[samba-jp:18817] samba Workgroup → samba domain 移行について その2
Hideshi SAKUTA
Hideshi.Sakuta @ otsuka-shokai.co.jp
2006年 8月 2日 (水) 09:37:05 JST
お世話になります。さくたです。
この度、以下のようにsambaドメインを構築しXPsp2クライアントのドメイン参加
まではできましたが、ドメインログオンを実行するとユーザー・パスワード認証
の後、ブルースクリーンで「STOP:c000021a unknown Hard Error」になり再起動
してしまいます。マシン固有の問題かと思い他のPCでも試しましたが結果は同じ
です。ローカルログオンは問題ありません。
「smbldap-useradd.pl -w ZZZZ」
「ドメインメンバ:常にセキュリティチャネル〜暗号化〜署名する」→「無効」
上記を実行後、クライアントのドメイン参加を実行。
どなたかご教授いただければ幸いです。
【サーバ構成】
RedHat ES3
samba-3.0.9-1.3E.2
samba-client-3.0.9-1.3E.2
samba-common-3.0.9-1.3E.2
samba-swat-3.0.9-1.3E.2
smbldap-tools
openldap-2.0.27-17
openldap-clients-2.0.27-17
openldap-devel-2.0.27-17
openldap-servers-2.0.27-17
【smb.conf】
[global]
dos charset = CP932
unix charset = EUCJP-MS
display charset = EUCJP-MS
workgroup = CS
server string = CS File Server
passdb backend = "ldapsam:ldap://10.254.1.5 ldap://10.254.1.6"
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8576 SO_SNDBUF=8576
wins support = Yes
ldap admin dn = cn=Manager,dc=cs,dc=xxxxxx,dc=ac,dc=jp
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=cs,dc=xxxxxx,dc=ac,dc=jp
ldap ssl = no
ldap user suffix = ou=Users
admin users = Administrator
cups options = raw
追加→ security = user
追加→ os level = 64
追加→ preferred master = Yes
追加→ domain master = Yes
追加→ local master = Yes
追加→ domain logons = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
available = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[pub]
path = /pub
read only = No
[student2005]
path = /home/2005
read only = No
[teacher]
path = /home/teacher
read only = No
[pr1]
comment = 10.130.1.11(linux)
path = /var/spool/samba
read only = No
printer name = pr1
browseable = No
oplocks = No
share modes = No
available = No
[pr2]
comment = 10.130.1.12(linux)
path = /var/spool/samba
read only = No
printer name = pr2
browseable = No
oplocks = No
share modes = No
available = No
[pr3]
comment = 10.130.1.13(linux)
path = /var/spool/samba
read only = No
printer name = pr3
browseable = No
oplocks = No
share modes = No
available = No
[pr4]
comment = 10.130.1.14(linux)
path = /var/spool/samba
read only = No
printer name = pr4
browseable = No
oplocks = No
share modes = No
available = No
[pr]
comment = Linux Printing Sapport
path = /var/spool/samba
read only = No
printer name = pr
browseable = No
oplocks = No
share modes = No
available = No
[print$]
comment = Printer Driver Download Area
path = /var/samba/printers
write list = Administrator
guest ok = Yes
[prw1]
comment = 10.130.1.11(win)
path = /var/spool/samba
read only = No
printer name = prw1
browseable = No
oplocks = No
share modes = No
available = No
[prw2]
comment = 10.130.1.12(win)
path = /var/spool/samba
read only = No
printer name = prw2
browseable = No
oplocks = No
share modes = No
available = No
[prw3]
comment = 10.130.1.13(win)
path = /var/spool/samba
read only = No
printer name = prw3
browseable = No
oplocks = No
share modes = No
available = No
[prw4]
comment = 10.130.1.14(win)
path = /var/spool/samba
read only = No
printer name = prw4
browseable = No
oplocks = No
share modes = No
available = No
[supportdesk]
path = /home/supportdesk
read only = No
[student2006]
path = /home/2006
read only = No
【slapd.conf】
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
include /etc/openldap/schema/samba.schema
include /etc/openldap/schema/xylanauthenticationperson.schema
password-hash {MD5}
loglevel 256
database ldbm
suffix "dc=cs,dc=xxxxxx,dc=ac,dc=jp"
rootdn "cn=Manager,dc=cs,dc=xxxxxx,dc=ac,dc=jp"
rootpw {MD5}xxxxxxxxxxxxxxxxxxxxxxxx
directory /var/lib/ldap
index objectClass,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
index uid pres,eq
replogfile /var/lib/ldap/master-slapd.replog
replica host=ldap2.cs.xxxxxx.ac.jp:389
binddn="cn=Manager,dc=cs,dc=xxxxxx,dc=ac,dc=jp"
bindmethod=simple
credentials=xxxxxxxxxx
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
株式会社大塚商会
関西テクニカルソリューションセンター ( 関西TSC )
作 田 英 司 ( さくた ひでし )
Hideshi Sakuta
Tel : 06-6456-2640
Mail: Hideshi.Sakuta @ otsuka-shokai.co.jp
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
samba-jp メーリングリストの案内