Hello,
I'm trying to configure a Debian woody with samba 3.0.5 and ldap from
www.backports.org. I managed to get to the point where I created a user
with
smbldap-adduser -m -a
smbldap-passwd
smbpasswd
I can log into the server with this user and smbclient
//server/user -Uuser%pass works as expected.
The WinXP is able to join the domain and the machine account gets created in ldap.
But I can't log in, it refuses my user.
I can't find anything wrong in the logs.
Can somebody help ?
Thanks
Fabrice
# /etc/samba/smb.conf
[global]
unix charset = LOCALE
workgroup = BIBO
passdb backend = ldapsam:ldap://127.0.0.1
username map = /etc/samba/smbusers
log level = 2
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
show add printer wizard = No
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m
'%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl %u
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p
'%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl
'%g'
add user to group script =
/var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g'
delete user from group script =
/var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g'
set primary group script =
/var/lib/samba/sbin/smbldap-usermod.pl -g '%g' '%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w
'%u'
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = H:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap suffix = dc=tux-logic,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,dc=tux-logic,dc=com
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 1-2
idmap gid = 1-2
map acl inherit = Yes
[homes]
comment = Home Directories
valid users = %U
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[profdata]
comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes
# cat /var/log/samba/runner #(the XP machine)
[2004/08/29 17:13:45, 2] smbd/sesssetup.c:setup_new_vc_session(602)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2004/08/29 17:13:45, 2] smbd/sesssetup.c:setup_new_vc_session(602)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2004/08/29 17:13:46, 2] passdb/pdb_ldap.c:init_group_from_ldap(1792)
init_group_from_ldap: Entry found for group: 546
[2004/08/29 17:13:57, 2] smbd/server.c:exit_server(568)
Closing connections
[2004/08/29 17:14:19, 2] smbd/sesssetup.c:setup_new_vc_session(602)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2004/08/29 17:14:19, 2] smbd/sesssetup.c:setup_new_vc_session(602)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2004/08/29 17:14:20, 2] passdb/pdb_ldap.c:init_group_from_ldap(1792)
init_group_from_ldap: Entry found for group: 546
[2004/08/29 17:14:20, 2] rpc_parse/parse_prs.c:netsec_decode(1575)
netsec_decode: FAILED: packet sequence number:
[2004/08/29 17:14:20, 2] lib/util.c:dump_data(1864)
[000] A5 03 70 71 A3 50 E5 A2 ..pq.P..
[2004/08/29 17:14:20, 2] rpc_parse/parse_prs.c:netsec_decode(1577)
should be:
[2004/08/29 17:14:20, 2] lib/util.c:dump_data(1864)
[000] 00 00 00 00 80 00 00 00
[2004/08/29 17:14:20, 0]
rpc_server/srv_pipe.c:api_pipe_netsec_process(1397)
failed to decode PDU
[2004/08/29 17:14:20, 0]
rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
process_request_pdu: failed to do schannel processing.
[2004/08/29 17:14:20, 2] passdb/pdb_ldap.c:init_sam_from_ldap(483)
init_sam_from_ldap: Entry found for user: runner$
[2004/08/29 17:14:21, 2] passdb/pdb_ldap.c:init_sam_from_ldap(483)
init_sam_from_ldap: Entry found for user: regis
[2004/08/29 17:14:22, 2] passdb/pdb_ldap.c:init_group_from_ldap(1792)
init_group_from_ldap: Entry found for group: 513
[2004/08/29 17:14:22, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [regis] -> [regis] ->
[regis] succeeded
[2004/08/29 17:14:22, 2] passdb/pdb_ldap.c:init_sam_from_ldap(483)
init_sam_from_ldap: Entry found for user: regis
[2004/08/29 17:15:00, 2] sm