Hi all.
Sorry for my bad english, i am from russia.
I have some servers with samba.
One PDC+ldap
One BDC+ldap
And some count of members.
It's working fine, but some days ago i try to use "valid users"
directive, wich i already successfully used on PDC BDC.
But on domain members this directive fails.
I have checked log and see this error.
Sid @INFINET\rnd does not start with 'S-'.
But it's working with direct ldap connection.
What's wrong?
Thank you.
My configuration is:
[global]
#####
#Domain section
interfaces = eth0
workgroup = IUYT
netbios name = TEST
os level = 1
domain logons = No
domain master = No
local master = No
preferred master = No
wins server = 1.2.3.4
name resolve order = wins bcast hosts
#####
#Security section
security = domain
encrypt passwords = Yes
auth methods = ntdomain
password server = NS1,NS2
directory mode = 0775
create mask = 0664
guest account = nobody
enable privileges = Yes
deadtime = 30
valid users = @"IUYT\rnd"
#####
#Debug section
dos charset = cp866
log file = /var/log/samba/samba.log
log level = 5
syslog = 0
max log size = 1000
hide dot files = Yes
veto oplock files = /*.doc/*.xls
[test]
browseable = Yes
writable = Yes
path = /tmp
guest ok = Yes
#########
It's working only with these options
security = user
passdb backend = ldapsam:ldap://1.2.3.4
ldap admin dn = cn=admin,dc=ldap,dc=qwe,dc=ru
ldap suffix = dc=ldap,dc=qwe,dc=ru
ldap group suffix = ou=Group
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
