openldap+samba配置错误

Bg

域名：test.org
主机名：master.test.org (192.168.11.20)
OS：FreeBSD 7 beta3
Samba3.0.26a
Openldap2.3.39



openldap编译参数：
[X] SASL              With (Cyrus) SASL2 support
[X] TCP_WRAPPERS      With tcp wrapper support
[X] BDB               With BerkeleyDB support
[X] TCP_WRAPPERS      With tcp wrapper support
[X] DYNAMIC_BACKENDS  Build dynamic backends




samba3编译参数：
[X] LDAP         With LDAP support
[X] CUPS         With CUPS printing support
[X] WINBIND      With WinBIND support
[X] QUOTAS       With Disk quota support
[X] UTMP         With UTMP accounting support
[X] POPT         With system-wide POPT library



sldap.conf参数:
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/corba.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/openldap.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/samba.schema

database        bdb
suffix          "dc=test,dc=org"
rootdn          "cn=root,dc=test,dc=org"

rootpw          another #我使用的是明码

index   objectClass     eq
index   ou,cn,sn,mail,mobile,givenName          eq,pres,sub
index   uid,uidNumber,gidNumber,loginShell      eq,pres


三个ldif文件

1) bdn.ldif
dn:dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org

2) unit.ldif
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it

3) test.ldif
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail: test@test.org
employeeNumber: 778888
fax: 8888888
mobile: 9020398586


master# ldapsearch -x
extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# test.org
dn: dc=test,dc=org
objectClass: organization
objectClass: dcObject
objectClass: top
dc: test
o: test.org

# it, test.org
dn: ou=it,dc=test,dc=org
objectClass: organizationalUnit
ou: it

# test, it, test.org
dn: cn=test,ou=it,dc=test,dc=org
objectClass: inetOrgPerson
uid: test
cn: test
sn: test
mail: test@test.org
employeeNumber: 778888
facsimileTelephoneNumber: 8888888
mobile:: OTAyMDM5ODU4NiA=

# search result
search: 2
result: 0 Success

# numResponses: 4
# numEntries: 3



master# netstat -an |grep 389
tcp4       0      0  *.389                  *.*                    LISTEN



smb.conf文件内容

ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes

走到这一步出错：
master# smbpasswd -w another  （rootpw的密码是明码）
ERROR: 'ldap admin dn' not defined! Please check your smb.conf


我用了google搜索这个错误，可惜没有找到相关的提示，我对LDAP也不是很明白，算是新手吧，只好向各位求助了。

我是参考这篇文章做的：http://phorum.study-area.org/index.php/topic,20602.html

Bg

问题解决了。
要把以下这几行放在Global parameters下面才可以，我每次都是放在smb.conf文件的末尾。
搞了好几天了，原来是这个问题。
ldap admin dn = "cn=root,dc=test,dc=org"
passdb backend = ldapsam:ldap://192.168.11.20
ldap ssl = off
ldap suffix = "dc=test,dc=org"
encrypt passwords = yes