The Samba 3.0.5rc1 server is configured as a PDC. [global] # client code page = 866 # NetBIOS name of that comp netbios name = TOLTEC #Name of Domain workgroup = liin #Comment server string = Samba PDC %v #Interface where samba works interfaces = 10.0.0.4/24 127.0.0.1/24 bind interfaces only = yes hosts allow = 10.0.0. name resolve order = hosts bcast #DOMAIN CONFIG encrypt passwords = Yes domain master = Yes local master = Yes prefered master = Yes security = user domain logons = yes # ONLY FOR 2K/XP! client ntlmv2 auth = Yes # NO WIN9X IN OUR DOMAIN!!!!! client lanman auth = no client plaintext auth = no #TEst this disable netbios = no #OS level!!! os level = 65 #ALL about Loggin ^) log level = 10 log file = /var/log/samba/%m.log max log size = 2000
#WINBIND CONFIG!!!! winbind separator = + winbind use default domain = Yes winbind uid =10000-20000 winbind gid =10000-20000 #If i comment it then #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(560) # winbindd: idmap uid range missing or invalid #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(561) # winbindd: cannot continue, exiting. # Could not init idmap -- netlogon proxy only # strange thing.... on 3.0.4 i don't need to write it winbind enum users = yes winbind enum groups = yes password server= localhost logon path = \\%L\profiles\%u logon script = logon.bat logon drive = H: # logon home = \\%L\%u\.win_profile\%m # NO 9X HERE!!! time server = yes #LDAP STARTS HERE passdb backend = ldapsam:ldap://localhost ldap admin dn = "cn=Manager,dc=liin,dc=org" ldap server = localhost ldap port = 389 ldap suffix = dc=liin,dc=org ldap machine suffix = ou=people ldap user suffix = ou=people ldap group suffix = ou=groups # ldap filter = "(&(uid%=%U)(ObjectClass=sambaSamAccount))" #LDAP continue ldap idmap suffix = ou=Idmap idmap backend = ldap:ldap//localhost idmap uid = 10000 - 20000 idmap gid = 10000 - 20000 #what is it? map acl inherit = yes # printing = cups # printer admin = Administrator #IDEALx SCRIPT's Rulezz add user script = /usr/sbin/smbldap-useradd -a -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # load printers = No # dns proxy = No guest account = nobody [netlogon] path = /usr/local/netlogon writable = no browsable = no [profiles] path = /home/nt-prof browsable = no writable = yes create mask = 0600 directory mask = 0700 guest ok = yes profile acl = no [homes] read only = no browsable = no guest ok = no map archive = yes When i try to logon WinXP(pro) says: "Windows cannot find the server profile and is logging you on with a temporart profile." or somenthing like that. I have russian copy of winxp. Next hi says: "Windows cannot find the local profile and is logging you on with a temporart profile." (it because i removed c:\Documents and Settings\Default User) And now the strange thing begin: It logons and download default profile from samba netlogon share(!!!) I waste a week about this problem.... i try tdb backend and all works fine when i back to ldap backend things go wrong OS RH8 OPENLDAP 2.2.14 Samba tested 3.0.4-3.0.5rc1 Problem n2: Problem With Winbind(or not?) [2004/07/14 01:59:55, 3] sam/idmap.c:idmap_init(131) idmap_init: using 'ldap' as remote backend [2004/07/14 01:59:55, 5] lib/smbldap.c:smbldap_search(931) smbldap_search: base => [ou=Idmap,dc=liin,dc=org], filter => [(objectclass=sambaUnixIdPool)], scope => [2] [2004/07/14 01:59:55, 10] lib/smbldap.c:smbldap_open_connection(543) smbldap_open_connection: ldap//localhost [2004/07/14 01:59:55, 0] lib/smbldap.c:smbldap_open_connection(546) ldap_initialize: Time limit exceeded [2004/07/14 01:59:55, 1] lib/smbldap.c:smbldap_retry_open(908) Connection to LDAP Server failed for the 1 try! [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1646) fcntl_lock 7 13 0 1 1 [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1681) fcntl_lock: Lock call successful I use idealx smbldap-populate to fill ldap directory -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba