Компьютерный форум OSzone.net  

Компьютерный форум OSzone.net (http://forum.oszone.net/index.php)
-   Общий по Linux (http://forum.oszone.net/forumdisplay.php?f=9)
-   -   Ввод машин в домен ldap - отказано в доступе (http://forum.oszone.net/showthread.php?t=227092)

dogtown 05-02-2012 12:25 1852148
Ввод машин в домен ldap - отказано в доступе
 
Всем привет, настроил ldap server на opensuse 12 по этому мануалуhttp://ru.opensuse.org/SDB:Samba_%D0...D0.B0_openLDAP
Вроде все работает, но при попытке ввести компьютер с windows (server 08 и xp sp3) выпадает сообщение:
Не удалось выполнить операцию присоединения. итд итп. Отказано в доступе
скрин: http://SSMaker.Ru/91cc3dd2/
Что я сделал не так? У кого-нибудь бывали похожие проблемы?

dogtown 05-02-2012 13:34 1852177
smb.conf:

[global]
workgroup = msvolga.local
passdb backend = ldapsam:ldap://localhost
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
idmap gid = 10000-20000
idmap uid = 10000-20000
security = user
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
domain logons = Yes
domain master = Yes
idmap backend = ldap:ldap://localhost
ldap admin dn = cn=Admin,DC=msvolga,DC=local
ldap delete dn = No
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Machines
ldap passwd sync = Yes
ldap replication sleep = 1000
ldap ssl = No
ldap suffix = DC=msvolga,DC=local
ldap timeout = 5
ldap user suffix = ou=Users
local master = Yes
netbios name = VIRTSERVER
os level = 65
preferred master = Yes
wins support = Yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root


Время: 02:24.

Время: 02:24.
© OSzone.net 2001-