Доброго времени суток, уважаемые!
Помогите плиз, уже всю голову сломал
Все настраиваю по статье
http://www.lissyara.su/articles/freebsd ... ddns+dhcp/, но на моменте ввода в домен сервера выдает следующее:
Код: Выделить всё
bsd8# net rpc join -S bsd8 -U admin%password
[2009/12/15 10:07:25, 0] libsmb/clientgen.c:cli_receive_smb(111)
Receiving SMB: Server stopped responding
Could not connect to server bsd8
[2009/12/15 10:07:25, 0] libsmb/clientgen.c:cli_receive_smb(111)
Receiving SMB: Server stopped responding
Connection failed: NT_STATUS_END_OF_FILE
[2009/12/15 10:07:25, 0] libsmb/clientgen.c:cli_receive_smb(111)
Receiving SMB: Server stopped responding
Could not connect to server bsd8
Connection failed: NT_STATUS_END_OF_FILE
Привожу конфиги:
slapd.conf
Код: Выделить всё
bsd8# cat /usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/openldap.schema
include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_bdb
access to attrs=userPassword
by self write
by users read
by anonymous auth
access to *
by self write
by anonymous read
by * none
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=guzvao,dc=local"
rootdn "cn=root,dc=guzvao,dc=local"
rootpw {SSHA}fVMCzP8pDZYHvIbdsJYsREVy/HO4M6h
directory /var/db/openldap-data
loglevel 256
index objectClass eq
index cn eq
ldapscripts.conf
Код: Выделить всё
bsd8# cat /usr/local/etc/ldapscripts/ldapscripts.conf
SERVER="127.0.0.1"
BINDDN="cn=root,dc=guzvao,dc=local"
BINDPWD="password"
SUFFIX="dc=guzvao,dc=local" # Global suffix
GSUFFIX="ou=groups" # Groups ou (just under $SUFFIX)
USUFFIX="ou=users" # Users ou (just under $SUFFIX)
MSUFFIX="ou=computers" # Machines ou (just under $SUFFIX)
GIDSTART="10000" # Group ID
UIDSTART="10000" # User ID
MIDSTART="20000" # Machine ID
USHELL="/usr/sbin/nologin"
UHOMES="/home/samba/homes/%u"
ASKGECOS="no"
CREATEHOMES="yes"
HOMESKEL="/etc/skel"
HOMEPERMS="700"
PASSWORDGEN="head -c8 /dev/random | uuencode -m - | sed -n -e '2s|=*$||;2p' | sed -e 's|+||g' -e 's|/||g'"
RECORDPASSWORDS="yes"
PASSWORDFILE="/var/log/ldapscripts_passwd.log"
LOGFILE="/var/log/ldapscripts.log"
# Temporary folder
TMPDIR="/tmp"
LDAPSEARCHBIN="/usr/local/bin/ldapsearch"
LDAPADDBIN="/usr/local/bin/ldapadd"
LDAPDELETEBIN="/usr/local/bin/ldapdelete"
LDAPMODIFYBIN="/usr/local/bin/ldapmodify"
LDAPMODRDNBIN="/usr/local/bin/ldapmodrdn"
LDAPPASSWDBIN="/usr/local/bin/ldappasswd"
# Character set conversion : $ICONVCHAR <-> UTF-8
# Comment ICONVBIN to disable UTF-8 conversion
ICONVBIN="/usr/local/bin/iconv"
ICONVCHAR="KOI8-R"
# Base64 decoding
# Comment UUDECODEBIN to disable Base64 decoding
UUDECODEBIN="/usr/bin/uudecode"
GETENTPWCMD=""
GETENTGRCMD=""
GTEMPLATE=""
UTEMPLATE=""
MTEMPLATE=""
smb.conf
Код: Выделить всё
bsd8# cat /usr/local/etc/smb.conf
[global]
# имя домена
workgroup = guzvao
# типа коментарий самба сервера
server string = bsd8.guzvao
#имя компа с самбой в сетевом окружении
netbios name = bsd8
security = user
hosts allow = 192.168.3. 192.168.1. 127.
load printers = no
log file = /var/log/samba/log.%m
max log size = 50
acl compatibility = win2k
encrypt passwords = yes
admin users = admin
passdb backend = ldapsam:ldap://127.0.0.1/
# здесь описываем лдап
ldap suffix = dc=guzvao,dc=local
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap admin dn = "cn=root,dc=guzvao,dc=local"
ldap delete dn = no
ldap ssl = off
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = @
winbind use default domain = yes
# делаем PDC
socket options = TCP_NODELAY
local master = yes
os level = 64
domain master = yes
preferred master = yes
domain logons = yes
# если хоиите юзать логон скрипты, то раскоментариваете
; logon script = %m.bat
; logon script = %U.bat
# путь к перемещаемому профилю
logon path = \\%L\profiles
# путь к хомякам юзеров
logon home = \\%L\HOME
logon drive = H:
wins support = yes
dns proxy = yes
display charset = koi8-r
unix charset = koi8-r
dos charset = cp866
timeserver = yes
# скрипты для добавления юзеров и групп (юзается в usermgr от nt4)
add machine script = /usr/local/sbin/ldapaddmachine '%u' computers
add user script = /usr/local/sbin/ldapadduser '%u' users
add group script = /usr/local/sbin/ldapaddgroup '%g'
add user to group script = /susr/local/sbin/ldapaddusertogroup '%u' '%g'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
delete user from group script = /usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'
# делаем шару на хомяки
[HOME]
comment = Home Directories
path = /home/samba/homes/%U
read only = no
public = no
writable = yes
create mask = 0600
browseable = no
directory mask = 0700
# делаем шару на нетлогон (для запуска скриптов)
[netlogon]
comment = Network Logon Service
path = /usr/local/etc/samba/netlogon
guest ok = yes
writable = no
share modes = no
browseable = no
# делаем шару на перемещаемые профили
[profiles]
create mask = 0600
directory mask = 0700
path = /home/samba/profiles/%u
writeable = yes
browseable = no
locking = no
csc policy = disable # эта строчка необходима чтобы отключить автономное кеширование
[IPC$]
path = /tmp
hosts allow = 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 127.0.0.1
hosts deny = 0.0.0.0/0
nss_ldap.conf
Код: Выделить всё
bsd8# cat /usr/local/etc/nss_ldap.conf
host 127.0.0.1
base dc=guzvao,dc=local
uri ldap://bsd8.guzvao/
ldap_version 3
#binddn cn=root,dc=guzvao,dc=local
#bindpw psssword
port 389
scope one
timelimit 30
bind_timelimit 10
bind_policy soft
nss_connect_policy persist
idle_timelimit 3600
nss_paged_results yes
pagesize 1000
nss_base_passwd ou=users,dc=guzvao,dc=local?one
nss_base_shadow ou=users,dc=guzvao,dc=local?one
nss_base_group ou=groups,dc=guzvao,dc=local?one
nss_base_passwd ou=computers,dc=guzvao,dc=local?one
ldapscripts.log
Код: Выделить всё
>> 12/14/09 - 13:14 : Command : /usr/local/sbin/ldapaddgroup admins
Successfully added group admins to LDAP
Warning : using command-line passwords, ldapscripts may not be safe
>> 12/14/09 - 13:14 : Command : /usr/local/sbin/ldapaddgroup users
Successfully added group users to LDAP
Warning : using command-line passwords, ldapscripts may not be safe
>> 12/14/09 - 13:14 : Command : /usr/local/sbin/ldapaddgroup computers
Successfully added group computers to LDAP
Warning : using command-line passwords, ldapscripts may not be safe
>> 12/14/09 - 13:15 : Command : /usr/local/sbin/ldapadduser admin admins
Successfully added user admin to LDAP
Successfully set password for user admin
Successfully created home directory for user admin
debug.log
Код: Выделить всё
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 fd=12 ACCEPT from IP=127.0.0.1:25754 (IP=127.0.0.1:389)
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 op=0 BIND dn="" method=128
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 op=0 RESULT tag=97 err=0 text=
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 op=1 SRCH base="ou=groups,dc=guzvao,dc=local" scope=1 deref=0 filter="(&(objectClass=posixGroup))"
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 op=1 SRCH attr=cn userPassword memberUid uniqueMember gidNumber
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 op=1 SEARCH RESULT tag=101 err=0 nentries=3 text=
Dec 15 10:20:00 bsd8 slapd[973]: conn=333 fd=12 closed (connection lost)
LdapAdmin нормально коннектится к серверу и можно просмотреть свойства объектов создать объекты и т.д.
А вот с доменом какая-то хрень, не входит хоть убейся