[samba] samba2.2.9(FreeBSD) in NT4 domain(winbind)

Salavat Yarmukhametov salavat на regiongarant.ru
Вт Июн 29 12:15:35 MSD 2004 

	FreeBSD 5.2.1 RELEASE. samba 2.2.9 с samba.org. Собрана с
--with-winbind
--with-winbind-auth-challenge
	Домен на NT4 (домен REGION, PDC(NT4) SERVERNT)

######################################
smb.conf

[global]
        client code page = 866
        workgroup = REGION
        netbios name = FREEBSD
        server string = Samba server on %h (v. %v)
        interfaces = lnc0 lo0
        security = DOMAIN
        password server = SERVERNT
        encrypt passwords = Yes
        update encrypted = Yes
        min passwd length = 1
        lanman auth = No
        admin log = Yes
        log level = 2
        log file = /var/log/samba/log.%m
        max log size = 50
        min protocol = NT1
        name resolve order = wins lmhosts bcast
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        load printers = No
        printcap name = lpstat
        show add printer wizard = No
        character set = KOI8-R
        domain guest group = nobody @guest
        add user script = /usr/sbin/useradd -d /home/sambauser/%u -g 501
-m\ -k 
/etc/skel_domain -s /bin/false %u
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        wins server = 212.30.144.1
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        winbind separator = +
        winbind cache time = 10
        winbind use default domain = Yes
        hosts allow = 212.30.144. 192.168.0. 192.168.1. 127. 192.168.2.

[test]
        comment = test
        path = /test
        valid users = region+region
        read list = region+region
        write list = region+salavat 
        read only = No
        create mask = 0666
        directory mask = 0777
        hosts allow = 
###################################################

nsswitch.conf

passwd:     files winbind
shadow:     files winbind
group:      files winbind

#hosts:     db files nisplus nis dns
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus
##################################################
####################################################
	В шару test под пользователем домена salavat зайти могу только для
чтения. Под другими пользователями не пускает в шару test. В системе есть
пользователь(FBSD) salavat.

#######################################################
#######################################################
Логи:
[2004/06/29 11:51:36, 0] smbd/server.c:main(791)
  smbd version 2.2.9 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2002
[2004/06/29 11:51:36, 1] lib/debug.c:debug_message(258)
  INFO: Debug class all level = 2   (pid 923 from pid 923)
[2004/06/29 11:51:36, 2] param/loadparm.c:do_section(3073)
  Processing section "[test]"
[2004/06/29 11:51:36, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.smbd: No such file or
directory
[2004/06/29 11:51:36, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.smbd: No such file or
directory
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=212.30.144.7 bcast=212.30.144.255 nmask=255.255.255.0
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/29 11:51:36, 1] smbd/files.c:file_init(171)
  file_init: Information only: requested 10000 open files, 1254 are
available.
[2004/06/29 11:51:36, 2] smbd/server.c:open_sockets(249)
  waiting for a connection
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.smbd: No such file or
directory
[2004/06/29 11:53:22, 2] lib/access.c:check_access(329)
  Allowed connection from  (212.30.144.26)
[2004/06/29 11:53:22, 2] smbd/reply.c:reply_special(92)
  netbios connect: name1=FREEBSD          name2=SALAVATVMWARE  
[2004/06/29 11:53:22, 2] smbd/reply.c:reply_special(111)
  netbios connect: local=freebsd remote=salavatvmware
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.salavatvmware: No such
file or 
directory
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.salavatvmware: No such
file or 
directory
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.salavatvmware: No such
file or 
directory
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.salavatvmware: No such
file or 
directory
[2004/06/29 11:53:22, 0] lib/debug.c:reopen_logs(348)
  Unable to open new log file /var/log/samba/log.salavatvmware: No such
file or 
directory
[2004/06/29 11:53:22, 2] libsmb/namequery.c:name_query(421)
  Got a positive name query response from 212.30.144.1 ( 212.30.144.1 )
[2004/06/29 11:53:22, 2] lib/util_sock.c:open_socket_out(874)
  error connecting to 212.30.144.1:445 (Invalid argument)
[2004/06/29 11:53:23, 2] lib/access.c:check_access(329)
  Allowed connection from  (212.30.144.26)
[2004/06/29 11:53:24, 1] smbd/service.c:make_connection(636)
  salavatvmware (212.30.144.26) connect to service test as user salavat
(uid=100
1, gid=1001) (pid 931)
################################################################

log.nmbd

[2004/06/29 11:51:36, 0] nmbd/nmbd.c:main(795)
  Netbios nameserver version 2.2.9 started.
  Copyright Andrew Tridgell and the Samba Team 1994-2002
[2004/06/29 11:51:36, 1] lib/debug.c:debug_message(258)
  INFO: Debug class all level = 2   (pid 925 from pid 925)
[2004/06/29 11:51:36, 2] nmbd/nmbd.c:main(833)
  Becoming a daemon.
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=212.30.144.7 bcast=212.30.144.255 nmask=255.255.255.0
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/29 11:51:36, 2] nmbd/nmbd_subnetdb.c:create_subnets(259)
  create_subnets: Ignoring loopback interface.
[2004/06/29 11:51:36, 2] nmbd/nmbd_subnetdb.c:make_subnet(192)
  making subnet name:212.30.144.7 Broadcast address:212.30.144.255 Subnet
mask:2
55.255.255.0
[2004/06/29 11:51:36, 2] nmbd/nmbd_subnetdb.c:make_subnet(192)
  making subnet name:UNICAST_SUBNET Broadcast address:212.30.144.1 Subnet
mask:2
12.30.144.1
[2004/06/29 11:51:36, 2] nmbd/nmbd_subnetdb.c:make_subnet(192)
  making subnet name:REMOTE_BROADCAST_SUBNET Broadcast address:0.0.0.0
Subnet ma
sk:0.0.0.0
[2004/06/29 11:51:36, 2] nmbd/nmbd_lmhosts.c:load_lmhosts_file(41)
  load_lmhosts_file: Can't open lmhosts file /usr/local/lib/lmhosts. Error
was N
o such file or directory
[2004/06/29 11:51:40, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
  find_response_record: response packet id 8551 received with no matching
record
.
[2004/06/29 11:51:40, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
  find_response_record: response packet id 8552 received with no matching
record

#####################################################

log.winbindd

[2004/06/29 11:51:36, 1] lib/debug.c:debug_message(258)
  INFO: Debug class all level = 2   (pid 927 from pid 927)
[2004/06/29 11:51:36, 2] param/loadparm.c:do_section(3073)
  Processing section "[test]"
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=212.30.144.7 bcast=212.30.144.255 nmask=255.255.255.0
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=212.30.144.7 bcast=212.30.144.255 nmask=255.255.255.0
[2004/06/29 11:51:36, 2] lib/interface.c:add_interface(81)
  added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
[2004/06/29 11:51:36, 2] libsmb/namequery.c:name_query(421)
  Got a positive name query response from 212.30.144.1 ( 212.30.144.1 )
[2004/06/29 11:51:36, 2] lib/util_sock.c:open_socket_out(874)
  error connecting to 212.30.144.1:445 (Invalid argument)
[2004/06/29 11:51:36, 1] nsswitch/winbindd_util.c:init_domain_list(150)
  Added domain REGION (S-1-5-21-404572029-68067-1637365974)
[2004/06/29 11:51:36, 1] nsswitch/winbindd_util.c:init_domain_list(152)
  getting trusted domain list
[2004/06/29 11:53:23, 2] libsmb/namequery.c:name_query(421)
  Got a positive name query response from 212.30.144.1 ( 212.30.144.1 )
[2004/06/29 11:53:23, 2] lib/util_sock.c:open_socket_out(874)
  error connecting to 212.30.144.1:445 (Invalid argument)
###############################################################

	Как добиться, чтобы samba на FreeBSD5.2.1 брала пользователей из
домена через winbind? С тем же конфигом на М2.2 всё работает.
	Если поставить на шару test 
	write list = region+region
Под пользователем домена salavat могу писать в шару. Под остальными - не
пускает. 
	smbpasswd -j REGION -U Administrator
делал.

запускающий скрипт:
/usr/local/bin/smbd -D
/usr/local/bin/nmbd -D
/usr/local/bin/winbindd

	Подскажите - где чего нужно посмотреть/покрутить?
	
--
Salavat Yarmukhametov		
Jabber: salik на jabber.ru		
ICQ:	21144441

Подробная информация о списке рассылки Samba