Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!

Ogłoszenie

Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.

#1  2010-06-07 23:18:58

  BlackHat - Użytkownik

BlackHat
Użytkownik
Zarejestrowany: 2010-05-24

[solved] Samba + SLAPD, domena "okreslona nazwa...."

EDIT:
Już wszystko w porządku, problemem tyczył się praw dostępu.
Dziękuje za pomoc :)
Witam,
Staram się uruchomić domenę NT(moje dokumenty na serwerze).
Od dwoch dni probuję to postawić. Korzystałem z artykułu dostępnego na starym DUG'u. Wykonywałem wszystko krok po kroku, niestety podczas podłączania do domeny(win xp) wyskakuje komunikat:

"okreslona nazwa sieciowa jest juz niedostepna"

wcześniej prosi o login i hasło osoby uprawnionej do dołączania do domeny, podaje konto root.
Siedzę z tymi plikami konfiguracyjnymi i nie mogę znaleźć przyczyny.
Poniżej zamieszczam pliki konfiguracyjne:
smb.conf:

Kod:

[global]
# podstawowe opcje konfiguracji serwera
workgroup = klos.com.pl
netbios name = test-pdc
server string = Samba PDC
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

os level = 65
preferred master = yes
local master = yes
domain master = yes
domain logons = yes

security = user
guest ok = no
encrypt passwords = true
null passwords = no

# hosts allow LAN 
hosts allow = 127.0.0.1 10.0.0.0/255.255.255.0
wins support = yes
name resolve order = wins lmhosts host bcast
dns proxy = no

log file = /var/log/samba/log.%m
log level = 2
syslog = 0
max log size = 50
hide unreadable = yes
hide dot files = yes

# konfiguracja LDAP
passdb backend = ldapsam:ldap://192.168.1.24
ldap suffix = dc=klos,dc=com,dc=pl
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = cn=admin,dc=klos,dc=com,dc=pl
enable privileges = yes

logon home = \%L%U.profile
logon drive = U:
logon path = \%Lprofiles%U
logon script = netlogon.bat OR %U.bat

# Do ldap passwd sync
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %nn *Retype*new*password* %nn *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

#polskie znaki
unix charset = ISO8859-2
dos charset = CP852

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = no
read only = yes
browseable = no

[homes]
path = /home/%U
comment = HOME Directories
browseable = no
writeable = yes
valid users = %S
read only = no
guest ok = no
inherit permissions = yes

[profiles]
path = /home/samba/profiles
valid users = %U, "@Domain Admins"
writeable = yes
browseable = no
default case = lower
preserve case = no
short preserve case = no
case sensitive = no
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
create mask = 0600
directory mask = 0700
csc policy = disable

smbldap.conf:

Kod:

##############################################################################
#
# General Configuration
#
##############################################################################

# Umieść tu twój SID, żeby go uzyskać wykonaj polecenie "net getlocalsid"
# Jeśli parametr nie jest zdefiniowany jest pobierany automatycznie 
# z "net getlocalsid"
SID="S-1-5-21-659734858-158413520-2557472189"

# Nazwa serwera Samby Domeny
# Jeśli parametr nie jest zdefiniowany pobierany jest automatycznie
# z pliku smb.conf

##############################################################################
#
# LDAP Configuration
#
##############################################################################

# Use TLS for LDAP, Nie korzystamy z szyfrowania więc 0
# If set to 1, this option will use start_tls for connection
# (you should also used the port 389)
# If not defined, parameter is set to "1"
ldapTLS="0"

# How to verify the server's certificate (none, optional or require)
# see "man Net::LDAP" in start_tls section for more details
#verify="require"
verify="none"

# CA certificate ‘zahaszuj’ opcje
# see "man Net::LDAP" in start_tls section for more details
#cafile="/etc/opt/IDEALX/smbldap-tools/ca.pem"

# certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
#clientcert="/etc/opt/IDEALX/smbldap-tools/smbldap-tools.pem"

# key certificate to use to connect to the ldap server
# see "man Net::LDAP" in start_tls section for more details
#clientkey="/etc/opt/IDEALX/smbldap-tools/smbldap-tools.key"

# LDAP Suffix
# Ex: suffix=dc=IDEALX,dc=ORG
suffix="dc=klos,dc=com,dc=pl"

# Where to store next uidNumber and gidNumber available for new users and groups
# If not defined, entries are stored in sambaDomainName object.
# Ex: sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
# Ex: sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"
sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"

# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT)
hash_encrypt="MD5"

##############################################################################
#
# SAMBA Configuration
#
##############################################################################

# The UNC path to home drives location (%U username substitution)
# Just set it to a null string if you want to use the smb.conf 'logon home'
# directive and/or disable roaming profiles
# Ex: userSmbHome="\PDC-SMB3%U"
userSmbHome=""

# The UNC path to profiles locations (%U username substitution)
# Just set it to a null string if you want to use the smb.conf 'logon path'
# directive and/or disable roaming profiles
# Ex: userProfile="\PDC-SMB3profiles%U"
userProfile=""

# The default Home Drive Letter mapping
# (will be automatically mapped at logon time if home directory exist)
# Ex: userHomeDrive="H:"
userHomeDrive="U:"

# The default user netlogon script name (%U username substitution)
# if not used, will be automatically username.cmd
# make sure script file is edited under dos
# Ex: userScript="startup.cmd" # make sure script file is edited under dos
userScript="logon.bat"

# Domain appended to the users "mail"-attribute
# when smbldap-useradd -M is used
# Ex: mailDomain="idealx.com"
#mailDomain=""

slapd.conf:

Kod:

# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

#######################################################################
# Global Directives:

# Features to permit
#allow bind_v2

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include        /etc/ldap/schema/samba.schema
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args

# Read slapd.conf(5) for possible values
loglevel        none

# Where the dynamically loaded modules are stored
modulepath    /usr/lib/ldap
moduleload    back_hdb

# The maximum number of entries that is returned for a search operation
sizelimit 500

# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1

#######################################################################
# Specific Backend Directives for hdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend        hdb

#######################################################################
# Specific Backend Directives for 'other':
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
#backend        <other>

#######################################################################
# Specific Directives for database #1, of type hdb:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
database        hdb

# The base of your directory in database #1
suffix          "dc=klos,dc=com,dc=pl"

# rootdn directive for specifying a superuser on the database. This is needed
# for syncrepl.
# rootdn          "cn=admin,dc=klos,dc=com,dc=pl"

# Where the database file are physically stored for database #1
directory       "/var/lib/ldap"

# The dbconfig settings are used to generate a DB_CONFIG file the first
# time slapd starts.  They do NOT override existing an existing DB_CONFIG
# file.  You should therefore change these settings in DB_CONFIG directly
# or remove DB_CONFIG and restart slapd for changes to take effect.

# For the Debian package we use 2MB as default but be sure to update this
# value if you have plenty of RAM
dbconfig set_cachesize 0 2097152 0

# Sven Hartge reported that he had to set this value incredibly high
# to get slapd running at all. See http://bugs.debian.org/303057 for more
# information.

# Number of objects that can be locked at the same time.
dbconfig set_lk_max_objects 1500
# Number of locks (both requested and granted)
dbconfig set_lk_max_locks 1500
# Number of lockers
dbconfig set_lk_max_lockers 1500

# Indexing options for database #1
index           objectClass eq

# Save the time that the entry gets modified, for database #1
lastmod         on

# Checkpoint the BerkeleyDB database periodically in case of system
# failure and to speed slapd shutdown.
checkpoint      512 30

# Where to store the replica logs for database #1
# replogfile    /var/lib/ldap/replog

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
# These access lines apply to database #1 only
access to attrs=userPassword,shadowLastChange
        by dn="cn=admin,dc=klos,dc=com,dc=pl" write
        by anonymous auth
        by self write
        by * none

# Ensure read access to the base for things like
# supportedSASLMechanisms.  Without this you may
# have problems with SASL not knowing what
# mechanisms are available and the like.
# Note that this is covered by the 'access to *'
# ACL below too but if you change that as people
# are wont to do you'll still need this if you
# want SASL (and possible other things) to work 
# happily.
access to dn.base="" by * read

# The admin dn has full write access, everyone else
# can read everything.
access to *
        by dn="cn=admin,dc=klos,dc=com,dc=pl" write
        by * read

# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
#access to dn=".*,ou=Roaming,o=morsnet"
#        by dn="cn=admin,dc=klos,dc=com,dc=pl" write
#        by dnattr=owner write

#######################################################################
# Specific Directives for database #2, of type 'other' (can be hdb too):
# Database specific directives apply to this databasse until another
# 'database' directive occurs
#database        <other>

# The base of your directory for database #2
#suffix        "dc=debian,dc=org"

Za wszelkie wskazówki będę bardzo wdzięczny.
Pozdrawiam,
BlackHat

Ostatnio edytowany przez BlackHat (2010-06-16 10:35:53)

Offline

 

#2  2010-06-08 09:41:54

  BlackHat - Użytkownik

BlackHat
Użytkownik
Zarejestrowany: 2010-05-24

Re: [solved] Samba + SLAPD, domena "okreslona nazwa...."

Poniżej logi z samby :

Kod:

[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/02 14:49:51,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/02 14:49:51,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 15:54:26,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 15:54:26,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 15:54:26,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 15:54:26,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 15:54:26,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 15:54:26,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 15:54:26,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 15:54:26,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 15:54:27,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 15:54:27,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 16:00:04,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 16:00:04,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 16:00:04,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 16:00:04,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/07 16:01:04,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/07 16:01:04,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:19:34,  0] lib/util_sock.c:get_peer_addr_internal(1676)
[2010/06/08 08:19:34,  0] lib/access.c:check_access(410)
  getpeername failed. Error was Transport endpoint is not connected
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:19:34,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:19:34,  0] lib/access.c:check_access(410)
[2010/06/08 08:19:34,  0] lib/util_sock.c:get_peer_addr_internal(1676)
  getpeername failed. Error was Transport endpoint is not connected
  Denied connection from  (0.0.0.0)
[2010/06/08 08:19:34,  1] smbd/process.c:process_smb(1560)
[2010/06/08 08:19:34,  0] lib/util_sock.c:get_peer_addr_internal(1676)
  getpeername failed. Error was Transport endpoint is not connected
  Connection denied from 0.0.0.0
[2010/06/08 08:19:34,  0] lib/util_sock.c:write_data(1136)
[2010/06/08 08:19:34,  0] lib/util_sock.c:get_peer_addr_internal(1676)
  getpeername failed. Error was Transport endpoint is not connected
  write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer
[2010/06/08 08:19:34,  0] smbd/process.c:srv_send_smb(74)
  Error writing 5 bytes to client. -1. (Transport endpoint is not connected)
[2010/06/08 08:19:35,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:19:35,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:23:52,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:23:52,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:23:52,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:23:52,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:23:52,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:23:52,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:23:52,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:23:52,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:23:52,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:23:52,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:33:27,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:33:27,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:39:14,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:39:14,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:43:57,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:43:57,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:43:57,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:43:57,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:43:57,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:43:57,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:43:57,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:43:57,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:43:57,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:43:57,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:04,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:04,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:05,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:05,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:05,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:05,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:05,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:05,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:05,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:05,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:17,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:17,  1] smbd/process.c:process_smb(1560)
[2010/06/08 08:44:17,  0] lib/access.c:check_access(410)
  Connection denied from ::ffff:192.168.1.214
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:17,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:17,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:17,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:17,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:17,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:44:17,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:44:17,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:46:35,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:46:35,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 08:46:36,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 08:46:36,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:05:29,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:05:29,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:05:29,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:05:29,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:05:29,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:05:29,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:05:29,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:05:29,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:05:29,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:05:29,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:11:48,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:11:48,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:22:07,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:22:07,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:22:07,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:22:07,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:22:07,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:22:07,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:22:08,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:22:08,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214
[2010/06/08 09:22:13,  0] lib/access.c:check_access(410)
  Denied connection from  (::ffff:192.168.1.214)
[2010/06/08 09:22:13,  1] smbd/process.c:process_smb(1560)
  Connection denied from ::ffff:192.168.1.214

Systemy się widzą, nie wiem dlaczego samba dostęp...

Offline

 

#3  2010-06-08 10:19:17

  meciarz - Użytkownik

meciarz
Użytkownik
Zarejestrowany: 2010-06-08

Re: [solved] Samba + SLAPD, domena "okreslona nazwa...."

odpowiedź masz tutaj:

Kod:

hosts allow = 127.0.0.1 10.0.0.0/255.255.255.0

Offline

 

#4  2010-06-08 11:29:06

  BlackHat - Użytkownik

BlackHat
Użytkownik
Zarejestrowany: 2010-05-24

Re: [solved] Samba + SLAPD, domena "okreslona nazwa...."

Dziękuję za pomoc, niestety nasunął sie kolejny błąd a mianowicie:
" Podczas próby przyłączenia domeny "nazwadomeny" wystąpił następujący błąd: Nie można odnaelzc nazwy uzytkownika."
Podobno ktoś już rozwiązał ten problem, niestety link do tutoriala nie działa, a google zindeksowało już coś innego :
[url]http://debian.linux.pl/threads/13735-uruchomienie-Samby-PDC-z-OpenLDAP[/url]
podaje login root i haslo roota
zrobilem smbpasswd -a root
i wprowdzilem nowe haslo.
poniżej log:

Kod:

[2010/06/08 11:22:45,  2] lib/access.c:check_access(406)
  Allowed connection from __ffff_192.168.1.214 (::ffff:192.168.1.214)
[2010/06/08 11:22:45,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/06/08 11:22:45,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/06/08 11:22:45,  2] auth/auth.c:check_ntlm_password(308)
  check_ntlm_password:  authentication for user [root] -> [root] -> [root] succeeded
[2010/06/08 11:22:45,  2] lib/access.c:check_access(406)
  Allowed connection from ::ffff:192.168.1.214 (::ffff:192.168.1.214)
[2010/06/08 11:22:46,  2] lib/access.c:check_access(406)
  Allowed connection from __ffff_192.168.1.214 (::ffff:192.168.1.214)
[2010/06/08 11:22:46,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/06/08 11:22:46,  2] smbd/sesssetup.c:setup_new_vc_session(1363)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
[2010/06/08 11:22:46,  2] auth/auth.c:check_ntlm_password(308)
  check_ntlm_password:  authentication for user [root] -> [root] -> [root] succeeded
[2010/06/08 11:22:46,  2] lib/access.c:check_access(406)
  Allowed connection from ::ffff:192.168.1.214 (::ffff:192.168.1.214)
[2010/06/08 11:22:46,  2] rpc_server/srv_samr_nt.c:_samr_LookupDomain(3490)
  Returning domain sid for domain KLOS.COM.PL -> S-1-5-21-4029514266-1201480501-4168177805
Argument "" isn't numeric in addition (+) at /usr/share/perl5/Net/LDAP.pm line 468.
Error looking for next uid in sambaDomainName=sambaDomain,dc=klos,dc=com,dc=pl:No such object at /usr/share/perl5/smbldap_tools.pm line 1071.
[2010/06/08 11:22:46,  0] passdb/pdb_interface.c:pdb_default_create_user(336)
  _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w "komprcelinski$"' gave 1

i z drugiego loga:

Kod:

[2010/06/08 11:22:45,  2] lib/access.c:check_access(406)
  Allowed connection from __ffff_192.168.1.214 (::ffff:192.168.1.214)
[2010/06/08 11:22:45,  2] smbd/reply.c:reply_special(425)
  netbios connect: name1=TEST-PDC        name2=KOMPRCELINSKI
[2010/06/08 11:22:45,  2] smbd/reply.c:reply_special(432)
  netbios connect: local=test-pdc remote=komprcelinski, name type = 0
[2010/06/08 11:22:46,  2] lib/access.c:check_access(406)
  Allowed connection from __ffff_192.168.1.214 (::ffff:192.168.1.214)

Podejrzewam iż są to problemy z autenyfikacja użytkownika.
Mam jeszcze jedno pytanie jak w host allow ustawić całą pulę 192.168.1.1-192.168.1.255?
Pozdrawiam,
BlackHat

Offline

 

#5  2010-06-09 08:21:02

  sata11 - Użytkownik

sata11
Użytkownik
Zarejestrowany: 2010-02-07

Re: [solved] Samba + SLAPD, domena "okreslona nazwa...."

Spróbuj zresetować sambe i jeszcze raz wpiąć.

Offline

 

#6  2010-06-09 09:11:00

  meciarz - Użytkownik

meciarz
Użytkownik
Zarejestrowany: 2010-06-08

Re: [solved] Samba + SLAPD, domena "okreslona nazwa...."

[quote=BlackHat]Mam jeszcze jedno pytanie jak w host allow ustawić całą pulę 192.168.1.1-192.168.1.255?[/quote]
np tak:

Kod:

hosts allow = 192.168.1.0/24

Ostatnio edytowany przez meciarz (2010-06-09 10:32:01)

Offline

 

Stopka forum

Powered by PunBB
© Copyright 2002–2005 Rickard Andersson
Nas ludzie lubią po prostu, a nie klikając w przyciski ;-)

[ Generated in 0.010 seconds, 12 queries executed ]

Informacje debugowania

Time (s) Query
0.00010 SET CHARSET latin2
0.00004 SET NAMES latin2
0.00097 SELECT u.*, g.*, o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='3.12.152.102' WHERE u.id=1
0.00111 REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '3.12.152.102', 1732307326)
0.00047 SELECT * FROM punbb_online WHERE logged<1732307026
0.00073 DELETE FROM punbb_online WHERE ident='13.58.38.184'
0.00067 SELECT topic_id FROM punbb_posts WHERE id=149561
0.00004 SELECT id FROM punbb_posts WHERE topic_id=17018 ORDER BY posted
0.00051 SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=17018 AND t.moved_to IS NULL
0.00005 SELECT search_for, replace_with FROM punbb_censoring
0.00236 SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=17018 ORDER BY p.id LIMIT 0,25
0.00073 UPDATE punbb_topics SET num_views=num_views+1 WHERE id=17018
Total query time: 0.00778 s