先貼上 smb.conf 設定檔內容:
[global]
passdb backend = ldapsam:ldap://192.168.60.253:389
encrypt passwords = yes
ldap admin dn = cn=vmail,dc=tw,dc=example
ldap ssl = no
ldap suffix = dc=tw,dc=example
log level = 3
log file = /var/log/samba/smb.log
max log size = 50
template shell = /bin/bash
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
依上面的設定連線 Windows AD 驗證時,samba.log 訊息出現:
[2017/05/03 17:29:45.129863, 2] ../source3/lib/smbldap.c:794(smbldap_open_connection)
smbldap_open_connection: connection opened
[2017/05/03 17:29:45.133564, 2] ../source3/lib/smbldap.c:998(smbldap_connect_system)
failed to bind to server ldap://192.168.60.253:389 with dn="cn=vmail,dc=tw,dc=example" Error: Invalid credentials
80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
以及:
[2017/05/03 17:49:10.309081, 2] ../source3/passdb/pdb_ldap_util.c:287(smbldap_search_domain_info)
smbldap_search_domain_info: Problem during LDAPsearch: Timed out
[2017/05/03 17:49:10.309132, 2] ../source3/passdb/pdb_ldap_util.c:288(smbldap_search_domain_info)
smbldap_search_domain_info: Query was: dc=tw,dc=example, (&(objectClass=sambaDomain)(sambaDomainName=CENTOS7))
[2017/05/03 17:49:10.309147, 0] ../source3/passdb/pdb_ldap.c:6540(pdb_ldapsam_init_common)
pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it.
[2017/05/03 17:49:10.309182, 0] ../source3/passdb/pdb_interface.c:180(make_pdb_method_name)
pdb backend ldapsam:ldap://192.168.60.253:389 did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
Samba 版本是 4.6.3(samba-4.6.3.tar.gz)
這台 CentOS 7 沒有 join domain,純粹想直接連到 AD 做帳號驗證。
一直無法成功,也不知問題出在哪???
請版上各位協助!!!
感謝。