On Fri, 2004-07-16 at 13:39, abebe lsslp wrote: > Hey Craig, > Here is what's happening. I've got nothing, but > headache from looking at log level 10, but finally I > finished going over it. For those of you who have not > been following, check > http://150.208.105.24/smbldap-pdc.html > > > ---- > > > smbd/process.c:timeout_processing(1332) > > > timeout_processing: End of file from client > > (client > > > has disconnected). > > > > You are attempting to join WinXP to domain, are > > asked for the > > name/password/domain of a user who has sufficient > > privileges to add a > > machine to the domain and it fails to finish? The > > machine is indeed > > added to LDAP - that's all I can figure out from > > your email. > > > > First off - my understanding is that Machine > > accounts should still be > > located in the People subtree and not in the > > Computers subtree because > > subsequent searches will not locate it there. If > > this has been fixed, > > I'm sure someone will correct me. > > > > I have tried it your way as well. > > # 1 > Changeed the Entry in '/etc/ldap.conf' to > > nss_base_passwd ou=People,dc=wbcoll,dc=edu?one > nss_base_shadow ou=People,dc=wbcoll,dc=edu?one > nss_base_group ou=Groups,dc=wbcoll,dc=edu?one > > #2 > changed the entry in '/etc/samba/smb.conf' file, I > changed > > ldap machine suffix = ou=People > > #3 > and finally, the entry in > '/etc/smbldap-tools/smbldap.conf' > > # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" > computersdn="ou=People,dc=wbcoll,dc=edu" > > However, I am sure the "ou =Computers" entry works. A > lot of documentations, including idealx.org would have > corrected their documentations if it wasn't so. > > > Secondly - ldap log? > > I couldn't find any hint that leads me to believe the > ldap doesn't work, but you might see something I > don't. you will find the whole 'slapd.log' file here: > http://150.208.105.24/smbldap-pdc/. (there are also > log files for the xp machine. ('winxp.log.html' is log > level 10 and 'winxp_log.html' is log level 3). Log > level 10 doesn't really tell me anything log level 3 > doesn't. ---- SID's don't match...
dn: uid=Administrator,ou=Users,dc=wbcoll,dc=edu <snip> sambaPrimaryGroupSID: S-1-5-21-952094410-1508517273-1204454084-512 sambaSID: S-1-5-21-952094410-1508517273-1204454084-2996 pdbedit -Lv testuser1 <snip> User SID: S-1-5-21-1414736517-1990894286-2385622597-3000 Primary Group SID: S-1-5-21-1414736517-1990894286-2385622597-513 Who knows which SID is in smbldap_conf and which SID is in dn=SambaDomainName,dc=wbcoll,dc=edu This should be one of the first things you check. Also - just for a point of reference (not that what I do is at all correct or even recommended by the many people that know way more than I do), I set the primary posix gid for all users to a posix labeled group and my /etc/samba/smbusers looks like this: # cat /etc/samba/smbusers # Unix_name = SMB_name1 SMB_name2 ... root = Administrator administrator admin nobody = guest pcguest smbguest I hope this helps. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba