<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.10.1">
</HEAD>
<BODY>
salve galera,<BR>
<BR>
Estou com problemas com o samba integrado com o LDAP.<BR>
<BR>
Os usuários login normalmente normalmente, mas somente o root ou o administrador conseguem acessar os compartilhamentos no servidor, os outros usuários (do grupo Usuários do Domínio) não acessam nem as suas pastas home, fica pedindo senha novamente (no Rwindows).<BR>
<BR>
Segue o LOG do samba com o erro:<BR>
<BR>
[2006/07/25 22:13:08, 0] smbd/service.c:make_connection(800)<BR>
172.16.16.13 (172.16.16.13) couldn't find service arquivos<BR>
[2006/07/25 22:13:10, 0] smbd/service.c:make_connection(800)<BR>
172.16.16.13 (172.16.16.13) couldn't find service arquivos<BR>
[2006/07/25 22:13:22, 0] smbd/service.c:make_connection_snum(620)<BR>
'/home/PASTA' does not exist or is not a directory, when connecting to [pasta]<BR>
<BR>
<BR>
Segue o meu smb.conf:<BR>
<BR>
<BR>
# Global parameters<BR>
[global]<BR>
workgroup = PILOTO<BR>
server string = Servidor Samba LDAP<BR>
netbios name = LDAP<BR>
#unix password sync = yes<BR>
#ldap password sync = yes<BR>
ldap delete dn = yes<BR>
log file = /var/log/samba/samba.log<BR>
max log size = 50<BR>
time server = Yes<BR>
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192<BR>
# logon script = %u.bat<BR>
#logon script = login.bat<BR>
#logon path = \\server\profiles\%u<BR>
#logon drive = \\server\profiles\%U<BR>
logon path =<BR>
logon drive =<BR>
domain logons = yes<BR>
os level = 130<BR>
preferred master = yes<BR>
domain master = yes<BR>
dns proxy = no<BR>
wins support = yes<BR>
ldap ssl = no<BR>
keepalive = 60<BR>
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192<BR>
read raw = no<BR>
name resolve order = lmhosts wins hosts bcast<BR>
# passwd program = /usr/bin/passwd %u<BR>
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*<BR>
security = user<BR>
<BR>
passdb backend = ldapsam:ldap://127.0.0.1/<BR>
add user script = /usr/sbin/smbldap-useradd -m "%u"<BR>
delete user script = /usr/sbin/smbldap-userdel "%u"<BR>
add group script = /usr/sbin/smbldap-groupadd -p "%g"<BR>
delete group script = /usr/sbin/smbldap-groupdel "%g"<BR>
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"<BR>
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"<BR>
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"<BR>
# add machine script = /usr/sbin/smbldap-useradd -i -g 515 -w "%u"<BR>
add machine script = /usr/sbin/smbldap-useradd -w -i "%u"<BR>
<BR>
ldap suffix = dc=ldap,dc=clemar<BR>
ldap machine suffix = ou=Computadores<BR>
ldap user suffix = ou=Usuarios<BR>
ldap group suffix = ou=Grupos<BR>
ldap idmap suffix = ou=Idmap<BR>
ldap admin dn = cn=tecjump,dc=ldap,dc=clemar<BR>
idmap backend = ldap:ldap://127.0.0.1<BR>
# idmap uid = 10000-20000<BR>
# idmap gid = 10000-20000<BR>
<BR>
<BR>
<BR>
admin users = administrador root<BR>
<BR>
#winbind enum users = yes<BR>
#winbind enum groups = yes<BR>
<BR>
<BR>
### ACL<BR>
inherit acls = Yes<BR>
map acl inherit = Yes<BR>
nt acl support = yes<BR>
#inherit permissions = Yes<BR>
#acl compatibility = win2k<BR>
<BR>
#### Erro "Unable to unmarshall SAMR_Q_SET_USERINFO"<BR>
#profile acls = yes<BR>
####<BR>
<BR>
<BR>
<BR>
<BR>
[homes]<BR>
comment = Diretorio de Usuarios<BR>
read only = No<BR>
create mask = 0700<BR>
browseable = Yes<BR>
<BR>
#[netlogon]<BR>
# path = /home/samba/netlogon<BR>
# guest ok = Yes<BR>
<BR>
<BR>
#[profiles]<BR>
# path = /home/samba/profiles<BR>
# browseable = no<BR>
# read only = no<BR>
# guest ok = yes<BR>
# writable = yes<BR>
# directory mask = 0700<BR>
# create mask = 0600<BR>
# profile acls = yes<BR>
# nt acl support = yes<BR>
# csc policy = disable<BR>
# force user = %U<BR>
# valid users = %U @"Domain Admins"<BR>
<BR>
<BR>
[dados]<BR>
comment = DADOS Compartilhados do Servidor<BR>
path = /arquivos/dados<BR>
browseable = yes<BR>
public = yes<BR>
read only = no<BR>
writable = yes<BR>
# force user = administrador<BR>
# force group = 512<BR>
# create mask = 0770<BR>
# directory mask = 0770<BR>
<BR>
<BR>
[pasta]<BR>
comment = DADOS Compartilhados do Servidor<BR>
path = /home/PASTA<BR>
browseable = yes<BR>
public = yes<BR>
read only = no<BR>
writable = yes<BR>
# force user = administrador<BR>
# force group = 512<BR>
# create mask = 0770<BR>
# directory mask = 0770<BR>
### ACL<BR>
#inherit acls = Yes<BR>
#map acl inherit = Yes<BR>
#nt acl support = yes<BR>
#inherit permissions = Yes<BR>
#acl compatibility = win2k<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
Grato,<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
########################################<BR>
#!/bin/bash<BR>
nome="Sergio Cioban Filho"<BR>
cargo="Administrador Linux"<BR>
email="sergio@tecjump.com.br"<BR>
certificacao="Linux Professional Institute - Level 1"<BR>
export nome cargo email certificacao<BR>
exit 0<BR>
########################################
</TD>
</TR>
</TABLE>
</BODY>
</HTML>