2009年11月18日

[samba-jp:20893] Re: パスワード有効期限が切れパスワード変更すると既定のユーザー プロファイルになってしまう

> OSSTech 小田切です。
>
>> パスワードの有効期限が指定してあり、期限が近づくとユーザに対しパスワード
>> の変更が促されます。そこでパスワードを変更すると既定のローカルユーザープ
>> ロファイルになってしまいます。
>
> 聞いたことのない現象ですね。
> OSとSambaのバージョン、smb.confを添付下さい。

>
>

お世話になります。
以下にOSとSambaのバージョン、smb.confを添付します。
よろしくお願いします。

PDC
kernel Linux 2.6.18-6-amd64 #1 SMP Mon Jun 16 22:30:01 UTC 2008
x86_64 GNU/Linux
samba Version 3.0.24
debian 4.0
BDC1
kernel Linux 2.6.26-2-amd64 #1 SMP Mon Oct 19 02:34:17 UTC 2009 x86_64
 GNU/Linux
samba Version 3.2.5
debian 5.0.3
BDC2
kernel Linux 2.6.26-2-amd64 #1 SMP Sun Jun 21 04:47:08 UTC 2009
x86_64GNU/Linux
samba
debian 5.0.2

PDC
[global]
netbios name = PDC
dos charset = CP932
unix charset = EUCJP-MS
display charset = EUCJP-MS
workgroup = SAMBADOM
server string = %h server
wins support = yes
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://127.0.0.1/
security = user
ldap admin dn = cn=admin,dc=example,dc=net
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=example,dc=net
ldap user suffix = ou=Users
domain logons = Yes
logon path =
logon home =
logon script =
domain master = Yes
preferred master = Yes
local master = Yes
os level = 64
idmap uid = 30000-40000
idmap gid = 30000-40000
template homedir = /home/%U
template shell = /bin/bash
winbind use default domain = Yes
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
admin users = Administrator
socket options = TCP_NODELAY
[homes]
comment = %U's Home Directories
read only = No
hide files = /.*/Desktop/desktop.ini/
browseable = No
recycle:repository = .trash
recycle:keeptree = yes
vfs objects = audit, recycle
recycle:exclude = *.tmp *.temp *.o *.obj ~$* *.~?? *.ldb
[netlogon]
comment = Net Logon Share
path = /var/samba/netlogon
writeable = No
write list = administrator
browseable = yes
[profiles]
comment = User profiles directory
path = /var/samba/profiles
read only = No
create mask = 0600
directory mask = 0700
browseable = No
profile acls = Yes
hide files = /desktop.ini/

BDC1
[global]
log file = /var/log/samba/log.%m
max log size = 0
syslog only = no
syslog = 0
log level = 0 all:2 tdb:1 printdrivers:0 lanman:0 smb:0 rpc_parse:0
rpc_srv:0 rpc_cli:0 passdb:1 sam:0 auth:1 winbind:0 vfs:0 idmap:0
quota:0 acls:0 locking:0 msdfs:0 dmapi:0 registry:2
unix charset = EUCJP-MS
dos charset = CP932
display charset = EUCJP-MS
security = user
workgroup = SAMBADOM
netbios name = BDC1
server string = BDC1
domain logons = yes
domain master = no
preferred master = no
local master = no
os level = 19
encrypt passwords = yes
wins support = no
wins server = 192.168.10.1
dns proxy = no
interfaces = eth0 127.0.0.1
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=admin,dc=shsa,dc=or,dc=jp
ldap delete dn = yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = yes
ldap suffix = dc=shsa,dc=or,dc=jp
ldap user suffix = ou=Users
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%u"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
admin users = Administrator
panic action = /usr/share/samba/panic-action %d
logon path =
logon home =
[homes]
comment= %U's Home Directories
browseable = no
read only = no
create mask = 0600
directory mask = 0700
hide files = /desktop.ini/
vfs objects = recycle
recycle:repository = .trash
recycle:keeptree = yes
recycle:exclude = *.tmp *.temp *.o *.obj ~$* *.~?? *.ldb
[netlogon]
comment = Net Logon Share
path = /var/samba/netlogon
browseable = yes
read only = yes
write list = administrator
[profiles]
comment = User profiles directory
path = /var/samba/profiles
browseable = no
read only = no
create mask = 0600
directory mask = 0700
hide files = /desktop.ini/
profile acls = yes

BDC2
[global]
log file = /var/log/samba/log.%m
max log size = 0
syslog only = no
syslog = 0
log level = 0 all:2 tdb:1 auth:1 passdb:1 registry:2
unix charset = EUCJP-MS
dos charset = CP932
display charset = EUCJP-MS
security = user
workgroup = SAMBADOM
netbios name = BDC2
server string = BDC2
domain logons = yes
domain master = no
preferred master = no
local master = no
os level = 19
encrypt passwords = yes
wins support = no
wins server = 192.168.10.1
dns proxy = no
interfaces = eth0 127.0.0.1
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=admin,dc=example,dc=net
ldap delete dn = yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = yes
ldap suffix = dc=example,dc=net
ldap user suffix = ou=Users
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%u"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon path =
logon home =
admin users = Administrator
panic action = /usr/share/samba/panic-action %d
[homes]
comment= %U's Home Directories
browseable = no
read only = no
create mask = 0600
directory mask = 0700
hide files = /desktop.ini/
vfs objects = recycle
recycle:repository = .trash
recycle:keeptree = yes
recycle:exclude = *.tmp *.temp *.o *.obj ~$* *.~?? *.ldb
[netlogon]
comment = Net Logon Share
path = /var/samba/netlogon
browseable = yes
read only = yes
write list = administrator
[profiles]
comment = User profiles directory
path = /var/samba/profiles
browseable = no
read only = no
create mask = 0600
directory mask = 0700
hide files = /desktop.ini/
profile acls = yes


__________ ESET NOD32 Antivirus からの情報, ウイルス定義データベースのバージョン 4614 (20091117) __________

このメッセージは ESET NOD32 Antivirus によって検査済みです。

http://canon-its.jp

投稿者 xml-rpc : 2009年11月18日 00:12
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/90571
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。