[Samba] new user can't log

Fri, 18 Dec 2009 10:55:33 -0800 

Hello everyone.
I was having a problem with my Samba PDC with LDAP backend. The command 'net getlocalsid' gaves me the message "Got too many (2) domain info entries for domain [domain]". I logged im my ldap server, and saw that i have the following entries: 

   dn: sambaDomainName=DOMINIO,dc=dominio,dc=com,dc=br
   sambaDomainName: DOMINIO
   sambaSID: S-1-5-21-874179082-3571801642-3889913597
   sambaAlgorithmicRidBase: 1000
   objectClass: sambaDomain
   sambaNextUserRid: 67109862
   sambaNextGroupRid: 67109863
   structuralObjectClass: sambaDomain
   entryUUID: 9ca720c8-00a6-102c-9973-d48efacd902d
   creatorsName: cn=root,dc=dominio,dc=com,dc=br
   createTimestamp: 20070926180404Z
   entryCSN: 20070926180404Z#000001#00#000000
   modifiersName: cn=root,dc=dominio,dc=com,dc=br
   modifyTimestamp: 20070926180404Z


and:

   dn: ou=Dominios,dc=dominio,dc=com,dc=br
   ou: Dominios
   objectClass: top
   objectClass: organizationalUnit
   structuralObjectClass: organizationalUnit

   dn: sambaDomainName=DOMINIO,ou=Dominios,dc=dominio,dc=com,dc=br
   objectClass: sambaDomain
   sambaAlgorithmicRidBase: 1000
   sambaSID: S-1-5-21-874179082-3571801642-3889913597
   sambaDomainName: DOMINIO
   sambaMinPwdLength: 4
   sambaLogonToChgPwd: 2
   sambaForceLogoff: 0
   sambaRefuseMachinePwdChange: 1
   structuralObjectClass: sambaDomain


Deleting the former (the one that was not inside the 'ou=Dominios') 
solved the problem. Now, the 'net getlocalsid' gives me the SID for my 
domain correctly. I don't know if this have any relation with my new 
problem, but i created a new user and he can't login.



The error is in portuguese, but i'll translate here: "The system could 
not logon by the following error: A device conected to the system is not 
working".



In the log of the machine the user is trying to log, i have the 
following info:


   [2009/12/18 16:47:29,  2] auth/auth.c:check_ntlm_password(308)
     check_ntlm_password:  authentication for user [dsribeiro] ->
   [dsribeiro] -> [dsribeiro] succeeded
   [2009/12/18 16:47:29,  1]
   rpc_server/srv_netlog_nt.c:_netr_LogonSamLogon(1060)
     _netr_LogonSamLogon: user DOMINIO\dsribeiro has user sid
   S-1-5-21-4161212321-1980848047-2820993626-3468
      but group sid S-1-5-21-874179082-3571801642-3889913597-513.
     The conflicting domain portions are not supported for NETLOGON calls


Can anyone point me to how to solve this? I'm not what you guys could 
call an expert in samba :D




--

*Leonardo de Souza Carneiro*
*Veltrac - Tecnologia em Logística.*
lscarne...@veltrac.com.br <mailto:lscarne...@veltrac.com.br>
http://www.veltrac.com.br <http://www.veltrac.com.br/>
/Fone Com.: (43)2105-5601/
/Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/
/Londrina- PR/
/Cep: 86015-010/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to