I've been following the Samba 3 by Example book by John Terpstra and
having problems getting things to work properly.
Right now when I try to add a computer to the domain I get the attached
in the log files. And Windows returns the error message: "The
following error occured attempting to join the domain "DEATH": The user
name could not be found. The system name, "isdept88" in this case,
get's added to the ldap, but the system doesn't attach to the domain.
:S Also attached are some of my config files. I'm using Samba
3.0.12-5, Openldap2-2.2.23-6, smbldap-tools 0.8.4.
Thanks in advance for any ideas.
[2005/11/01 09:29:53, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.200.1 bcast=192.168.200.255 nmask=255.255.255.0
[2005/11/01 09:29:53, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old
resources.
[2005/11/01 09:29:53, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old
resources.
[2005/11/01 09:29:53, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [administrator] -> [root] ->
[root] succeeded
[2005/11/01 09:29:53, 2] lib/access.c:check_access(324)
Allowed connection from (192.168.200.25)
[2005/11/01 09:29:53, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.200.1 bcast=192.168.200.255 nmask=255.255.255.0
[2005/11/01 09:29:53, 2] smbd/reply.c:reply_special(236)
netbios connect: name1=PDC name2=ISDEPT88
[2005/11/01 09:29:53, 2] smbd/reply.c:reply_special(243)
netbios connect: local=pdc remote=isdept88, name type = 0
[2005/11/01 09:29:53, 2] smbd/server.c:exit_server(609)
Closing connections
[2005/11/01 09:29:54, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2580)
Returning domain sid for domain DEATH ->
S-1-5-21-932451236-683595512-1290266429
[2005/11/01 09:29:55, 2] smbd/server.c:exit_server(609)
Closing connections
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
############################
# Credential Configuration #
############################
# Notes: you can specify two differents configuration if you use a
# master ldap for writing access and a slave ldap server for reading access
# By default, we will use the same DN (so it will work for standard Samba
# release)
slaveDN="cn=Manager,dc=hell,dc=com"
slavePw="secret"
masterDN="cn=Manager,dc=hell,dc=com"
masterPw="secret"
host 192.168.200.2
base dc=hell,dc=com
ldap_version 3
binddn cn=Manager,dc=hell,dc=com
bindpw secret
rootbinddn cn=Manager,dc=hell,dc=com
pam_password exop
ssl no
nss_map_attribute uniqueMember member
pam_filter objectclass=posixAccount
nss_base_passwd ou=Users,dc=hell,dc=com
nss_base_shadow ou=Users,dc=hell,dc=com
nss_base_group ou=Groups,dc=hell,dc=com
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns wins
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases: files
[global]
unix charset = LOCALE
workgroup = DEATH
netbios name = PDC
passdb backend = ldapsam:ldap://bdc.hell
username map = /etc/samba/smbusers
log level = 2
syslog = 0
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /var/lib/samba/sbin/smbldap-useradd -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel '%u'
add group script = /var/lib/samba/sbin/smbldap-groupadd -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel '%g'
add user to group script = /var/lib/samba/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod -x
'%u' '%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod -g '%g'
'%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd -w '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = scripts\logon.bat
logon path = \\%L\%U
logon drive = P:
logon home = \\%L\%U
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap suffix = dc=hell,dc=com
ldap machine suffix = ou=Users
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=hell,dc=com
idmap backend = ldap://bdc.hell.com
idmap uid = 10000-20000
idmap gid = 10000-20000
map acl inherit = Yes
printing = cups
printer admin = Administrator
[IPC$]
path = /tmp
hosts allow = 192.168.200.0/24, 127.0.0.1
hosts deny = 0.0.0.0/0
[groupa]
comment = Accounting Files
path = /home/groups/groupa
read only = No
[groupb]
comment = Financial Services Files
path = /home/groups/groupb
read only = No
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /home
read only = No
profile acls = Yes
[profdata]
comment = Profile Data Share
path = /home/profdata
read only = No
profile acls = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = rootUID_START="1000"
GID_START="1000"
SID="S-1-5-21-932451236-683595512-1290266429"
slaveLDAP="192.168.200.2"
slavePort="389"
masterLDAP="192.168.200.2"
masterPort="389"
ldapTLS="0"
suffix="dc=hell,dc=com"
usersdn="ou=Users,dc=hell,dc=com"
computersdn="ou=Computers,dc=hell,dc=com"
groupsdn="ou=Groups,dc=hell,dc=com"
scope="sub"
hash_encrypt="SSHA"
userLoginShell="/bin/bash"
userHomePrefix="/home"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="553"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="30"
userSmbHome=""
userProfile=""
userHomeDrive="H:"
userScript=""
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
mk_ntpasswd="/var/lib/samba/sbin/mkntpwd"
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
