abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
×
    dnes 17:11 | Zajímavý článek Ladislav Hagara | Komentářů: 0
    dnes 15:22 | Pozvánky

    Konference LinuxDays 2024 proběhne již tento víkend 12. a 13. října v Praze. Na programu je spousta zajímavých přednášek a workshopů, zástup zajímavých osobností a stánky řady projektů: Fedora, openSUSE, vpsFree.cz, Mozilla, brmlab, OpenAlt a mnoho dalších. Vstup zdarma.

    Ladislav Hagara | Komentářů: 0
    dnes 12:11 | IT novinky Ladislav Hagara | Komentářů: 0
    včera 18:55 | Nová verze

    OpenRazer byl vydán ve verzi 3.9.0. Jedná se o svobodný software, ovladač a démon, umožňující nastavovat klávesnice, notebooky, myši, podložky pod myš, keypady, sluchátka a další zařízení od společnosti Razer na GNU/Linuxu.

    Ladislav Hagara | Komentářů: 0
    včera 01:55 | Nová verze

    Byla vydána verze 3.6 multiplatformního integrovaného vývojového prostředí (IDE) pro rychlý vývoj aplikaci (RAD) ve Free Pascalu Lazarus (Wikipedie). Přehled novinek v poznámkách k vydání. Využíván je Free Pascal Compiler (FPC) 3.2.2.

    Ladislav Hagara | Komentářů: 27
    včera 00:33 | Komunita

    Na čem aktuálně pracují vývojáři GNOME a KDE? Pravidelný přehled novinek v Týden v GNOME a Týden v KDE.

    Ladislav Hagara | Komentářů: 1
    5.10. 15:33 | Nová verze

    Byla vydána nová verze 8.8 multiplatformní digitální pracovní stanice pro práci s audiem (DAW) Ardour. Přehled oprav, vylepšení a novinek v oficiálním oznámení.

    Ladislav Hagara | Komentářů: 1
    5.10. 14:44 | Nová verze

    Byla vydána nová major verze 11.0.0 nástroje mitmproxy určeného pro vytváření interaktivních MITM proxy pro HTTP a HTTPS komunikaci. Přehled novinek v příspěvku na blogu. Vypíchnuta je plná podpora HTTP/3 a vylepšená podpora DNS.

    Ladislav Hagara | Komentářů: 0
    5.10. 05:11 | Nová verze

    Richard Hughes na svém blogu představil nejnovější major verzi 2.0.0 nástroje fwupd umožňujícího aktualizovat firmware zařízení na počítačích s Linuxem. Podrobný přehled novinek v poznámkách k vydání. Přehled podporovaných zařízení, nejnovějších firmwarů a zapojených výrobců na stránkách LVFS (Linux Vendor Firmware Service).

    Ladislav Hagara | Komentářů: 0
    4.10. 15:44 | Zajímavý software

    Počítačová hra Kvark (Steam) od studia Perun Creative dospěla do verze 1.0 (𝕏). Běží také na Linuxu.

    Ladislav Hagara | Komentářů: 5
    Rozcestník

    Dotaz: Windows 7 samba PDC + LDAP

    28.5.2012 17:55 PipBoy2000 | skóre: 4 | blog: UglyHacks
    Windows 7 samba PDC + LDAP
    Přečteno: 4608×
    Dobry den,

    pokusam sa rozbehnut sambu ako PDC prepojenu na LDAP. Uz mi funguje prepojenie ako aj pripojenie k domene a prihlasenie sa do domeny pod Windows XP. Pokial sa chce do domeny pripojit Windows 7 hlasi "The trust relationship between this workstation and the primary domain failed". Pripojenie sietoveho disku pod window 7 funguje.

    Stretol sa uz niekto z podobnym problemom?

    Potrebujem winbind?

    Verzia samby 3.6.3

    Distro Ubuntu 12.04 LTS

    Jadro 3.2.0-24-generic

    na Windows stroji som menil subor lmhosts aby som sa nemusel spoliehat na WINS
    10.0.0.228 NANO-RBF #PRE #DOM:NANO >> %systemroot%\system32\drivers\etc\lmhosts
    10.0.0.228 "NANO           \0x1b" #PRE >> %systemroot%\system32\drivers\etc\lmhosts
    
    a registre:
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters]
    "DomainCompatibilityMode"=dword:00000001
    "DNSNameResolutionRequired"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
    "requiresignorseal"=dword:00000000
    "requirestrongkey"=dword:00000000
    "signsecurechannel"=dword:00000000
    "RequireSignOnSeal"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
    "CompatibleRUPSecurity" = dword:00000001
    
    Samba log
    [2012/05/28 17:14:44.249154,  2] passdb/pdb_ldap.c:553(init_sam_from_ldap)
      init_sam_from_ldap: Entry found for user: virtual-pc$
    [2012/05/28 17:14:44.250458,  2] ../libcli/auth/credentials.c:308(netlogon_creds_server_check_internal)
      credentials check failed
    [2012/05/28 17:14:44.250543,  0] rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3)
      _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client VIRTUAL-PC machine account VIRTUAL-PC$
    
    smb.conf
    #======================= Global Settings =======================
    
    [global]
    
    ## Browsing/Identification ###
    
    # Change this to the workgroup/NT-domain name your Samba server will part of
       workgroup = nanodesign
       netbios name = nano-rbf
       server signing = no
    
       os level = 255
       local master = yes
    
    
    # server string is the equivalent of the NT Description field
       server string = %h server (Samba, Ubuntu)
    
    # Windows Internet Name Serving Support Section:
    # WINS Support - Tells the NMBD component of Samba to enable its WINS Server
       wins support = yes
    
    # WINS Server - Tells the NMBD components of Samba to be a WINS Client
    # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
    ;   wins server = w.x.y.z
    
    # This will prevent nmbd to search for NetBIOS names through DNS.
    ;   dns proxy = yes
    
    # What naming service and in what order should we use to resolve host names
    # to IP addresses
    ;   name resolve order = lmhosts host wins bcast
    
    #### Networking ####
    
    # The specific set of interfaces / networks to bind to
    # This can be either the interface name or an IP address/netmask;
    # interface names are normally preferred
    ;   interfaces = 127.0.0.0/8 eth0
    
    # Only bind to the named interfaces and/or networks; you must use the
    # 'interfaces' option above to use this.
    # It is recommended that you enable this feature if your Samba machine is
    # not protected by a firewall or is a firewall itself.  However, this
    # option cannot handle dynamic or non-broadcast interfaces correctly.
    ;   bind interfaces only = yes
    
    
    
    #### Debugging/Accounting ####
    
    # This tells Samba to use a separate log file for each machine
    # that connects
       log file = /var/log/samba/log.%m
       log level = 2
    
    # Cap the size of the individual log files (in KiB).
       max log size = 1000
    
    # If you want Samba to only log through syslog then set the following
    # parameter to 'yes'.
    #   syslog only = no
    
    # We want Samba to log a minimum amount of information to syslog. Everything
    # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
    # through syslog you should set the following parameter to something higher.
       syslog = 0
    
    # Do something sensible when Samba crashes: mail the admin a backtrace
       panic action = /usr/share/samba/panic-action %d
    
    
    ####### Authentication #######
    
    # "security = user" is always a good idea. This will require a Unix account
    # in this server for every user accessing the server. See
    # /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
    # in the samba-doc package for details.
       security = user
    
    # You may wish to use password encryption.  See the section on
    # 'encrypt passwords' in the smb.conf(5) manpage before enabling.
       encrypt passwords = true
    
    # If you are using encrypted passwords, Samba will need to know what
    # password database type you are using.  
       passdb backend = ldapsam:ldap://localhost
       ldap suffix = dc=nanodesign,dc=sk
       ldap admin dn = cn=admin,dc=nanodesign,dc=sk
    
       ldap machine suffix = ou=Computers
       ldap user suffix = ou=Users
       ldap group suffix = ou=Groups
       ldap idmap suffix = ou=Idmap
       ldap passwd sync = yes
       ldap delete dn = Yes
    
    #   idmap backend = ldap
    #   idmap alloc backend = ldap
    #   idmap uid = 10000-20000
    #   idmap gid = 10000-20000
    #   ldapsam:editposix = yes
    #   ldapsam:trusted = yes
    #   idmap alloc config:ldap_url = ldap://localhost
    #   idmap alloc config:ldap_user_dn = cn=admin,dc=nanodesign,dc=sk
    #   idmap alloc config:ldap_base_dn = ou=idmaps,dc=nanodesign,dc=sk
    
    
    
       # Samba and LDAP server are on the same server in this example.
       ldap ssl = no
    
       # Scripts for Samba to use if it creates users, groups, etc.
       add user script = /usr/sbin/smbldap-useradd -m '%u'
       delete user script = /usr/sbin/smbldap-userdel %u
       add group script = /usr/sbin/smbldap-groupadd -p '%g'
       delete group script = /usr/sbin/smbldap-groupdel '%g'
       add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
       delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
       set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
    
       # Script that Samba users when a PC joins the domain ..
       # (when changing 'Computer Properties' on the PC)
       add machine script = /usr/sbin/smbldap-useradd -w '%u'
    
       # Values used when a new user is created ..
       # (Note: '%L' does not work properly with smbldap-tools 0.9.4-1)
       logon drive = H:
       logon home = \\nano-rfb\%U
       logon path = \\nano-rbf\Profiles\%U
       logon script = logon.bat
    
       # This is required for Windows XP client ..
       server signing = auto
       server schannel = Auto
    
       obey pam restrictions = yes
    
    # This boolean parameter controls whether Samba attempts to sync the Unix
    # password with the SMB password when the encrypted SMB password in the
    # passdb is changed.
       unix password sync = yes
    
       passwd program = /usr/bin/passwd %u
       passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    
    # This boolean controls whether PAM will be used for password changes
    # when requested by an SMB client instead of the program listed in
    # 'passwd program'. The default is 'no'.
       pam password change = yes
    
    # This option controls how unsuccessful authentication attempts are mapped
    # to anonymous connections
       map to guest = bad user
    
    ########## Domains ###########
    
    # Is this machine able to authenticate users. Both PDC and BDC
    # must have this setting enabled. If you are the BDC you must
    # change the 'domain master' setting to no
    #
       domain logons = yes
    #
    # The following setting only takes effect if 'domain logons' is set
    # It specifies the location of the user's profile directory
    # from the client point of view)
    # The following required a [profiles] share to be setup on the
    # samba server (see below)
    ;   logon path = \\%N\profiles\%U
    # Another common choice is storing the profile in the user's home directory
    # (this is Samba's default)
    #   logon path = \\%N\%U\profile
    
    # The following setting only takes effect if 'domain logons' is set
    # It specifies the location of a user's home directory (from the client
    # point of view)
    ;   logon drive = H:
    #   logon home = \\%N\%U
    
    # The following setting only takes effect if 'domain logons' is set
    # It specifies the script to run during logon. The script must be stored
    # in the [netlogon] share
    # NOTE: Must be store in 'DOS' file format convention
    ;   logon script = logon.cmd
    
    # This allows Unix users to be created on the domain controller via the SAMR
    # RPC pipe.  The example command creates a user account with a disabled Unix
    	# password; please adapt to your needs
    ; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
    
    # This allows machine accounts to be created on the domain controller via the 
    # SAMR RPC pipe.  
    # The following assumes a "machines" group exists on the system
    ; add machine script  = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
    
    # This allows Unix groups to be created on the domain controller via the SAMR
    # RPC pipe.  
    ; add group script = /usr/sbin/addgroup --force-badname %g
    
    ########## Printing ##########
    
    # If you want to automatically load your printer list rather
    # than setting them up individually then you'll need this
    #   load printers = yes
    
    # lpr(ng) printing. You may wish to override the location of the
    # printcap file
    ;   printing = bsd
    ;   printcap name = /etc/printcap
    
    # CUPS printing.  See also the cupsaddsmb(8) manpage in the
    # cupsys-client package.
    ;   printing = cups
    ;   printcap name = cups
    
    ############ Misc ############
    
    # Using the following line enables you to customise your configuration
    # on a per machine basis. The %m gets replaced with the netbios name
    # of the machine that is connecting
    ;   include = /home/samba/etc/smb.conf.%m
    
    # Most people will find that this option gives better performance.
    # See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/speed.html
    # for details
    # You may want to add the following on a Linux system:
    #         SO_RCVBUF=8192 SO_SNDBUF=8192
    #   socket options = TCP_NODELAY
    
    # The following parameter is useful only if you have the linpopup package
    # installed. The samba maintainer and the linpopup maintainer are
    # working to ease installation and configuration of linpopup and samba.
    ;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
    
    # Domain Master specifies Samba to be the Domain Master Browser. If this
    # machine will be configured as a BDC (a secondary logon server), you
    # must set this to 'no'; otherwise, the default behavior is recommended.
       domain master = Yes
    
    # Some defaults for winbind (make sure you're not using the ranges
    # for something else.)
    ;   idmap uid = 10000-20000
    ;   idmap gid = 10000-20000
    ;   template shell = /bin/bash
    
    # The following was the default behaviour in sarge,
    # but samba upstream reverted the default because it might induce
    # performance issues in large organizations.
    # See Debian bug #368251 for some of the consequences of *not*
    # having this setting and smb.conf(5) for details.
    ;   winbind enum groups = yes
    ;   winbind enum users = yes
    
    # Setup usershare options to enable non-root users to share folders
    # with the net usershare command.
    
    # Maximum number of usershare. 0 (default) means that usershare is disabled.
    ;   usershare max shares = 100
    
    # Allow users who've been granted usershare privileges to create
    # public shares, not just authenticated ones
       usershare allow guests = yes
    
    #======================= Share Definitions =======================
    
    # Un-comment the following (and tweak the other settings below to suit)
    # to enable the default home directory shares. This will share each 
    # user's home director as \\server\username
    ;[homes]
    ;   comment = Home Directories
    ;   browseable = no
    
    # By default, the home directories are exported read-only. Change the
    # next parameter to 'no' if you want to be able to write to them.
    ;   read only = yes
    
    # File creation mask is set to 0700 for security reasons. If you want to
    # create files with group=rw permissions, set next parameter to 0775.
    ;   create mask = 0700
    
    # Directory creation mask is set to 0700 for security reasons. If you want to
    # create dirs. with group=rw permissions, set next parameter to 0775.
    ;   directory mask = 0700
    
    # By default, \\server\username shares can be connected to by anyone
    # with access to the samba server. Un-comment the following parameter
    # to make sure that only "username" can connect to \\server\username
    # The following parameter makes sure that only "username" can connect
    #
    # This might need tweaking when using external authentication schemes
    ;   valid users = %S
    
    # Un-comment the following and create the netlogon directory for Domain Logons
    # (you need to configure Samba to act as a domain controller too.)
    ;[netlogon]
    ;   comment = Network Logon Service
    ;   path = /home/samba/netlogon
    ;   guest ok = yes
    ;   read only = yes
    
    # Un-comment the following and create the profiles directory to store
    # users profiles (see the "logon path" option above)
    # (you need to configure Samba to act as a domain controller too.)
    # The path below should be writable by all users so that their
    # profile directory may be created the first time they log on
    ;[profiles]
    ;   comment = Users profiles
    ;   path = /home/samba/profiles
    ;   guest ok = no
    ;   browseable = no
    ;   create mask = 0600
    ;   directory mask = 0700
    
    #[printers]
    #   comment = All Printers
    #   browseable = no
    #   path = /var/spool/samba
    #   printable = yes
    #   guest ok = no
    #   read only = yes
    #   create mask = 0700
    
    # Windows clients look for this share name as a source of downloadable
    # printer drivers
    #[print$]
    #   comment = Printer Drivers
    #   path = /var/lib/samba/printers
    #   browseable = yes
    #   read only = yes
    #   guest ok = no
    # Uncomment to allow remote administration of Windows print drivers.
    # You may need to replace 'lpadmin' with the name of the group your
    # admin users are members of.
    # Please note that you also need to set appropriate Unix permissions
    # to the drivers directory for these users to have write rights in it
    ;   write list = root, @lpadmin
    
    # A sample share for sharing your CD-ROM with others.
    ;[cdrom]
    ;   comment = Samba server's CD-ROM
    ;   read only = yes
    ;   locking = no
    ;   path = /cdrom
    ;   guest ok = yes
    
    # The next two parameters show how to auto-mount a CD-ROM when the
    #	cdrom share is accesed. For this to work /etc/fstab must contain
    #	an entry like this:
    #
    #       /dev/scd0   /cdrom  iso9660 defaults,noauto,ro,user   0 0
    #
    # The CD-ROM gets unmounted automatically after the connection to the
    #
    # If you don't want to use auto-mounting/unmounting make sure the CD
    #	is mounted on /cdrom
    #
    ;   preexec = /bin/mount /cdrom
    ;   postexec = /bin/umount /cdrom
    
    [homes]
            comment = Home Directories
            valid users = %S
            read only = No
            browseable = No
    #	path = /data/samba/home/%u
    
    [netlogon]
            comment = Network Logon Service
            path = /data/samba/netlogon
            admin users = root
            guest ok = Yes
            browseable = No
    
    [Profiles]
            comment = Roaming Profile Share
            # would probably change this to elsewhere in a production system ..
            path = /data/samba/profiles
            read only = No
            profile acls = Yes
            browsable = No
    
    [test-share]
    	comment = FU
    	path = /data/test
    	valid users = @test1
    	admin users = @test2
    	browsable = Yes
    	writeable = yes
    
    
    Dakujem

    Řešení dotazu:


    Odpovědi

    28.5.2012 18:28 PipBoy2000 | skóre: 4 | blog: UglyHacks
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Tak podla http://wiki.samba.org/index.php/Windows7 som zmenil registre:
           HKLM\System\CCS\Services\Netlogon\Parameters
               DWORD  RequireSignOrSeal = 1
               DWORD  RequireStrongKey = 1
    
    a vyskytla sa nova chyba! Po uspesnom pridani pocitaca do domeny (a restarte) windows po pokuse o prihlasenie do domeny "there are currently no logon servers available to service the logon request"

    smb log
    [2012/05/28 18:22:48.127657,  2] lib/smbldap.c:1018(smbldap_open_connection)
      smbldap_open_connection: connection opened
    [2012/05/28 18:22:48.130438,  2] auth/token_util.c:479(finalize_local_nt_token)
      WARNING: Failed to create BUILTIN\Users group! Can Winbind allocate gids
    
    aku ulohu tu hra winbind? Predtym na XP stanici sa mi podarilo prihlasit aj bez toho aby som ho instaloval.
    28.5.2012 19:52 Arno3t | skóre: 23 | Uherské Hradiště
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Samba je skvělý SW, bohužel mám pocit, že je se třeba sžít s každou používanou verzí. Používám podobně konfigurovaný server s verzí samby 3.5.6 na Debianu Lenny jen Idmap mam na tdb (žádná zmínka v smb.conf). Winbind by neměl hrát roli v rozdílu mezi Windows 7 a XP, ostatně v logu máte pouze warning. Osobně bych problém spíš očekával ve jmenných servisech (DNS, nmb). Přiložím vám sem můj fungující smb.conf, třeba vám to pomůže. Účty v LDAP včetně počítačových vždy vytvářím předem přes webové rozhraní pomocí ldap account manageru.
    # Global parameters
    [global]
    	workgroup = MELOUNY
    	netbios name = HRACH
    	security = user
    	enable privileges = yes
    	interfaces = eth0, lo
    	username map = /etc/samba/smbusers
    	server string = hrach Samba
    	#security = ads
    	encrypt passwords = Yes
    	#pam password change = no
    	obey pam restrictions = No
    
    
    	# method 2:
    	unix password sync = yes
    	ldap passwd sync = no
    	passwd program = /usr/sbin/smbldap-passwd -u "%u"
    	passwd chat = "Changing *\nNew password*" %n\n "*Retype new password*" %n\n"
    
    	log level = 0
    	syslog = 0
    	log file = /var/log/samba/log.%U
    	max log size = 100000
    	time server = Yes
    	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    	mangling method = hash2
    ;	Dos charset = 850
    ;	Unix charset = LOCALE
    
    	logon script = logon.bat
    	logon drive = H:
            logon home = 
            logon path = 
    
    	domain logons = Yes
    	domain master = Yes
    	os level = 65
    	preferred master = Yes
    	wins support = yes
    	# passdb backend = ldapsam:"ldap://ldap1.company.com ldap://ldap2.company.com"
    	passdb backend = ldapsam:"ldap://127.0.0.1/"
    	ldap admin dn = cn=admin,dc=melouny,dc=eu
    	ldap ssl = Off
    	ldap suffix = dc=melouny,dc=eu
            ldap group suffix = ou=Groups
            ldap user suffix = ou=People
            ldap machine suffix = ou=Computers
    	#ldap idmap suffix = ou=Idmap
            add user script = /usr/sbin/smbldap-useradd -m "%u"
            #ldap delete dn = Yes
            delete user script = /usr/sbin/smbldap-userdel "%u"
            add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
            add group script = /usr/sbin/smbldap-groupadd -p "%g" 
            #delete group script = /usr/sbin/smbldap-groupdel "%g"
            add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
            delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
    	set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
    
    	# printers configuration
    	load printers = Yes
    	create mask = 0640
    	directory mask = 0750
    	#force create mode = 0640
    	#force directory mode = 0750
    	nt acl support = No
    	printing = cups
    	printcap name = cups
    	deadtime = 10
    	guest account = nobody
    	map to guest = Bad User
    	dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
    	show add printer wizard = yes
    	; to maintain capital letters in shortcuts in any of the profile folders:
    	preserve case = yes
    	short preserve case = yes
    	case sensitive = no
    
    [netlogon]
    	path = /home/netlogon/
    	browseable = No
    	read only = yes
    
    [profiles]
    	path = /home/profiles
    	read only = no
    	create mask = 0600
    	directory mask = 0700
    	browseable = No
    	guest ok = Yes
    	profile acls = yes
    	csc policy = disable
    	nt acl support = yes
    	invalid users = secur
    	# next line is a great way to secure the profiles 
    	#force user = %U 
    	# next line allows administrator to access all profiles 
    	#valid users = %U "Domain Admins"
    
    [printers]
            comment = Network Printers
            path = /var/spool/samba
            browseable = No
            guest ok = yes 
            read only  = Yes
            printable = Yes
    	use client driver = Yes
    
    [print$]
            path = /home/printers
            guest ok = No
            browseable = Yes
            read only = Yes
            valid users = @"Print Operators"
            write list = @"Print Operators"
            create mask = 0664
            directory mask = 0775
    
    [homes]
    comment = Home Directories
    valid users = %S
    read only = No
    browseable = No
    
    [public]
    comment = testACL
    path=/home/public
    guest ok = yes
    read only = No
    browseable = yes
    create mode = 0664
    directory mask = 0775
    nt acl support = yes
    
    [securdata]
    comment = Uctujeme
    path=/home/Nehoda
    read only = no
    create mask = 0660
    directory mask = 0770
    force group = securg
    browseable = Yes
    guest ok = Yes
    valid users = @securg,secur,spravce
    nt acl support = yes
    
    28.5.2012 20:09 PipBoy2000 | skóre: 4 | blog: UglyHacks
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Pracovne stanice ste vobec neupravovali?

    Z WINS/DNS/nmb by problemy byt nemali kedze som manualne upravoval lmhosts a nastavil domenu a kontroler napevno, jedine ze by to windows pri prihlasovani ignoroval
    28.5.2012 22:03 Arno3t | skóre: 23 | Uherské Hradiště
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Ve W7 upravuji pouze prvni dva zminene registry.
    H0ax avatar 29.5.2012 09:18 H0ax | skóre: 36 | blog: Odnikud_nikam
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    je potřeba provést jedinou věc a to před připojením pc do domény vypnout změnu hesla účtu počítače po 30 dnech (30 dní to jede, pak se pc pokusí změnit heslo a neuspěje, pak je trust relationship v řiti)
    uid=0(root) gid=0(root) skupiny=0(root)
    29.5.2012 10:14 PipBoy2000 | skóre: 4 | blog: UglyHacks
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Vďaka za typ.

    Ale zatiaľ sa mi nedá prihlásiť do domény. Nakoľko nevie nájsť kontrolér.
    Řešení 1× (PipBoy2000 (tazatel))
    29.5.2012 10:39 VP | skóre: 9
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    Jediné co je potřeba změnit v registru windows 7 je toto:
    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters]
    "DNSNameResolutionRequired"=dword:00000000
    "DomainCompatibilityMode"=dword:00000001
    
    Pak vidí doménu a můžou se přihlásit.
    29.5.2012 17:25 PipBoy2000 | skóre: 4 | blog: UglyHacks
    Rozbalit Rozbalit vše Re: Windows 7 samba PDC + LDAP
    nakoniec som reinstaloval windows 7, nahral lmhosts a zmenil tieto 2 registre a nabehlo to

    Dakujem

    Založit nové vláknoNahoru

    Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

    ISSN 1214-1267   www.czech-server.cz
    © 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.