OpenLDAP 和 Samba 背后的 Mac OS X

OpenLDAP 和 Samba 背后的 Mac OS X

我已经努力了一周,想让我的 Mac (Mountain Lion) 在我的家庭网络的 OpenLDAP 和 Samba 上进行身份验证。从多个来源(如 Ubuntu 社区文档和其他博客)以及经过大量反复试验和拼凑后,我创建了一个 samba.ldif,当与 apple.ldif 结合使用时,它将通过 smbldap-populate,并且我拥有一个功能齐全的 OpenLDAP 服务器和一个使用 LDAP 来验证 OS X 机器的 Samba PDC。

问题是当我登录时,主目录没有被创建或从服务器中提取。我在 system.log 中看到以下内容

Sep 21 06:09:15 Sams-MacBook-Pro.local SecurityAgent[265]: User info context values set for sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate():   Got user: sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate():     Got ruser: (null)
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got service: authorization
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): no authauth availale for user.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): failed: 7
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Failed to determine Kerberos principal name.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Done cleanup3
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Kerberos 5 refuses you
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): pam_sm_authenticate: ntlm
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_record_check_pwpolicy(): retval: 0
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Establishing credentials
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Got user: sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Context initialised
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): pam_sm_setcred: ntlm user sam doesn't have auth authority

一切都很好,我验证了。然后我得到

CFPreferences: user home directory for user kCFPreferencesCurrentUser at
/Network/Servers/172.17.148.186/home/sam is unavailable. 
User domains will be volatile.

Failed looking up user domain root; url='file://localhost/Network/Servers/172.17.148.186/home/sam/'
path=/Network/Servers/172.17.148.186/home/sam/ err=-43 uid=9000 euid=9000

如果你想知道/网络/服务器/IP/主页/sam来自一些博客,其中提到 OpenLDAP 属性apple-用户-home目录应该有这个值,并且NFS主目录在 Mac 上应该指向apple-用户-home目录

我还设置了属性apple-user-homeurl

<home_dir><url>smb://172.17.148.186/sam/</url><path></path></home_dir>

这是我在这个论坛上找到的。

任何帮助我都会感激不尽,因为此时我正陷入困境。

顺便说一句,我打算在我的 vps 上为此创建一个博客,并用 python 创建一个安装脚本,供人们下载,这样就没有人需要经历我这周所经历的事情了 :)

睡一会儿后,我将尝试从 Windows 机器登录并在此报告。

谢谢

山姆

答案1

我终于解决了这个问题。

这是一个愚蠢的打字错误!

代替/网络/服务器它应该是/网络/服务器.那个愚蠢的临时演员年代让我苦苦挣扎了好几天!

现在我想将主目录挂载为 nfs 挂载,以便我的所有数据都在服务器上。

相关内容