為了讓我的 Mac (Mountain Lion) 在我的家庭網路的 OpenLDAP 和 Samba 上進行身份驗證,我已經奮鬥了一個星期。從多個來源(例如 Ubuntu 社區文檔和其他部落格),經過大量的試驗和錯誤並將所有內容拼湊在一起,我創建了一個 samba.ldif,當與 apple.ldif 結合時,它將通過 smbldap-populate我有一個功能齊全的OpenLDAP 伺服器和一個使用LDAP 來驗證OS X 機器的Samba PDC。
問題是,當我登入時,不會建立主目錄或從伺服器中提取主目錄。我在 system.log 中得到以下內容
Sep 21 06:09:15 Sams-MacBook-Pro.local SecurityAgent[265]: User info context values set for sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got user: sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got ruser: (null)
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got service: authorization
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): no authauth availale for user.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): failed: 7
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Failed to determine Kerberos principal name.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Done cleanup3
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Kerberos 5 refuses you
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): pam_sm_authenticate: ntlm
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800.
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_record_check_pwpolicy(): retval: 0
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Establishing credentials
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Got user: sam
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Context initialised
Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): pam_sm_setcred: ntlm user sam doesn't have auth authority
這一切都很棒,我也證實了這一點。然後我得到
CFPreferences: user home directory for user kCFPreferencesCurrentUser at
/Network/Servers/172.17.148.186/home/sam is unavailable.
User domains will be volatile.
Failed looking up user domain root; url='file://localhost/Network/Servers/172.17.148.186/home/sam/'
path=/Network/Servers/172.17.148.186/home/sam/ err=-43 uid=9000 euid=9000
如果你想知道在哪裡/網路/伺服器/IP/home/sam來自,來自幾個博客,其中提到了 OpenLDAP 屬性apple-user-home目錄應該有這個值並且NFS主目錄在 Mac 上應該指向apple-user-home目錄
我還設定了attr蘋果使用者首頁 URL到
<home_dir><url>smb://172.17.148.186/sam/</url><path></path></home_dir>
我在這個論壇上找到的。
感謝任何幫助,因為此時我正在用頭撞牆。
順便說一句,我打算為此在我的 vps 上創建一個博客,並用 python 創建一個安裝腳本供人們下載,這樣就沒有人需要經歷我這週必須經歷的事情了:)
睡了一覺後,我將嘗試從 Windows 電腦登入並返回此處報告。
謝謝
山姆
答案1
我終於解決了這個問題。
這是一個愚蠢的打字錯誤!
代替/網路/伺服器它應該是/網路/伺服器。那個愚蠢的額外S讓我繞了好幾天!
現在我想將主目錄掛載為 nfs 掛載,以便我的所有資料都在伺服器上。