Where are you getting with adding the machines? You should get a posix
user added with machinename$ for the uid, then that user will be
modified to include the sambaSamAccount data.
I would suggest these for 'official' resources:
http://us2.samba.org/samba/docs/man/howto/samba-pdc.html*
*and
http://us2.samba.org/samba/docs/man/guide/
**
there are a couple of comments below:
[global]
;unix charset = LOCALE
workgroup = cyberspicace
netbios name = fs01
server string = fs01
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
wins support = yes
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes
domain logons = yes
;security and logging settings
security = user
encrypt passwords = yes
unix password sync = yes
passdb backend = ldapsam:ldap://fs01.cyberspicace.com
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
;security - interface
interfaces = eth0 192.168.1.0/24 lo 127/8
bind interfaces only = yes
not necessarily related to your problem, but you could probably do away
with these if you're on a protected LAN. Lets try to not be any more
restrictive than we have to, at least not while testing.
;services
name resolve order = wins bcast hosts
time server = yes
printcap name = CUPS
printing = cups
show add printer wizard = yes
;various scripts
passwd program = /var/lib/samba/sbin/smbldap-passwd.pl -o %u
passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl %u
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%'g
add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u'
'%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl -x
'%u'
'%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g '%g'
'%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
You didn't mention, did you configure the smbldap-tools package? I
would assume that you did, but covering all the bases here.
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
;access
admin users = "@Domain Admins"
printer admin = "@Domain Admins"
;ldap backend
ldap suffix = dc=cyberspicace,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=cyberspicace,dc=com
Did you store the password for the admin dn with smbpasswd -w ...
idmap backend = ldap:ldap://fs01.cyberspicace.com
idmap uid = 10000-20000
idmap gid = 10000-20000
Don't need these unless you're using winbind.
map acl inherit = Yes
include = /etc/samba/shares.conf
Are you running any windows servers in your setup or just one samba box
and the clients?
Assuming the latter, which sounds like you unless I'm badly mis-reading
you here, you don't *need* any special DNS entries to make things work.
Perhaps you could attach your smb.conf file? It sounds like your
security parameter is way out of whack, which could be causing your
issues.
security = domain
is for when you have a functioning NT network to add this machine to
that holds your login info. I've successfully added a 3.0 machine to a
2.2.x network and then not had to do any passdb setup on it.
security = ads
is for configuring authentication against an existing 2000 (/2003?) AD
network, which you haven't mentioned here.
You probably want (from TOSHaRG):
preferred master = yes
domain master = yes
local master = yes
security = user
domain logons = yes
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.com mailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
