Как я могу настроить общий доступ к фолдерам с помощью smb ant authenticate через Open Ldap (от Google). Я использую stunnel4 для защиты соединения, и он отлично работает:
ldapsearch -H ldap://127.0.0.1:1636 -b dc=XXX,dc=com 'yyy@xxx.com' -x
# extended LDIF
#
# LDAPv3
... ... ...
# numResponses: 6
# numEntries: 5
, но samba не может подключиться к серверу ldap:
[2020/04/03 23:51:38.764868, 2] ../source3/lib/interface.c:345(add_interface)
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2020/04/03 23:51:38.764881, 2] ../source3/lib/interface.c:345(add_interface)
added interface bond0 ip=192.168.1.2 bcast=192.168.1.255 netmask=255.255.255.0
[2020/04/03 23:51:38.764912, 3] ../source3/smbd/server.c:1822(main)
loaded services
[2020/04/03 23:51:38.764963, 1] ../source3/profile/profile_dummy.c:30(set_profile_level)
INFO: Profiling support unavailable in this build.
[2020/04/03 23:51:38.764983, 3] ../source3/smbd/server.c:1842(main)
Standard input is not a socket, assuming -D option
[2020/04/03 23:51:38.764995, 3] ../source3/smbd/server.c:1854(main)
Becoming a daemon.
[2020/04/03 23:51:38.765323, 2] ../source3/passdb/pdb_ldap_util.c:281(smbldap_search_domain_info)
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=XXXX.COM))]
[2020/04/03 23:51:38.767216, 2] ../source3/lib/smbldap.c:841(smbldap_open_connection)
smbldap_open_connection: connection opened
мой samba.conf:
[global]
bind interfaces only = yes
interfaces = lo bond0
netbios name = WORKGROUP
workgroup = xxxxx.com
security = user
domain logons = yes
domain master = yes
log level = 3
log file = /var/log/samba/samba-ldap.log
idmap_ldb:use rfc2307 = yes
passdb backend = ldapsam:ldaps://127.0.0.1:1636
ldap ssl = off
ldap admin dn = BestProbos # user from google admin consolle
ldap user suffix = ou=Users
ldap group suffix = ou=Users
ldap passwd sync = Yes
min protocol = SMB2
Я просматриваю сетевую папку и авторизую пользователя через OpenLdap из Google (G Suite)