The LDAP users you have created (including the machines) need to have the objectclass: sambaSAMAccount and the subsequent fields. What are your user add scripts and machine add scripts you are using. Also, I have found that the IDEALX tools have an error in the smbldap-useradd script which includes that when you use the add machine switch the sambaSAMAccount information is not added to the LDAP database. I do have a copy of this modified file if you need it. Otherwise if you can edit the script yourself.
James -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Tousignant Sent: Friday, March 17, 2006 9:11 AM To: samba@lists.samba.org Subject: [Samba] Domain authentification problem with LDAP We use samba 3.0.13 and openldap 2.3.6 Members of the ldap group "Domain Admins" are working fine, but members of the group "Domain Users" can not login to the domain, and do not have access to the shares. Also, we are unable to join a windows xp workstation to the domain. Can anyone give me a hint where to start looking ... Thank you -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba