Computers accounts
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-515
sambaGroupType: 2
displayName: Domain Computers

dn: uid=masik,ou=users,dc=prodix,dc=spb,dc=ru
objectClass: posixAccount
objectClass: top
objectClass: inetOrgPerson
objectClass: sambaSamAccount
sn: masik
displayName: masik
uid: masik
sambaKickoffTime: 2147483647
uidNumber: 22863
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-46726
sambaPwdMustChange: 0
sambaDomainName: PRODIX
cn: masik
homeDirectory: /home/samba/homes/masik
loginShell: /usr/sbin/nologin
sambaLMPassword: AA594EA9721DCCE81AA818381E4E281B
sambaNTPassword: 3D6D77C79FB6B965DFC45475C2A83CE7
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
 00000000
sambaPwdLastSet: 1226445662
sambaAcctFlags: [U          ]
gidNumber: 513
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-513

dn: uid=BILLPC$,ou=computers,dc=prodix,dc=spb,dc=ru
objectClass: sambaSamAccount
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
sambaAcctFlags: [W]
uidNumber: 43684
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-88368
loginShell: /bin/false
homeDirectory: /dev/null
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-132069
gidNumber: 65534
uid: BILLPC$
cn: BILLPC$
sambaDomainName: PRODIX
description: masik
sambaNTPassword: B6C5E8EED09CECD7F969808060E1E6D4

dn: sambaSID=S-1-5-32-544,ou=groups,dc=prodix,dc=spb,dc=ru
objectClass: sambaSidEntry
objectClass: sambaGroupMapping
sambaSID: S-1-5-32-544
sambaGroupType: 4
displayName: Administrators
gidNumber: 10768
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-512
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-500

dn: sambaSID=S-1-5-32-545,ou=groups,dc=prodix,dc=spb,dc=ru
objectClass: sambaSidEntry
objectClass: sambaGroupMapping
sambaSID: S-1-5-32-545
sambaGroupType: 4
displayName: Users
gidNumber: 10769
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-513
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-21002
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-46726
sambaSIDList: S-1-5-21-2334200569-3155982173-1663192860-21004

dn: uid=MRBG$,ou=computers,dc=prodix,dc=spb,dc=ru
objectClass: sambaSamAccount
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
sambaAcctFlags: [W]
uidNumber: 39220
sambaSID: S-1-5-21-2334200569-3155982173-1663192860-79440
loginShell: /bin/false
homeDirectory: /dev/null
sambaPrimaryGroupSID: S-1-5-21-2334200569-3155982173-1663192860-132069
gidNumber: 65534
uid: MRBG$
cn: MRBG$
sambaDomainName: PRODIX
description: Bogus
Делалось всё по статье - http://www.lissyara.su/?id=1487

Самба собрана с "LDAP, CUPS, WINBIND, QUOTAS, UTMP, POPT"
Лдап собран с "TCP_WRAPPERS, BDB, DYNAMIC_BACKENDS, SLURPD"

pkg_info

samba-3.0.32_1,1 A free SMB and CIFS client and server for UNIX
openldap-sasl-server-2.3.43 Open source LDAP server implementation

хелп :cry:
Последний раз редактировалось MASiK 2008-11-13 22:42:36, всего редактировалось 2 раза.
Самурай

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 15:33:22

ах да, при попытке ввести в домен пишет

Код: Выделить всё

[2008/11/12 15:28:11, 0] lib/util_sock.c:write_data(562)
  write_data: write failure in writing to client 192.168.0.6. Error Broken pipe
[2008/11/12 15:28:11, 0] lib/util_sock.c:send_smb(761)
  Error writing 4 bytes to client. -1. (Broken pipe)
[2008/11/12 15:28:11, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:11, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:11, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:11, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/12 15:28:12, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:12, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:12, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:12, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Warning : using command-line passwords, ldapscripts may not be safe
Error adding machine billpc$ to LDAP
[2008/11/12 15:28:13, 0] passdb/pdb_interface.c:pdb_default_create_user(329)
  _samr_create_user: Running the command `/usr/local/sbin/ldapaddmachine 'billpc$' computers' gave 1
[2008/11/12 15:28:21, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:21, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:21, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:21, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/12 15:28:23, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:23, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:23, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:23, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Warning : using command-line passwords, ldapscripts may not be safe
Error adding machine billpc$ to LDAP
[2008/11/12 15:28:23, 0] passdb/pdb_interface.c:pdb_default_create_user(329)
  _samr_create_user: Running the command `/usr/local/sbin/ldapaddmachine 'billpc$' computers' gave 1
[2008/11/12 15:28:54, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:54, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:54, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:54, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/12 15:28:55, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:55, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:28:55, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:28:55, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Warning : using command-line passwords, ldapscripts may not be safe
Error adding machine billpc$ to LDAP
[2008/11/12 15:28:56, 0] passdb/pdb_interface.c:pdb_default_create_user(329)
  _samr_create_user: Running the command `/usr/local/sbin/ldapaddmachine 'billpc$' computers' gave 1
[2008/11/12 15:30:20, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:30:20, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:30:20, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:30:20, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/12 15:30:21, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:30:21, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:30:21, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:30:21, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Warning : using command-line passwords, ldapscripts may not be safe
Error adding machine billpc$ to LDAP
[2008/11/12 15:30:22, 0] passdb/pdb_interface.c:pdb_default_create_user(329)
  _samr_create_user: Running the command `/usr/local/sbin/ldapaddmachine 'billpc$' computers' gave 1
[2008/11/12 15:31:15, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:31:15, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:31:15, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:31:15, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/12 15:31:16, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:31:16, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/12 15:31:16, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/12 15:31:16, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Warning : using command-line passwords, ldapscripts may not be safe
Error adding machine billpc$ to LDAP
[2008/11/12 15:31:17, 0] passdb/pdb_interface.c:pdb_default_create_user(329)
  _samr_create_user: Running the command `/usr/local/sbin/ldapaddmachine 'billpc$' computers' gave 1
Самурай

Yam
сержант
Сообщения: 226
Зарегистрирован: 2008-10-11 19:19:24
Откуда: 2:5093/41

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Yam » 2008-11-12 15:41:00

process_local_master_announce: Server TAURI at IP 192.168.9.223 is announcing itself as a local master browser for workgroup PRODIX and we think we are master. Forcing election.
[2008/11/12 14:51:02, 0] nmbd/nmbd_become_lmb.c:unbecome_local_master_success(149)
*****

Samba name server PRODIX has stopped being a local master browser for workgroup PRODIX on subnet 192.168.0.1

*****
[2008/11/12 14:51:19, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
*****

Samba name server PRODIX is now a local master browser for workgroup PRODIX on subnet 192.168.0.1

*****
Что из этого нужно на русский перевести? Вы случайно не пытаетесь в уже существующей сети с доменом PRODIX и адресацией 192.168.9.0/255.255.255.0 свой сервер поднять?

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 15:46:57

Yam писал(а): Что из этого нужно на русский перевести? Вы случайно не пытаетесь в уже существующей сети с доменом PRODIX и адресацией 192.168.9.0/255.255.255.0 свой сервер поднять?
нет, 192.168.0.1 это алиас, в сети на 192.168.9.91 весит домен вин2003 его имя SG.LOCAL...
Самурай

Yam
сержант
Сообщения: 226
Зарегистрирован: 2008-10-11 19:19:24
Откуда: 2:5093/41

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Yam » 2008-11-12 15:57:23

Код: Выделить всё

Server TAURI at IP 192.168.9.223 is announcing itself as a local master browser for workgroup PRODIX and we think we are master. Forcing election.
Разберитесь что за машина 192.168.9.223 и откуда на ней висит домен с именем PRODIX. И раз уж речь пошла об алиасах, то на всякий случай напомню, что для netbios в одном физическом сегменте сети может быть только 1 домен с уникальным именем. Ибо netbios`у без разницы ваш алиас, он рассылает широковещательные запросы в физический сегмент сети с поиском PRODIX<1b> <1c>, по этому алиас не пойдёт. К тому же на алиасах с самбой будут местами глюки вылазить. Рекомендую прочесть Samba Browsing. Если хотите поднять новый домен с таким же именем выделяйте машины в отдельный vlan.

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 16:06:47

ммм... тоесть sk1_alias0=192.168.0.1 непокатит чтоли? :(

комп таури вырубил

самба говорит

Код: Выделить всё

[2008/11/12 16:04:40, 0] nmbd/nmbd.c:main(723)
  Netbios nameserver version 3.0.32 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
[2008/11/12 16:04:40, 0] nmbd/asyncdns.c:start_async_dns(151)
  started asyncdns process 3569
[2008/11/12 16:04:40, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 192.168.0.5 rejected our name registration of PRODIX<00> IP 192.168.0.1 with error code 6.
[2008/11/12 16:04:40, 0] nmbd/nmbd_mynames.c:my_name_register_failed(36)
  my_name_register_failed: Failed to register my name PRODIX<00> on subnet 192.168.0.1.
[2008/11/12 16:04:40, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(304)
  standard_fail_register: Failed to register/refresh name PRODIX<00> on subnet 192.168.0.1
[2008/11/12 16:04:40, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
  add_domain_logon_names:
  Attempting to become logon server for workgroup PRODIX on subnet 192.168.0.1
[2008/11/12 16:04:40, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
  add_domain_logon_names:
  Attempting to become logon server for workgroup PRODIX on subnet UNICAST_SUBNET
[2008/11/12 16:04:40, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(335)
  become_domain_master_browser_wins:
  Attempting to become domain master browser on workgroup PRODIX, subnet UNICAST_SUBNET.
[2008/11/12 16:04:40, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_wins(349)
  become_domain_master_browser_wins: querying WINS server from IP 192.168.0.1 for domain master browser name PRODIX<1b> on workgroup PRODIX
[2008/11/12 16:04:40, 0] nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: WINS server at IP 192.168.0.1 rejected our name registration of PRODIX<00> IP 192.168.0.1 with error code 5.
[2008/11/12 16:04:40, 0] nmbd/nmbd_workgroupdb.c:fail_register(226)
  fail_register: Failed to register name PRODIX<00> on subnet UNICAST_SUBNET.
[2008/11/12 16:04:40, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(304)
  standard_fail_register: Failed to register/refresh name PRODIX<00> on subnet UNICAST_SUBNET
[2008/11/12 16:04:40, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
  become_logon_server_success: Samba is now a logon server for workgroup PRODIX on subnet UNICAST_SUBNET
[2008/11/12 16:04:40, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
  *****
  
  Samba server PRODIX is now a domain master browser for workgroup PRODIX on subnet UNICAST_SUBNET
  
  *****
[2008/11/12 16:04:40, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
  become_domain_master_browser_bcast:
  Attempting to become domain master browser on workgroup PRODIX on subnet 192.168.0.1
[2008/11/12 16:04:40, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
  become_domain_master_browser_bcast: querying subnet 192.168.0.1 for domain master browser on workgroup PRODIX
[2008/11/12 16:04:44, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
  become_logon_server_success: Samba is now a logon server for workgroup PRODIX on subnet 192.168.0.1
[2008/11/12 16:04:48, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
  *****
  
  Samba server PRODIX is now a domain master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
[2008/11/12 16:05:03, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
  *****
  
  Samba name server PRODIX is now a local master browser for workgroup PRODIX on subnet 192.168.0.1
  
  *****
Самурай

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 16:12:11

Вот что мне сама ВИня, говорит при попытке коннекта...

Код: Выделить всё

при присоеденениие к домену "prodix" произашла следующея ошибка
Не найдено имя пользователя
хотя по SMB:// я зохожу нормально

пытался со всеми пользователями ошибка одна и таже...
Самурай

Yam
сержант
Сообщения: 226
Зарегистрирован: 2008-10-11 19:19:24
Откуда: 2:5093/41

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Yam » 2008-11-12 16:15:09

Ну так уже лучше, теперь нужно разобраться что за машина 192.168.0.5

Код: Выделить всё

register_name_response: server at IP 192.168.0.5 rejected our name registration of PRODIX<00> IP 192.168.0.1 with error code 6.
и почему она против.

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-12 16:21:46

это машина 2 в подсети 0.0, моя 6 а это 2 админа 0.5, странно как она против, если с неё на самбе отлично работают...
Самурай

Yam
сержант
Сообщения: 226
Зарегистрирован: 2008-10-11 19:19:24
Откуда: 2:5093/41

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Yam » 2008-11-12 16:41:07

Код: Выделить всё

add machine script = /usr/local/sbin/ldapaddmachine '%u' computers
add user script = /usr/local/sbin/ldapadduser '%u' users
add group script = /usr/local/sbin/ldapaddgroup '%g'
add user to group script = /usr/local/sbin/ldapaddusertogroup '%u' '%g'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
delete user from group script = /usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'
Вот это соответствует действительности? Скрипты лежат именно там?

Аватара пользователя
Dron
ст. сержант
Сообщения: 373
Зарегистрирован: 2007-08-15 13:36:28
Откуда: Днепропетровск
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Dron » 2008-11-12 18:39:04

wins на машинах которые вводишь прописал?
Та Да...

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-13 21:45:14

Dron писал(а):wins на машинах которые вводишь прописал?
Зачем на XP нужен WINS ?
Yam писал(а): Вот это соответствует действительности? Скрипты лежат именно там?
Конечно!
Это всё отлично работает, и машины, и юзеры добовляються\удаляються на УРА
Самурай

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-13 22:08:35

С трудом вошол в домен

лог компа пишет

Код: Выделить всё

[2008/11/13 22:02:10, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:10, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:02:10, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:10, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/13 22:02:11, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:11, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:02:11, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:11, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/13 22:02:11, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:11, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:11, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:11, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:11, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:13, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:13, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:02:13, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:13, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/13 22:02:14, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:02:14, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:14, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:02:14, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:02:14, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/13 22:03:22, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:03:22, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:03:22, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:03:22, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
[2008/11/13 22:03:22, 0] passdb/pdb_get_set.c:pdb_get_group_sid(211)
  pdb_get_group_sid: Failed to find Unix account for BILLPC$
[2008/11/13 22:03:22, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:03:22, 0] auth/auth_util.c:create_builtin_administrators(844)
  create_builtin_administrators: Failed to create Administrators
[2008/11/13 22:03:22, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:03:22, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
остольные ошибки пропали,

но при попытке войти в комп пишет
интероктивный вход в систему запрещён политикой безопастности на данном компьютере
Хельп, Хельп, Хельп :)

p.s. "ЛОГИ ОБНОВИЛ ВСЕ ЧТО В 1 ПОСТЕ!!!"
Самурай

Аватара пользователя
Dron
ст. сержант
Сообщения: 373
Зарегистрирован: 2007-08-15 13:36:28
Откуда: Днепропетровск
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Dron » 2008-11-14 0:48:42

А wins как-раз и нужен для того, чтобы машинки нормально в домен вводились, авторизация проходила и т.д.
Samba с wins работает....
Та Да...

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-14 1:30:57

Dron писал(а):А wins как-раз и нужен для того, чтобы машинки нормально в домен вводились, авторизация проходила и т.д.
Samba с wins работает....
Да прописал я Винс...

Теперь такая трабла что в домен входит легко но вот выдаёт при входе самого юзера

Код: Выделить всё

интероктивный вход в систему запрещён политикой безопастности на данном компьютере
и можно зайти толька под учёткой ROOT чё толька уже не делол....
сил моих больше нет...
Самурай

Yam
сержант
Сообщения: 226
Зарегистрирован: 2008-10-11 19:19:24
Откуда: 2:5093/41

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение Yam » 2008-11-14 8:08:32

Конечно выдаёт, в последнем приведенном куске лога ошибка на ошибке, пробовали разобраться в их происхождении?

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-14 15:18:00

Yam писал(а):Конечно выдаёт, в последнем приведенном куске лога ошибка на ошибке, пробовали разобраться в их происхождении?
Ты про это?

Код: Выделить всё

[2008/11/13 22:03:22, 0] groupdb/mapping.c:pdb_create_builtin_alias(739)
  pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS)
[2008/11/13 22:03:22, 0] auth/auth_util.c:create_builtin_users(810)
  create_builtin_users: Failed to create Users
Чесно не понемаю что с этим делать, где-то прочёл что это нормальное дело

На счёт того что не пускает с надписью про

Код: Выделить всё

интерактивный вход в систему запрещен политикой безопасности на данном компьютере
Эт я разобрался, там надо в политиках копаться локально...
Самурай

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-14 16:34:46

Кароче работает, Хомяки присоеденяет как локальные диски, в профили всё перемещает, всех пускает и всё делает :) в логах по прежнему тонна ошибок, но работает и хрен с ним, она решена на столька на сколька это было возможно
Самурай

Аватара пользователя
MASiK
лейтенант
Сообщения: 625
Зарегистрирован: 2008-09-19 20:09:41
Откуда: Оттуда
Контактная информация:

Re: [SAMBA(PDS)+LDAP] !!!!!!!!!!!!

Непрочитанное сообщение MASiK » 2008-11-16 4:07:45

Блин одна ошибка смущает очень

debug.log

Код: Выделить всё

Nov 15 04:01:01 office cron[27513]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:01:01 office cron[27513]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:01:01 office cron[27513]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:01:01 office cron[27513]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:02:43 office sshd[27520]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:02:44 office sshd[27520]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:02:44 office sshd[27520]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:02:44 office sshd[27520]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:02:46 office sshd[27522]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:02:46 office sshd[27522]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:02:46 office sshd[27522]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:02:46 office sshd[27522]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:03:06 office sftp-server[27523]: NSSWITCH(nss_method_lookup): ldap, group, getgrgid_r, not found
Nov 15 04:03:06 office slapd[35435]: conn=221 op=90 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=1009))"
Nov 15 04:03:06 office slapd[35435]: conn=221 op=90 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Nov 15 04:03:06 office slapd[35435]: conn=221 op=90 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 15 04:03:06 office sftp-server[27523]: NSSWITCH(nss_method_lookup): ldap, group, getgrgid_r, not found
Nov 15 04:03:06 office slapd[35435]: conn=221 op=91 SRCH base="ou=groups,dc=prodix,dc=spb,dc=ru" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=1010))"
Nov 15 04:03:06 office slapd[35435]: conn=221 op=91 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass
Nov 15 04:03:06 office slapd[35435]: conn=221 op=91 SEARCH RESULT tag=101 err=0 nentries=0 text=
Nov 15 04:04:21 office sshd[27529]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:04:22 office sshd[27529]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:04:22 office sshd[27529]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:04:22 office sshd[27529]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:04:22 office sshd[27532]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:04:22 office sshd[27532]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:04:22 office sshd[27532]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:04:22 office sshd[27532]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:04:44 office cupsd: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Nov 15 04:04:44 office cupsd: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:04:44 office cupsd: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:05:01 office cron[27552]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found
Nov 15 04:05:01 office cron[27552]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found
Nov 15 04:05:01 office cron[27552]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found
Nov 15 04:05:01 office cron[27552]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found
Как решить а?....
Самурай