Hello Team,
I am using samba 3.6.3 in ubuntu as file server and also I have a
domain controller in my organization both are different servers.
I am able to register SAMBA as domain controller successfully, and I could
see SAMBA Domain with SID populated in my OpenLDAP. But my problem is when
I configure samba as file server. SAMBA is pulling the host name and
registering to OpenLDAP as domain.
Example My Domain name is test.
My file server host name is fileserver01
I could see test and fileserver01 in my openldap with SID. why this
is happening, since this is just configured as file server. and also I do
not have winbind configured in my file server. below are my configuration
details.
[global]
workgroup = test
server string = %h server (Samba, Ubuntu)
wins server = 192.168.1.2
dns proxy = no
name resolve order = lmhosts host wins bcast
disable spoolss = no
spoolss : architecture = Windows x64
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://servername
ldap suffix = dc=aa,dc=bb,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,dc=aa,dc=bb,dc=com
ldap ssl = no
map to guest = bad user
domain logons = yes
load printers = yes
printing = cups
printcap name = cups
socket options = TCP_NODELAY
domain master = no
usershare allow guests = yes
[homes]
create mask = 0700
directory mask = 0700
browseable = no
comment = Home Directories
valid users = %S
writable = yes
available = no
[printers]
comment = All Printers
public = yes
printable = yes
path = /var/spool/samba
# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
comment = Printer Drivers
writeable = yes
public = yes
path = /var/lib/samba/printers
write list = root, at Onsite-Admins
[iMigrate]
force create mode = 770
valid users = @Onsite-Admins
create mode = 770
path = /data/imigrate
write list = @Onsite-Admins
force directory mode = 770
directory mode = 770
--
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechhelp at gmail.com*
Hello Team,> > I am using samba 3.6.3 in ubuntu as file server and also I have a > domain controller in my organization both are different servers. > > I am able to register SAMBA as domain controller successfully, and I could > see SAMBA Domain with SID populated in my OpenLDAP. But my problem is when > I configure samba as file server. SAMBA is pulling the host name and > registering to OpenLDAP as domain. > > Example My Domain name is test. > > My file server host name is fileserver01 > > I could see test and fileserver01 in my openldap with SID. why this > is happening, since this is just configured as file server. and also I do > not have winbind configured in my file server. below are my configuration > details. > > > [global] > > workgroup = test > > server string = %h server (Samba, Ubuntu) > > wins server = 192.168.1.2 > > dns proxy = no > > name resolve order = lmhosts host wins bcast > > disable spoolss = no > spoolss : architecture = Windows x64 > > log file = /var/log/samba/log.%m > > max log size = 1000 > > > syslog = 0 > > panic action = /usr/share/samba/panic-action %d > > > security = user > > encrypt passwords = true > > > passdb backend = ldapsam:ldap://servername > ldap suffix = dc=aa,dc=bb,dc=com > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Idmap > ldap admin dn = cn=admin,dc=aa,dc=bb,dc=com > ldap ssl = no > > > > map to guest = bad user > > domain logons = yes > > load printers = yes > > printing = cups > printcap name = cups > > socket options = TCP_NODELAY > > domain master = no > > usershare allow guests = yes > > [homes] > create mask = 0700 > directory mask = 0700 > browseable = no > comment = Home Directories > valid users = %S > writable = yes > available = no > > > [printers] > comment = All Printers > public = yes > printable = yes > path = /var/spool/samba > > # Windows clients look for this share name as a source of downloadable > # printer drivers > [print$] > comment = Printer Drivers > writeable = yes > public = yes > path = /var/lib/samba/printers > write list = root, at Onsite-Admins > > [iMigrate] > force create mode = 770 > valid users = @Onsite-Admins > create mode = 770 > path = /data/imigrate > write list = @Onsite-Admins > force directory mode = 770 > directory mode = 770 > >-- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 25dollartechhelp at gmail.com*
On Thu, 2013-01-31 at 09:57 +0400, 25Dollar Tech wrote:> Hello Team, > > I am using samba 3.6.3 in ubuntu as file server and also I have a > domain controller in my organization both are different servers. > > I am able to register SAMBA as domain controller successfully, and I could > see SAMBA Domain with SID populated in my OpenLDAP. But my problem is when > I configure samba as file server. SAMBA is pulling the host name and > registering to OpenLDAP as domain. > > Example My Domain name is test. > > My file server host name is fileserver01 > > I could see test and fileserver01 in my openldap with SID. why this > is happening, since this is just configured as file server. and also I do > not have winbind configured in my file server. below are my configuration > details.Your file server should be joined to the domain as a domain member server, and not directly use passdb against the DC. You should then use nss_winbind or nss_ldap to get consistent user and group memberships with the DC. By connecting your Samba file server to the DC, it is confused as to if the password sore in ldap, which it has full control of, should belong to it or the DC, and the result will not be pretty. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org