Ok, I had ldap with samba working perfectly a few weeks ago. however, I had no root account, since i was told not to have a root account on ldap server, so someone recommended i do this in smb.conf... passdb backend = smbpasswd
adding root user to samba with smbpasswd -a then changing smb.conf to this passdb backend = ldapsam:ldap://127.0.0.1 smbpasswd so it could use both, right? So a while later I let fedora up2date upgrade samba 3.0.0 rpms to 3.0.2. Everything seemed to work fine afterward. I looked in smbpasswd today, and I noticed all the ldap accounts, including the machine accounts are in there, as well as the root account. I thought this odd, so I removed smbpasswd from the aforementioned line, and oddly enough, none of the ldap accounts could use samba anymore, getting nt_login_failure or whatever! however, in a command line, i can still id username and it shows their username, through ldap, and i can log in to unix with them(ssh and everything), but samba no longer recognizes them. can someone tell me what i did wrong, or if this is a bug or something? below i paste relevant parts of smb.conf [global] workgroup = DOMAINNAME netbios name = NETBIOSNAME netbios aliases = INTRANET logon script = logon.cmd logon home = #\\homeserver\%u\winprofile logon path = domain logons = Yes os level = 64 preferred master = Yes encrypt passwords = Yes domain master = Yes wins support = Yes encrypt passwords = Yes update encrypted = Yes auth methods = sam guest security = USER #ldap passdb backend = ldapsam:ldap://127.0.0.1 smbpasswd ldap suffix = dc=INTRANET ldap machine suffix = ou=People ldap passwd sync = yes ldap user suffix = ou=People ldap group suffix = ou=Group ldap admin dn = "cn=Manager,dc=INTRANET" ldap ssl = no idmap backend = ldapsam:ldapsam://127.0.0.1 passwd chat debug = Yes passwd program =/usr/local/sbin/smbldap-passwd -o %u passwd chat = *new*password* %n\n *new*password:* %n\ *successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add machine script = /usr/local/sbin/smbldap-useradd -w %m add user script = /usr/local/sbin/smbldap-useradd -a -n -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd %g delete group script = /usr/local/sbin/smbldap-groupdel %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -G %g %u _______________________________________________ No banners. No pop-ups. No kidding. Introducing My Way - http://www.myway.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba