Доброго времени суток собствено сабж
использовал howto: http://www.lissyara.su/?id=1280
uname 6.1-RELEASE FreeBSD
pkg_info |grep samba
samba-3.0.23d,1 A free SMB and CIFS client and server for UNIX
# pkg_info | grep ldap
nss_ldap-1.251_1 RFC 2307 NSS module
openldap-client-2.3.33 Open source LDAP client implementation
openldap-server-2.3.33 Open source LDAP server implementation
p5-perl-ldap-0.33 A Client interface to LDAP servers
pam_ldap-1.8.2 A pam module for authenticating with LDAP
smbldap-tools-0.9.2a Useful package for managing users and groups in a LDAP dire
===
# testparm
Load smb config files from /usr/local/etc/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[Profiles]"
Processing section "[data]"
Processing section "[tst]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions[global]
dos charset = cp866
unix charset = koi8-r
display charset = koi8-r
workgroup = EDU
netbios name = PM
server string = samba pdc with ldap auth
passdb backend = ldapsam:ldap://127.0.0.1/
log file = /var/log/samba/log.%m
max log size = 500
time server = Yes
load printers = No
add machine script = /usr/local/etc/samba/add_machine.pl %m
logon script = proxy.vbs
logon path = \\%L\Profiles\%U\%m\%a
logon drive = Z:
logon home = \\%L\Profiles\%U\%m\%a
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = "cn=root,dc=pm,dc=edu"
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap suffix = dc=pm,dc=edu
ldap ssl = no
ldap user suffix = ou=users
admin users = admin
hosts allow = 10.6.83., 127.
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /usr/local/etc/samba/netlogon/
guest ok = Yes
browseable = No
share modes = No
[Profiles]
path = /home
create mask = 0600
directory mask = 0700
guest ok = Yes
browseable = No
[data]
comment = Dump of files
path = /data
read list = @People, @wheel
write list = @People, @wheel
read only = No
create mask = 0660
directory mask = 0770
guest ok = Yes
[sus]
comment = Dump of files
path = /tst
read list = @People, @wheel, admin
write list = sus, admin
create mask = 0664
directory mask = 0770
guest ok = Yes
++++
скрипт добавленния add_machine.pl висит
а на
ldapadd -x -h 127.0.0.1 -D "cn=root,dc=pm,dc=edu" -W -f 683-ad.machine.ldif
=683-ad.machine.ldif=
dn: cn=683-ad,ou=computers,dc=pm,dc=edu
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
cn: 683-ad
sn: 683-ad Computer
uid: 683-ad$
userPassword: *
uidNumber: 10000
gidNumber: 5002
gecos: Computer
homeDirectory: /dev/null
loginShell: /usr/sbin/nologin
sambaDomainName: EDU
sambaAcctFlags: [W]
sambaSID: S-1-5-21-4264372741-296706239-3456055400-515
+++
adding new entry "cn=683-ad,ou=computers,dc=pm,dc=edu"
ldap_add: Object class violation (65)
additional info: attribute 'sambaDomainName' not allowed
ldap структура
ldapsearch -x -LLL -b 'dc=pm,dc=edu'
dn: dc=pm,dc=edu
objectClass: dcObject
objectClass: organization
objectClass: top
dc: pm
o: pm
dn: ou=users,dc=pm,dc=edu
objectClass: top
objectClass: organizationalUnit
ou: users
dn: ou=groups,dc=pm,dc=edu
objectClass: top
objectClass: organizationalUnit
ou: groups
dn: cn=Admin Group Samba,ou=groups,dc=pm,dc=edu
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: Admin Group Samba
gidNumber: 1000
memberUid: admin
sambaSID: S-1-5-21-4264372741-296706239-3456055400-512
sambaGroupType: 2
displayName: Admin group Samba
description: Domain Unix group
dn: cn=admin,ou=users,dc=pm,dc=edu
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: admin
sn: admin
uid: admin
uidNumber: 1000
gidNumber: 1000
gecos: Samba Admin
homeDirectory: /home/admin
loginShell: /usr/sbin/nologin
sambaSID: S-1-5-21-4264372741-296706239-3456055400-3000
displayName: Samba Admin
sambaPwdCanChange: 1173881775
sambaPwdMustChange: 2147483647
sambaLMPassword: 18DC02FF7E4408BBE3DC53D5AE35ECA7
sambaNTPassword: EAD80322AD8C90D90BC46FD88D6ED744
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1173881775
sambaAcctFlags: [U ]
dn: cn=People,ou=groups,dc=pm,dc=edu
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: People
gidNumber: 5001
sambaSID: S-1-5-21-4264372741-296706239-3456055400-513
sambaGroupType: 2
displayName: People
description: Domain Unix group
dn: cn=sus,ou=users,dc=pm,dc=edu
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: sambaSamAccount
cn: sus
sn:: 0JzQuNGI0LjQvdCw
uid: sus
uidNumber: 5004
gidNumber: 5001
gecos: User
homeDirectory: /home/sus
loginShell: /usr/sbin/nologin
sambaSID: S-1-5-21-4264372741-296706239-3456055400-11008
displayName: User
sambaPwdCanChange: 1173881787
sambaPwdMustChange: 2147483647
sambaLMPassword: 01FC5A6BE7BC6929AAD3B435B51404EE
sambaNTPassword: 0CB6948805F797BF2A82807973B89537
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1173881787
sambaAcctFlags: [U ]
dn: sambaDomainName=EDU,dc=pm,dc=edu
sambaDomainName: EDU
sambaSID: S-1-5-21-4264372741-296706239-3456055400
sambaAlgorithmicRidBase: 1000
objectClass: sambaDomain
sambaNextUserRid: 1000
sambaMinPwdLength: 5
sambaPwdHistoryLength: 0
sambaLogonToChgPwd: 0
sambaMaxPwdAge: -1
sambaMinPwdAge: 0
sambaLockoutDuration: 30
sambaLockoutObservationWindow: 30
sambaLockoutThreshold: 0
sambaForceLogoff: -1
sambaRefuseMachinePwdChange: 0
dn: ou=computers,dc=pm,dc=edu
objectClass: top
objectClass: organizationalUnit
ou: computers
вот такая вот фигня
помогите люди а то у мну уже башка болит
Вариант для распечатки
Samba, вопросы интеграции Unix и Windows (Public)
(ok) on 15-Мрт-07, 14:26 
