openldap+samba配置錯誤
域名:test.org
主機名:master.test.org (192.168.11.20)
OS:FreeBSD 7 beta3
Samba3.0.26a
Openldap2.3.39
openldap編譯參數:
SASL With (Cyrus) SASL2 support
TCP_WRAPPERS With tcp wrapper support
BDB With BerkeleyDB support
TCP_WRAPPERS With tcp wrapper support
DYNAMIC_BACKENDS Build dynamic backends
samba3編譯參數:
LDAP With LDAP support
CUPS With CUPS printing support
WINBIND With WinBIND support
QUOTAS With Disk quota support
UTMP With UTMP accounting support
POPT With system-wide POPT library
sldap.conf參數:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/corba.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/misc.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/openldap.schema
include /usr/local/etc/openldap/schema/nis.schema
include /usr/local/etc/openldap/schema/samba.schema
database bdb
suffix "dc=test,dc=org"
rootdn "cn=root,dc=test,dc=org"
rootpw another #我使用的是明碼
index objectClass eq
index ou,cn,sn,mail,mobile,givenName eq,pres,sub
index uid,uidNumber,gidNumber,loginShell eq,pres
三個ldif文件
1) bdn.ldif
dn:dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org
2) unit.ldif
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it
3) test.ldif
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail:
[email protected] employeeNumber: 778888
fax: 8888888
mobile: 9020398586
master# ldapsearch -x
extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# test.org
dn: dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org
# it, test.org
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it
# test, it, test.org
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail:
[email protected] employeeNumber: 778888
facsimileTelephoneNumber: 8888888
mobile:: OTAyMDM5ODU4NiA=
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3
master# netstat -an |grep 389
tcp4 0 0 *.389 *.* LISTEN
smb.conf文件內容
ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes
走到這一步出錯:
master# smbpasswd -w another (rootpw的密碼是明碼)
ERROR: 'ldap admin dn' not defined! Please check your smb.conf
我用了google搜索這個錯誤,可惜沒有找到相關的提示,我對LDAP也不是很明白,算是新手吧,只好向各位求助了。
我是參考這篇文章做的:http://phorum.study-area.org/index.php/topic,20602.html
《解決方案》
問題解決了。
要把以下這幾行放在Global parameters下面才可以,我每次都是放在smb.conf文件的末尾。
搞了好幾天了,原來是這個問題。
ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes