Did you miss this in your members smb.conf: passdb backend = ldapsam:ldap://192.168.249.7/ So your ldapclient is working but Samba does not now where to auth?
Your config on memberserver: Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] unix charset = LOCALE workgroup = ATV server string = SRVFILE1 interfaces = 192.168.249.0/24, 127.0.0.1/8 security = DOMAIN log level = 4 ads:10 auth:10 sam:10 syslog = 0 log file = /var/log/samba/%m.log max log size = 50 smb ports = 139 name resolve order = wins bcast hosts unix extensions = No socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 65 wins server = 192.168.249.1 ldap admin dn = cn=Manager,dc=at-visions,dc=com ldap group suffix = ou=Groups,o=default ldap idmap suffix = ou=Idmap,ou=Samba,ou=System ldap machine suffix = ou=Computers,ou=Samba,ou=System ldap suffix = dc=at-visions,dc=com ldap ssl = no ldap user suffix = ou=Users,o=default case sensitive = No veto files = /.*/ hide files = /.*/ locking = No wide links = Yes dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd A hint, to make your samba a full featured wins-server( even in replication with w2008) there is samba4wins: http://ftp.sernet.de/pub/samba4WINS/ ----------------------------------------------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Ursprüngliche Nachricht----- Von: Philipp Felix Hoefler [mailto:p...@at-visions.com] Gesendet: Mittwoch, 1. August 2012 13:30 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: [Samba] Access and group issues on domain member server (PDC is Samba as well) Hi Daniel, thank you for you response. [root@srvfile1 home]# id phoefler uid=1663(phoefler) gid=1105(VISIONS) groups=1105(VISIONS),512(Domain Admins),513(Domain Users),1103(IT),1069(Marketing),1079(TimeSheetReports) This is working correctly. Also all other linux <-> LDAP stuff is working without any problems. Only Samba seems to be "unhappy" :( best regards, philipp On 8/1/12 1:22 PM, Daniel Müller wrote: > try : id youruser.ldap on the memberserver, > ex.: > > [root@tuepdc ~]# id tester > uid=1010(tester) gid=513(Domain Users) Gruppen=513(Domain > Users),2154(orbis),34709(Dienstplan),61092(HS3),47140(DIFAEM),17162(ag > fa),29 > 998(OpenHearts),26630(Personal),27525(pflege),19307(agaterm),46212(Ter > minalS > erver User) > > Should id not work there is something wrong. > Maybe your ldapclient is not working properly. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba