dawidson Napisano Maj 2, 2005 Zgłoszenie Share Napisano Maj 2, 2005 Witam, Problem polega na tym, odpalilem sambe Pieknie w firmie działa to dlaczego nie w domciu Ustawiłem ją jako kontroler domeny itd.. Dodałem uzytkownika smbpasswd -a root i pieknie dodał stworzył pliki z użytkownikami itd. Plik mam skonfigurowany tak --------------------------------------------------------------------------- ---------- [global] # workgroup = NT-Domain-Name or Workgroup-Name netbios name = database workgroup = test.pl # server string is the equivalent of the NT Description field server string = Samba Server %v interfaces = 192.168.0.50/255.255.255.0 # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # all log information in one file log file = /var/log/samba/smbd.log # Put a capping on the size of the log files (in Kb). max log size = 50 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents smb passwd file = /etc/samba/smbpasswd encrypt passwords = yes hosts allow = 192.168.0. 127. # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 64 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = yes #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writeable = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /etc/samba/netlogon guest ok = yes # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [Profiles] path = /samba/profiles browseable = no guest ok = yes [sambatest] comment = Katalog udostepniony path = /sambatest writeable = yes guest ok = yes --------------------------------------------------------------------------- ----- Kiedy przezucam sie na maszyne xp i chce dodac ja do domeny to loguje sie jako root podaje haslo a on mi wyswietla ze nie ma takiego uzytkownika lub zle haslo Juz sie pooddaje przeszukalem cale google chyba Kiedy dodam znowu jeszcze jednego uzytkownika np daw i haslo to kiedy tym uzytkownikiem chce dodac to mowi ze brak dostepu Co jest nie tak Jedynie z drugim uzytkownikiem jest wpis w logach ze init print ACCESS_DENIED Na maszynie xp jest uzytkownik z uprawnieniami admina Jezeli chodzi o plik smbusers jest wpis root=Administrator Admin Czy ktos spotkal sie z tym problemem Czego tu brakuje Odnośnik do komentarza Udostępnij na innych stronach More sharing options...
ati Napisano Maj 2, 2005 Zgłoszenie Share Napisano Maj 2, 2005 Żeby korzystać z logowania do domeny w Windows 2000/XP/2003 należy posiadać konto zwykłe konto na serwerze będącym podstawowym kontrolerem domeny (PDC) oraz owe konto musi być uaktywnione jako konto SMB. Owe konto SMB posiada inne hasło mimo tego samego loginu jak na zwykłym koncie, gdyż baza haseł miedzy nimi nie jest synchronizowana. Dodatkowo Windows 2000/XP/2003 wymaga posiadania tzw. konta zaufania maszyny. Test to specjalny rodzaj konta na serwerze charakteryzujący się m.in. tym że musi mięć koniecznie tą sama nazwę co nazwa twojego komputera w sieci LAN (tzw. nazwa NetBiosowa) i służy tylko do Logowania do domeny dla Windows 2000/XP/2003 czyli opartych na rodzinie Windows NT. Jeśli używasz Windows XP musisz pobrać i zaaplikować dla twojego systemu poniższy plik rejestru: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requiresignorseal"=dword:00000000 dodanie konta zaufania maszyny /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u Dokładniej poczytaj sobie na banita.pl Odnośnik do komentarza Udostępnij na innych stronach More sharing options...
dawidson Napisano Maj 4, 2005 Autor Zgłoszenie Share Napisano Maj 4, 2005 tak jest ok. przeczytałem ale nadal nie znajduje użytkownika Podczas dąłączenia do domeny jest komunikat Nie można odnalezc uzytkownika. Zmieniłem plik samby i (_wziołem_ → wziąłem) ORT z firmy taki jaki jest na mandrake? który działa bez problemów: #======================= Global Settings ===================================== [global] # 1. Server Naming Options: # workgroup = NT-Domain-Name or Workgroup-Name workgroup = test.pl # netbios name is the name you will see in "Network Neighbourhood", # but defaults to your hostname ; netbios name = <name_of_this_server> # server string is the equivalent of the NT Description field server string = Samba Server %v # Message command is run by samba when a "popup" message is sent to it. # The example below is for use with LinPopUp: ; message command = /usr/bin/linpopup "%f" "%m" %s; rm %s # 2. Printing Options: # CHANGES TO ENABLE PRINTING ON ALL CUPS PRINTERS IN THE NETWORK # (as cups is now used in linux-mandrake 7.2 by default) # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = cups load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx, cups printing = cups # Samba 2.2 supports the Windows NT-style point-and-print feature. To # use this, you need to be able to upload print drivers to the samba # server. The printer admins (or root) may install drivers onto samba. # Note that this feature uses the print$ share, so you will need to # enable it below. # printer admin = @<group> <user> printer admin = @adm # This should work well for winbind: ; printer admin = @"Domain Admins" # 3. Logging Options: # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Set the log (verbosity) level (0 <= log level <= 10) ; log level = 3 # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # Allow users to map to guest: map to guest = bad user # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server or security = domain # When using security = domain, you should use password server = * ; password server = <NT-Server-Name> ; password server = * encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd template homedir = /home/%D/%U # 5. Browser Control and Networking Options: # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 65 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # 6. Domain Control Options: # Enable this if you want Samba to be a domain logon server for # Windows95 workstations or Primary Domain Controller for WinNT and Win2k domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) logon script = %m.bat # run a specific logon batch file per username logon script = %U.bat # Where to store roaming profiles for WinNT and Win2k # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below logon path = \\%L\Profiles\%U # Where to store roaming profiles for Win9x. Be careful with this as it also # impacts where Win2k finds it's /HOME share logon home = \\%L\%U\.profile # The add user script is used by a domain member to add local user accounts # that have been authenticated by the domain controller, or when adding # users via the Windows NT Tools (ie User Manager for Domains). # Scripts for file (passwd, smbpasswd) backend: add user script = /usr/sbin/useradd -s /bin/false '%u' delete user script = /usr/sbin/userdel '%s' add user to group script = /usr/bin/gpasswd -a '%u' '%g' delete user from group script = /usr/bin/gpasswd -d '%u' '%g' set primary group script = /usr/sbin/usermod -g '%g' '%u' add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F: '{print $3}' delete group script = /usr/sbin/groupdel '%g' # The add machine script is use by a samba server configured as a domain # controller to add local machine accounts when adding machines to the domain. # The script must work from the command line when replacing the macros, # or the operation will fail. Check that groups exist if forcing a group. # Script for domain controller for adding machines: add machine script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u # Script for domain controller with LDAP backend for adding machines (please # configure in /etc/samba/smbldap_conf.pm first): ; add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d /dev/null -g machines -c 'Machine Account' -s /bin/false %u # Domain groups: # Domain groups are now configured by using the 'net groupmap' tool # Samba Password Database configuration: # Samba now has runtime-configurable password database backends. Multiple # passdb backends may be used, but users will only be added to the first one # Default: passdb backend = smbpasswd guest dns proxy = no dos charset = 852 unix charset = ISO8859-2 #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no #Uncomment the following 2 lines if you would like your login scripts to #be created dynamically by ntlogon (check that you have it in the correct #location (the default of the ntlogon rpm available in contribs) root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba/netlogon root postexec = rm -f /var/lib/samba/netlogon/%U.bat # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [Profiles] path = /etc/samba/profiles browseable = no guest ok = yes # This script can be enabled to create profile directories on the fly # You may want to turn off guest acces if you enable this, as it # hasn't been thoroughly tested. root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e $PROFILE ]; \ then mkdir -pm700 $PROFILE; chown %u.%g $PROFILE;fi # ===================================== # print command: see above for details. # ===================================== print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. [pdf-generator] path = /var/tmp guest ok = No printable = Yes comment = PDF Generator (only valid users) #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP & print command = /usr/share/samba/scripts/print-pdf %s ~%u //%L/%u %m %I "%J" & # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. [pchome] comment = PC Directories path = /usr/pc/%m public = no writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. [interbase] [sambatest] comment = arix pliki path = /sambatest public = yes ; only guest = yes writable = yes admin users=arix create mask = 777 directory mask = 777 force create mode = 777 ; printable = no Odnośnik do komentarza Udostępnij na innych stronach More sharing options...
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się