服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 排除Samba / LDAPvalidation失败的故障
Intereting Posts
服务器select的默认密码套件 什么是一个有效的vBulletin网站的主机? FFGpeg Godaddypipe理VPS Windows Server 2008,IIS7和Windows身份validation 从RHEL集群获取长期负载统计信息? 当nginxconfiguration为反向代理时,是否可以将主机头重写到下游服务器,如Apache的ProxyPreserveHost? 移到新机器后取得NTFS卷的所有权 在PASE中编辑PATH 什么默认的Windows设置来改变性能优化? 如何限制未经授权的域名指向我的网站的IP地址 为用户提供用户创build权限 Amazon Linux rsyslogconfiguration覆盖 在input密码之前调用pam_tally2 Exchange 2007 CASredirect到Exchange 2003邮箱上的http Ubuntu服务器监控

排除Samba / LDAPvalidation失败的故障

这实际上是一个更普遍的问题,但我在特定的情况下提出这个问题。 如何解决失败的Samba / LDAPlogin/authentication?

我正在学习Samba / LDAP的过程。 我目前有一个testing机器,我有Samba和openLDAP,我创build了一个单一的posix / samba用户,我想尝试login到networking共享。 从运行Debian的其他机器上,我使用Gnome“连接到服务器”function来尝试加载共享。 我input所有的相关信息,但input密码后,提示不断回来。 它一再要求我的密码,而不给我一个错误。

到目前为止,我一直在拖尾/var/log/syslog文件并查看slapd输出: 

 Aug 1 11:05:16 androserve slapd[3358]: conn=1007 fd=19 ACCEPT from IP=127.0.0.1:52280 (IP=0.0.0.0:389) Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=0 BIND dn="cn=admin,dc=androcs,dc=com" method=128 Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=0 BIND dn="cn=admin,dc=androcs,dc=com" mech=SIMPLE ssf=0 Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=0 RESULT tag=97 err=0 text= Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=1 SRCH attr=supportedControl Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=2 SRCH base="dc=androcs,dc=com" scope=2 deref=0 filter="(&(uid=tarcuri)(objectClass=sambaSamAccount))" Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=2 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber gidNumber homeDirectory loginShell gecos Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=3 SRCH base="sambaDomainName=ANDROCS,dc=androcs,dc=com" scope=0 deref=0 filter="(objectClass=sambaDomain)" Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=3 SRCH attr=sambaPwdHistoryLength Aug 1 11:05:16 androserve slapd[3358]: conn=1007 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=4 SRCH base="dc=androcs,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=20000))" Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=4 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=4 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=5 SRCH base="dc=androcs,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=20000))" Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=5 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=5 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=6 SRCH base="dc=androcs,dc=com" scope=2 deref=0 filter="(&(sambaSID=s-1-5-21-3743419441-701214183-3617868461-513)(objectClass=sambaSamAccount))" Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=6 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn sn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp uidNumber gidNumber homeDirectory loginShell gecos Aug 1 11:05:17 androserve slapd[3358]: bdb_equality_candidates: (sambaSID) not indexed Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=6 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=7 SRCH base="dc=androcs,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(sambaSID=s-1-5-21-3743419441-701214183-3617868461-513))" Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=7 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=7 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=8 SRCH base="sambaDomainName=ANDROCS,dc=androcs,dc=com" scope=0 deref=0 filter="(objectClass=sambaDomain)" Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=8 SRCH attr=sambaLockoutThreshold Aug 1 11:05:17 androserve slapd[3358]: conn=1007 op=8 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 1 11:05:17 androserve slapd[3358]: conn=1007 fd=19 closed (connection lost)`

在这种情况下,它看起来像试图引用一个sambaGroupMapping类,我没有configuration。

通常如何处理这个问题?

谢谢!

Aug 1 11:05:16 androserve slapd [3358]:conn = 1007 op = 2 SRCH base =“dc = androcs,dc = com”scope = 2 deref = 0 filter =“(&( uid = tarcuri )(objectClass = sambaSamAccount))“Aug 1 11:05:16 androserve slapd [3358]:conn = 1007 op = 2 SEARCH RESULT tag = 101 err = 0 nentries = 1 text =

这意味着您的用户名在LDAP目录中find。 看看audit.log ,看看每步authenticationaccountingsession ,…