Devenir Membre

Sujet: ERROR: 'ldap admin dn' not defined! Please check your smb.conf Message: mes fichiers slapd.conf. et smb.confslapd.conf## See slapd.conf(5) for details on configuration options.# This file should NOT be world readable.#include /etc/openldap/schema/core.schemainclude /etc/openldap/schema/cosine.schemainclude /etc/openldap/schema/inetorgperson.schemainclude /etc/openldap/schema/nis.schemainclude /etc/openldap/schema/misc.schemainclude /etc/openldap/schema/samba.schema# Allow LDAPv2 client connections. This is NOT the default.allow bind_v2# Do not enable referrals until AFTER you have a working directory# service AND an understanding of referrals.#referral ldap://root.openldap.orgpidfile /var/run/openldap/slapd.pidargsfile /var/run/openldap/slapd.args# Load dynamic backend modules:# modulepath /usr/lib/openldap# moduleload accesslog.la# moduleload auditlog.la# moduleload back_sql.la# moduleload denyop.la# moduleload dyngroup.la# moduleload dynlist.la# moduleload lastmod.la# moduleload pcache.la# moduleload ppolicy.la# moduleload refint.la# moduleload retcode.la# moduleload rwm.la# moduleload syncprov.la# moduleload translucent.la# moduleload unique.la# moduleload valsort.la# The next three lines allow use of TLS for encrypting connections using a# dummy test certificate which you can generate by changing to# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on# slapd.pem so that the ldap user or group can read it. Your client software# may balk at self-signed certificates, however. TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt TLSCertificateFile /etc/pki/tls/certs/slapd.pem TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem# Sample security restrictions# Require integrity protection (prevent hijacking)# Require 112-bit (3DES or better) encryption for updates# Require 63-bit encryption for simple bind# security ssf=1 update_ssf=112 simple_bind=64# Sample access control policy:# Root DSE: allow anyone to read it# Subschema (sub)entry DSE: allow anyone to read it# Other DSEs:# Allow self write access# Allow authenticated users read access# Allow anonymous users to authenticate# Directives needed to implement policy:# access to dn.base="" by * read# access to dn.base="cn=Subschema" by * read# access to *# by self write# by users read# by anonymous auth## if no access controls are present, the default policy# allows anyone and everyone to read anything but restricts# updates to rootdn. (e.g., "access to * by * read")## rootdn can always read and write EVERYTHING!######################################################################## ldbm and/or bdb database definitions#######################################################################database bdbsuffix "dc=solidintra,dc=sn"rootdn "cn=baba,dc=solidintra,dc=sn"# Cleartext passwords, especially for the rootdn, should# be avoided. See slappasswd(8) and slapd.conf(5) for details.# Use of strong authentication encouraged. rootpw secret rootpw {SSHA}Gf/BUgSioCybkeg3eg7fPNq3+yqMoxqZ# The database directory MUST exist prior to running slapd AND# should only be accessible by the slapd and slap tools.# Mode 700 recommended.directory /var/lib/ldap# Indices to maintain for this databaseindex objectClass eq,presindex ou,cn,mail,surname,givenname eq,pres,subindex uidNumber,gidNumber,loginShell eq,presindex uid,memberUid eq,pres,subindex nisMapName,nisMapEntry eq,pres,sub# Replicas of this database#replogfile /var/lib/ldap/openldap-master-replog#replica host=ldap-1.example.com:389 starttls=critical# bindmethod=sasl saslmech=GSSAPI# authcId=host/ldap-master.example.com@EXAMPLE.COMaccess to attrs=userPassword,sambaLMPassword,sambaNTPassword by self write by anonymous auth by * noneaccess to * by * readsmb.conf#======================= Global Settings =====================================[global]# ----------------------- Netwrok Related Options -------------------------## workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH## server string is the equivalent of the NT Description field## netbios name can be used to specify a server name not tied to the hostname## Interfaces lets you configure Samba to use multiple interfaces# If you have multiple network interfaces then you can list the ones# you want to listen on (never omit localhost)## Hosts Allow/Hosts Deny lets you restrict who can connect, and you can# specifiy it as a per share option as well# workgroup = SOLIDINTRA server string = Samba Server Version %v netbios name = SERVEUR; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 hosts allow = 127. 10.0.0. 10.0.0.100# --------------------------- Logging Options -----------------------------## Log File let you specify where to put logs and how to split them up.## Max Log Size let you specify the max size log files should reach # logs split per machine log file = /var/log/samba/log.%m # max 50KB per log file, then rotate log level = 1 max log size = 50# ----------------------- Standalone Server Options ------------------------## Scurity can be set to user, share(deprecated) or server(deprecated)## Backend to store user information in. New installations should# use either tdbsam or ldapsam. smbpasswd is available for backwards# compatibility. tdbsam requires no further configuration. security = share encrypt passwords = true socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 passdb backend = tdbsam# ----------------------- Domain Members Options ------------------------## Security must be set to domain or ads## Use the realm option only with security = ads# Specifies the Active Directory realm the host is part of## Backend to store user information in. New installations should# use either tdbsam or ldapsam. smbpasswd is available for backwards# compatibility. tdbsam requires no further configuration.## Use password server option only with security = server or if you can't# use the DNS to locate Domain Controllers# The argument list may include:# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]# or to auto-locate the domain controller/s# password server = *; security = domain; passdb backend = tdbsam; realm = MY_REALM; password server = # ----------------------- Domain Controller Options ------------------------## Security must be set to user for domain controllers## Backend to store user information in. New installations should# use either tdbsam or ldapsam. smbpasswd is available for backwards# compatibility. tdbsam requires no further configuration.## Domain Master specifies Samba to be the Domain Master Browser. This# allows Samba to collate browse lists between subnets. Don't use this# if you already have a Windows NT domain controller doing this job## Domain Logons let Samba be a domain logon server for Windows workstations.## Logon Scrpit let yuou specify a script to be run at login time on the client# You need to provide it in a share called NETLOGON# Logon Path let you specify where user profiles are stored (UNC path)## Various scripts can be used on a domain controller or stand-alone# machine to add or delete corresponding unix accounts#; security = user; passdb backend = tdbsam domain master = yes domain logons = yes # the login script name depends on the machine name; logon script = %m.bat # the login script name depends on the unix user used; logon script = %u.bat; logon path = \\%L\Profiles\%u # disables profiles support by specifing an empty path logon path = \\%L\profiles\%U add user script = /usr/sbin/useradd "%u" -n -g users add group script = /usr/sbin/groupadd "%g" add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user script = /usr/sbin/userdel "%u" delete user from group script = /usr/sbin/userdel "%u" "%g" delete group script = /usr/sbin/groupdel "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" passwd program = /usr/sbin/smbldap-passwd -u %u# ----------------------- Browser Control Options ----------------------------## set local master to no if you don't want Samba to become a master# browser on your network. Otherwise the normal election rules apply## OS Level determines the precedence of this server in master browser# elections. The default value should be reasonable## Preferred Master causes Samba to force a local browser election on startup# and gives it a slightly higher chance of winning the election local master = yes os level = 66 preferred master = yes#----------------------------- Name Resolution -------------------------------# Windows Internet Name Serving Support Section:# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both## - WINS Support: Tells the NMBD component of Samba to enable it's WINS Server## - WINS Server: Tells the NMBD components of Samba to be a WINS Client## - WINS Proxy: Tells Samba to answer name resolution queries on# behalf of a non WINS capable client, for this to work there must be# at least one WINS Server on the network. The default is NO.## DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names# via DNS nslookups. wins support = yes; wins server = w.x.y.z; wins proxy = yes dns proxy = no# --------------------------- Printing Options -----------------------------## Load Printers let you load automatically the list of printers rather# than setting them up individually## Cups Options let you pass the cups libs custom options, setting it to raw# for example will let you use drivers on your Windows clients## Printcap Name let you specify an alternative printcap file## You can choose a non default printing system using the Printing option load printers = yes cups options = raw; printcap name = /etc/printcap #obtain list of printers automatically on SystemV printcap name = cups printing = cups# --------------------------- Filesystem Options ---------------------------## The following options can be uncommented if the filesystem supports# Extended Attributes and they are enabled (usually by the mount option# user_xattr). Thess options will let the admin store the DOS attributes# in an EA and make samba not mess with the permission bits.## Note: these options can also be set just per share, setting them in global# makes them the default for all shares; map archive = no; map hidden = no; map read only = no; map system = no; store dos attributes = yes#============================ Share Definitions ==============================[homes] comment = Home Directories browseable = no writable = yes; valid users = %S; valid users = MYDOMAIN\%S[printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes# Un-comment the following and create the netlogon directory for Domain Logons; [netlogon]; comment = Network Logon Service; path = /var/lib/samba/netlogon; guest ok = yes; writable = no; share modes = no# Un-comment the following to provide a specific roving profile share# the default is to use the user's home directory; [Profiles]; path = /var/lib/samba/profiles; browseable = no; guest ok = yes# A publicly accessible directory, but read only, except for people in# the "staff" group; [public]; comment = Public Stuff; path = /home/samba; public = yes; writable = yes; printable = no; write list = +staff[Share] path = /home/share writable = yes guest ok = yes guest only = yes create mode = 0777 directory mode = 0777 share modes = yes oplocks = No level2 oplocks = No kernel oplocks = No template shell = /bin/false winbind use default domain = no ;option LDAP passdb backend = ldapsam:ldap://127.0.0.1 ldap suffix = dc=solidintra,dc=sn ldap machine suffix = ou=Machines ldap user suffix = ou=Users ldap group suffix = ou=Group ldap admin dn = "cn=baba,dc=solidintra,dc=sn" ldap passwd sync = Yes enable privileges = Yes# Table d'encodage des caractères (je fixe sur celui-là pour avoir le même que sous windows) Unix Charset = ISO8859-15admin users = @Administrators [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writable = no share modes = no browseable = no [profiles] path = /serveur/profiles browseable = no guest ok = yes

Date de la news : le 22/06/2009 à 19:16
URL de la news : http://forums.fedora-fr.org/viewtopic.php?pid=359996#359996

Votre bureau dans Général : Le bist...

impossible accéder fedora ecran noi...

Index du flux

Remonter