authentification LDAP Samba
Bonjour,
J'ai un annuaire LDAP sur un serveur (SME) et FreeNas est configuré pour accéder à cet annuaire.
Lorsque je fais un getent passwd, j'ai bien mes utilisateurs et mes groupes de mon annuaire LDAP:
Lorsque je visualise les partages:
Le probléme est que je n'arrive pas à accéder au dossier Commun:
Voici la conf du serveur Samba:
Est-ce que quelqu'un à une idée ?
Bonjour,
J'ai un annuaire LDAP sur un serveur (SME) et FreeNas est configuré pour accéder à cet annuaire.
Lorsque je fais un getent passwd, j'ai bien mes utilisateurs et mes groupes de mon annuaire LDAP:
Code:
[root@freenas] /# getent passwd root:$1$LbHHiVgb$xtZQmNYScd2XcgQKKdsXS1:0:0:FreeNAS root:/root:/bin/csh daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin operator:*:2:5:System &:/:/usr/sbin/nologin bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin kmem:*:5:2:KMem Sandbox:/:/usr/sbin/nologin games:*:7:13:Games pseudo-user:/:/usr/sbin/nologin news:*:8:8:News Subsystem:/:/usr/sbin/nologin man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin avahi:*:200:200:avahi user:/nonexistent:/usr/sbin/nologin messagebus:*:201:201:messagebus user:/nonexistent:/usr/sbin/nologin ftp:*:14:14::/nonexistent:/bin/csh admin:$1$GM0cnRwL$vEkKHDWIVG8cHaA6YF6lm0:101:101:Local Administrator:/home/e-smith:/bin/sh www:!*:102:102:e-smith web server:/home/e-smith:/bin/sh toto:$1$gMz9tm13$7OiHpxtTwO7308q.I03Yx1:5000:5000:Eric Djerou:/home/e-smith/files/users/edjerou:/bin/sh informatique:!*:5001:5001:service informatique:/home/e-smith:/bin/sh commun:!*:5002:5002:dossier commun:/home/e-smith/files/ibays/commun/files:/bin/sh administrateurs:*:5003:5003:groupe admin:/home/e-smith:/bin/sh guest:!*:5004:5004:guest guest:/home/e-smith/files/users/guest:/bin/sh
Lorsque je visualise les partages:
Code:
smbclient -L 192.168.133.108
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated
Enter root's password:
Domain=[MONDOMAINE] OS=[Unix] Server=[Samba 3.6.1]
Sharename Type Comment
--------- ---- -------
Commun Disk
IPC$ IPC IPC Service (NAS Server)
Domain=[MONDOMAINE] OS=[Unix] Server=[Samba 3.6.1]
Server Comment
--------- -------
NAS_SERVER NAS Server
Workgroup Master
--------- -------
MONDOMAINE SME8
Le probléme est que je n'arrive pas à accéder au dossier Commun:
Code:
[root@freenas] /# smbclient //192.168.133.108/Commun WARNING: The "idmap uid" option is deprecated WARNING: The "idmap gid" option is deprecated Enter root's password: Domain=[MONDOAMINE] OS=[Unix] Server=[Samba 3.6.1] tree connect failed: NT_STATUS_ACCESS_DENIED
Code:
[root@freenas] /# smbclient admin//192.168.133.108/Commun WARNING: The "idmap uid" option is deprecated WARNING: The "idmap gid" option is deprecated Enter root's password: Connection to (null) failed (Error NT_STATUS_BAD_NETWORK_NAME)
Voici la conf du serveur Samba:
Code:
[root@freenas] /# testparm
Load smb config files from /usr/local/etc/smb.conf
max_open_files: increasing sysctl_max (3463) to minimum Windows limit (16384)
rlimit_max: increasing rlimit_max (3463) to minimum Windows limit (16384)
WARNING: The "idmap uid" option is deprecated
WARNING: The "idmap gid" option is deprecated
Processing section "[Commun]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
dos charset = CP437
workgroup = MONDOMAINE
netbios name = NAS_SERVER
server string = NAS Server
map to guest = Bad Password
smb passwd file = /var/etc/private/smbpasswd
private dir = /var/etc/private
passdb backend = ldapsam:ldap://192.168.133.107
syslog = 0
syslog only = Yes
max log size = 10
large readwrite = No
max xmit = 65535
time server = Yes
deadtime = 15
load printers = No
printcap name = /dev/null
disable spoolss = Yes
dns proxy = No
ldap admin dn = cn=root,dc=mondomaine,dc=local
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap passwd sync = yes
ldap suffix = dc=mondomaine,dc=local
ldap ssl = no
ldap user suffix = ou=Users
idmap config * : range = 10000-39999
ldapsam:trusted = yes
idmap config * : backend = tdb
create mask = 0666
directory mask = 0777
aio read size = 1
aio write size = 1
use sendfile = Yes
store dos attributes = Yes
strict locking = No
[Commun]
path = /mnt/DATS/Commun
read only = No
inherit permissions = Yes
inherit acls = Yes
inherit owner = Yes
hosts allow = 192.168.133.0/24
veto files = /.snap/.windows/
map archive = No
map readonly = no
nfs4:chown = yes
nfs4:acedup = merge
nfs4:mode = special
Est-ce que quelqu'un à une idée ?
