Thanks to those of you who responded. Andrew Bartlett came through with the answer I needed to hear, which was that I was trying to do something that wasn't supported.
>>>> I am it has two weeks trying to twirl the PDC with samba + LDAP and ties >>>> the moment only migraines. It would like to know which is the problem, >>>> now, below described in mine log's? >>> >>> What user are you trying to use to join the domain. It must either be >>> root (Samba < 3.0.11) or an user with the SeMachineAccount privilege >>> (Samba >= 3.0.11). >>> >>> Andrew Bartlett >> >> Is it also true in Samba < 3.0.11 that only root can add users/groups >> and make modifications using the SRVTOOLS package? > >Correct. Thanks Andrew for the answer! Doug > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Tony > Earnshaw > Sent: Monday, February 28, 2005 9:41 PM > To: samba@lists.samba.org > Subject: RE: [Samba] Srvtools causes smbldap_open: cannot access LDAP > when not root > > > > Doug Campbell: > > [...] > > >>> smbldap_open: cannot access LDAP when not root... > > [...] > > >> As which user (Unix) is slapd (presume this is OpenLDAP)running? > >> Do you have an 'ldap admin dn' entry in smb.conf with rights > to all LDAP > >> ACLs? > >> > >> > >> I.e., I don't have this problem with Samba 3.0.11/OL 2.2.17-23 and > >> didn't with 3.0.7, either. > > > > My smb.conf file does have the ldap admin dn entry. The > relevant section > > of my smb.conf file is as follows: > > [...] > > Again, as which Unix user is slapd running? Who is the owner of your DB > files, config files, etc.? What are the permissions on them? Have you > certificates (i.e. the CA cert) or anything that smbd has to try to read > that can only be read by root? Is "cn=Manager,dc=swro,dc=local" a proxy > user in your DIT, or the rootdn user in slapd.conf (it's better to make a > proxy user in the DIT and comment out the rootdn). Can a normal user run > ldapsearch, for example, without being root?Etc. ;) > > > --Tonni > > -- > mail: [EMAIL PROTECTED] > http://www.billy.demon.nl > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba