Hi, Set in your nsswitch.conf file:
hosts: files wins dns Then see if the name resolution problem persists. If it does you need to clean up TCP/IP configuration. Additionally, did you run the following? smbldap-populate -a root Did you set the root password using the following? smbldap-passwd root - John T. --- John H Terpstra Samba-Team email: [EMAIL PROTECTED] > -------- Original Message -------- > Subject: [Samba] can't join domain / smbldap-useradd -w machine not > working > From: "Tomasz Chmielewski" <[EMAIL PROTECTED]> > Date: Mon, October 25, 2004 6:24 am > To: [EMAIL PROTECTED] > > Hello, > > I'm trying to set up Samba + OpenLDAP as a PDC. > > I followed the instructions from chapter 6 in Samba-3 by Example, my > system is SuSE 9.1. > > ldap, winbind, nmb and smb are running. > > testparm says my smb.conf file is OK. > > I set LDAP password using smbpasswd -w. > > There was a similar post a few days ago (smbldap-tools don't create > machine account properly), but it didn't help me. > > When I try to join using net rpc (page 158 of Samba-3 by Example), I get > this: > > # net rpc join -U Administrator%password > Could not connect to server SERVER > The username or password was not correct. > > > This is what is logged with debugs 1-9 in smb.conf (same log with each > debug): > > # cat /var/log/samba/log.192.168.0.109 > [2004/10/25 15:01:04, 0] rpc_server/srv_netlog_nt.c:get_md4pw(201) > get_md4pw: Workstation SERVER$: no account in domain > > > I get the same even when I add machine SERVER manually. > > > I can find this machine manually using ldapsearch: > > # ldapsearch -x -b "dc=magista,dc=de" "(uid=SERVER$)" > # extended LDIF > # > # LDAPv3 > # base <dc=magista,dc=de> with scope sub > # filter: (uid=SERVER$) > # requesting: ALL > # > > # server$, Users, magista.de > dn: uid=server$,ou=Users,dc=magista,dc=de > objectClass: top > objectClass: inetOrgPerson > objectClass: posixAccount > cn: server$ > sn: server$ > uid: server$ > uidNumber: 1004 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > > These are my /etc/ldap.conf, /etc/nsswitch.conf, > /etc/openldap/slapd.conf, /etc/samba/smb.conf and > /etc/smbldap-tools/smbldap.conf, respectively: > > # cat /etc/ldap.conf > SIZELIMIT 200 > TIMELIMIT 15 > DEREF never > > host 127.0.0.1 > base dc=magista,dc=de > binddn cn=Manager,dc=magista,dc=de > bindpw password > > pam_password exop > > nss_base_passwd ou=Users,dc=magista,dc=de?one > nss_base_shadow ou=Users,dc=magista,dc=de?one > nss_base_group ou=Groups,dc=magista,dc=de?one > > > # cat /etc/nsswitch.conf |grep ldap > passwd: files ldap > shadow: files ldap > group: files ldap > > > # cat /etc/openldap/slapd.conf > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/cosine.schema > include /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/nis.schema > include /etc/openldap/schema/samba3.schema > > pidfile /var/run/slapd/slapd.pid > argsfile /var/run/slapd/slapd.args > > database ldbm > suffix "dc=magista,dc=de" > rootdn "cn=Manager,dc=magista,dc=de" > > # rootpw = not24get > rootpw password > > directory /var/lib/ldap > > # Indices to maintain > index objectClass eq > index cn pres,sub,eq > index sn pres,sub,eq > index uid pres,sub,eq > index displayName pres,sub,eq > index uidNumber eq > index gidNumber eq > index memberUID eq > index sambaSID eq > index sambaPrimaryGroupSID eq > index sambaDomainName eq > index default sub > > > # cat /etc/samba/smb.conf > [global] > unix charset = LOCALE > workgroup = MAGISTA > netbios name = SERVER > interfaces = eth0, lo > bind interfaces only = Yes > passdb backend = ldapsam:ldap://127.0.0.1 > username map = /etc/samba/smbusers > > log level = 9 > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 50 > > smb ports = 139 445 > > name resolve order = wins bcast hosts > > time server = Yes > > #printcap name = CUPS > #show add printer wizard = No > > add user script = /usr/local/sbin/smbldap-useradd -a -m '%u' > delete user script = /usr/local/sbin/smbldap-userdel '%u' > add group script = /usr/local/sbin/smbldap-groupadd -p '%g' > delete group script = /usr/local/sbin/smbldap-groupdel '%g' > add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g' > delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u' > '%g' > set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' > add machine script = /usr/local/sbin/smbldap-useradd -w '%u' > > logon script = scripts\logon.bat > logon path = \\%L\profiles\%U > logon drive = X: > > domain logons = Yes > preferred master = Yes > wins support = Yes > > ldap suffix = dc=magista,dc=de > ldap machine suffix = ou=Users > ldap user suffix = ou=Users > ldap group suffix = ou=Groups > > ldap idmap suffix = ou=Idmap > ldap admin dn = cn=Manager,dc=magista,dc=de > idmap backend = ldap:ldap://127.0.0.1 > idmap uid = 10000-20000 > idmap gid = 10000-20000 > map acl inherit = Yes > #printing = cups > #printer admin = Administrator, chrisr > > [homes] > comment = Home Directories > browseable = no > writeable = yes > > [profiles] > path = /home/samba/profiles > writeable = yes > browseable = no > create mask = 0600 > directory mask = 0700 > > [netlogon] > comment = Network Logon Service > path = /home/netlogon > read only = yes > browseable = no > write list = tom > > [unattended] > comment = Installation Sources > path = /home/unattended > read only = yes > browseable = no > valid users = unattended > > > # cat /etc/smbldap-tools/smbldap.conf > # $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ > # $Id: smbldap.conf,v 1.14 2004/06/25 20:57:51 jtournier Exp $ > # > # smbldap-tools.conf : Q & D configuration file for smbldap-tools > > # This code was developped by IDEALX (http://IDEALX.org/) and > # contributors (their names can be found in the CONTRIBUTORS file). > # > # Copyright (C) 2001-2002 IDEALX > # > # This program is free software; you can redistribute it and/or > # modify it under the terms of the GNU General Public License > # as published by the Free Software Foundation; either version 2 > # of the License, or (at your option) any later version. > # > # This program is distributed in the hope that it will be useful, > # but WITHOUT ANY WARRANTY; without even the implied warranty of > # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > # GNU General Public License for more details. > # > # You should have received a copy of the GNU General Public License > # along with this program; if not, write to the Free Software > # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, > # USA. > > # Purpose : > # . be the configuration file for all smbldap-tools scripts > > ############################################################################## > # > # General Configuration > # > ############################################################################## > > # Put your own SID > # to obtain this number do: net getlocalsid > #SID="S-1-5-21-1911238739-97561441-2706018148" > SID="S-1-5-21-1517566737-222097662-23938227" > > ############################################################################## > # > # LDAP Configuration > # > ############################################################################## > > # Notes: to use to dual ldap servers backend for Samba, you must patch > # Samba with the dual-head patch from IDEALX. If not using this patch > # just use the same server for slaveLDAP and masterLDAP. > # Those two servers declarations can also be used when you have > # . one master LDAP server where all writing operations must be done > # . one slave LDAP server where all reading operations must be done > # (typically a replication directory) > > # Ex: slaveLDAP=127.0.0.1 > slaveLDAP="127.0.0.1" > slavePort="389" > > # Master LDAP : needed for write operations > # Ex: masterLDAP=127.0.0.1 > masterLDAP="127.0.0.1" > masterPort="389" > > # Use TLS for LDAP > # If set to 1, this option will use start_tls for connection > # (you should also used the port 389) > ldapTLS="0" > > # How to verify the server's certificate (none, optional or require) > # see "man Net::LDAP" in start_tls section for more details > verify="none" > > # CA certificate > # see "man Net::LDAP" in start_tls section for more details > cafile="/etc/smbldap-tools/ca.pem" > > # certificate to use to connect to the ldap server > # see "man Net::LDAP" in start_tls section for more details > clientcert="/etc/smbldap-tools/smbldap-tools.pem" > > # key certificate to use to connect to the ldap server > # see "man Net::LDAP" in start_tls section for more details > clientkey="/etc/smbldap-tools/smbldap-tools.key" > > # LDAP Suffix > # Ex: suffix=dc=IDEALX,dc=ORG > suffix="dc=magista,dc=de" > > # Where are stored Users > # Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" > usersdn="ou=Users,$" > > # Where are stored Computers > # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" > computersdn="ou=Users,$" > > # Where are stored Groups > # Ex groupsdn="ou=Groups,dc=IDEALX,dc=ORG" > groupsdn="ou=Groups,$" > > # Where are stored Idmap entries (used if samba is a domain member server) > # Ex groupsdn="ou=Idmap,dc=IDEALX,dc=ORG" > idmapdn="ou=Idmap,$" > > # Where to store next uidNumber and gidNumber available > sambaUnixIdPooldn="cn=NextFreeUnixId,$" > > # Default scope Used > scope="sub" > > # Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) > hash_encrypt="SSHA" > > # if hash_encrypt is set to CRYPT, you may set a salt format. > # default is "%s", but many systems will generate MD5 hashed > # passwords if you use "$1$%.8s". This parameter is optional! > crypt_salt_format="%s" > > ############################################################################## > # > # Unix Accounts Configuration > # > ############################################################################## > > # Login defs > # Default Login Shell > # Ex: userLoginShell="/bin/bash" > userLoginShell="/bin/bash" > > # Home directory > # Ex: userHome="/home/%U" > userHome="/home/%U" > > # Gecos > userGecos="System User" > > # Default User (POSIX and Samba) GID > defaultUserGid="513" > > # Default Computer (Samba) GID > defaultComputerGid="515" > > # Skel dir > skeletonDir="/etc/skel" > > # Default password validation time (time in days) Comment the next line if > # you don't want password to be enable for defaultMaxPasswordAge days (be > # careful to the sambaPwdMustChange attribute's value) > defaultMaxPasswordAge="99" > > ############################################################################## > # > # SAMBA Configuration > # > ############################################################################## > > # The UNC path to home drives location (%U username substitution) > # Ex: \\My-PDC-netbios-name\homes\%U > # Just set it to a null string if you want to use the smb.conf 'logon home' > # directive and/or disable roaming profiles > userSmbHome="\\Server\homes\%U" > > # The UNC path to profiles locations (%U username substitution) > # Ex: \\My-PDC-netbios-name\profiles\%U > # Just set it to a null string if you want to use the smb.conf 'logon path' > # directive and/or disable roaming profiles > userProfile="\\Server\profiles\%U" > > # The default Home Drive Letter mapping > # (will be automatically mapped at logon time if home directory exist) > # Ex: H: for H: > userHomeDrive="X:" > > # The default user netlogon script name (%U username substitution) > # if not used, will be automatically username.cmd > # make sure script file is edited under dos > # Ex: %U.cmd > # userScript="startup.cmd" # make sure script file is edited under dos > userScript="%U.cmd" > > # Domain appended to the users "mail"-attribute > # when smbldap-useradd -M is used > mailDomain="magista.de" > > ############################################################################## > # > # SMBLDAP-TOOLS Configuration (default are ok for a RedHat) > # > ############################################################################## > > # Allows not to use smbpasswd (if with_smbpasswd == 0 in > smbldap_conf.pm) but > # prefer Crypt::SmbHash library > with_smbpasswd="0" > smbpasswd="/usr/bin/smbpasswd" > > > > > > ---------------------------------------------------------------------- > Startuj z INTERIA.PL!!! >>> http://link.interia.pl/f1837 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba