openldap+samba配置錯誤

openldap+samba配置錯誤

域名：test.org
主機名：master.test.org (192.168.11.20)
OS：FreeBSD 7 beta3
Samba3.0.26a
Openldap2.3.39



openldap編譯參數：
SASL              With (Cyrus) SASL2 support
TCP_WRAPPERS      With tcp wrapper support
BDB               With BerkeleyDB support
TCP_WRAPPERS      With tcp wrapper support
DYNAMIC_BACKENDS  Build dynamic backends




samba3編譯參數：
LDAP         With LDAP support
CUPS         With CUPS printing support
WINBIND      With WinBIND support
QUOTAS       With Disk quota support
UTMP         With UTMP accounting support
POPT         With system-wide POPT library



sldap.conf參數:
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/corba.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/openldap.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/samba.schema

database        bdb
suffix          "dc=test,dc=org"
rootdn          "cn=root,dc=test,dc=org"

rootpw          another #我使用的是明碼

index   objectClass     eq
index   ou,cn,sn,mail,mobile,givenName          eq,pres,sub
index   uid,uidNumber,gidNumber,loginShell      eq,pres


三個ldif文件

1) bdn.ldif
dn:dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org

2) unit.ldif
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it

3) test.ldif
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail: [email protected]
employeeNumber: 778888
fax: 8888888
mobile: 9020398586


master# ldapsearch -x
extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# test.org
dn: dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org

# it, test.org
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it

# test, it, test.org
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail: [email protected]
employeeNumber: 778888
facsimileTelephoneNumber: 8888888
mobile:: OTAyMDM5ODU4NiA=

# search result
search: 2
result: 0 Success

# numResponses: 4
# numEntries: 3



master# netstat -an |grep 389
tcp4       0      0  *.389                  *.*                    LISTEN



smb.conf文件內容

ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes

走到這一步出錯：
master# smbpasswd -w another  （rootpw的密碼是明碼）
ERROR: 'ldap admin dn' not defined! Please check your smb.conf


我用了google搜索這個錯誤，可惜沒有找到相關的提示，我對LDAP也不是很明白，算是新手吧，只好向各位求助了。

我是參考這篇文章做的：http://phorum.study-area.org/index.php/topic,20602.html

問題解決了。
要把以下這幾行放在Global parameters下面才可以，我每次都是放在smb.conf文件的末尾。
搞了好幾天了，原來是這個問題。
ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes

Tags: