情况是两台服务器,一台是 slackware,安装最新的 samba 4.3,另一台是 windows,安装 windows2008R2。我从 Linux 客户端
ldapsearch -vvv -d 100 -b dc=server,dc=prov -H ldap://server.prov CN="franko fr. micheli" uSNCreated -LLL -Q
然后返回...
ldap_initialize( ldap://server:389/??base )
ldap_build_search_req ATTRS: supportedSASLMechanisms
filter: CN=franko fr. micheli
requesting: uSNCreated
ldap_build_search_req ATTRS: uSNCreated
ldap_result: Can't contact LDAP server (-1)
现在尝试使用 Windows
ldapsearch -vvv -d 100 -b dc=server,dc=prov -H ldap://server2.prov CN="franko fr. micheli" uSNCreated -LLL -Q
和工作
为什么不跳桑巴舞?
telnet server 389 OK
smb.conf 是
# Global parameters
[global]
workgroup = SERVER
realm = server.prov
netbios name = SERVER
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
host msdfs = yes
log file = /var/log/samba/samba.log
log level = 1
debug level = 1
max log size = 50
#other setting
template shell = /bin/bash
template homedir = /home/%ACCOUNTNAME%
winbind separator = /
winbind use default domain = Yes
printing = bsd
printcap name = /dev/null
答案1
找到解决方案,必须在 ldapsearch 上指定 gssapi
ldapsearch -Y GSSAPI -LLL -H ldap://myserver