Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
Dos the PDC have to join the domain also? When I try to join my PDC to its domain with net join I get the following error. Enter root's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE The netbios name for my PDC is pdc.semarktest.dk I guess that way it tells my that is can't connect to server PDC I have checked that pdc is in the name server (nameserver is on 127.0.0.1) # host pdc pdc.semarktest.dk has address 192.168.1.182 Is there something I'm missing? Log dump from net join command: # tail -200 /var/log/syslog | grep slapd Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=2 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal: sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal: sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk, sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: ((objectClass=sambaTrustedDomainPassword)(sambaDomainName=semarktest)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: Jan 27 20:21:53 hds-debian-virt slapd[1868]: = hdb_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_dn2entry(sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk) Jan 27 20:21:53 hds-debian-virt slapd[1868]: = hdb_dn2id(sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk) Jan 27 20:21:53 hds-debian-virt slapd[1868]: = hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990) Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: conn=15 op=2 p=3 Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=10 matched=sambaDomainName=semarktest,dc=semark-testing,dc=dk text= Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response: msgid=3 tag=101 err=32 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=3 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal: dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal: dc=semark-testing,dc=dk, dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: ((uid=root)(objectClass=sambaSamAccount)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: uid Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: gidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: homeDirectory Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: cn Jan 27 20:21:53 hds-debian-virt slapd[1868]: sn Jan 27 20:21:53 hds-debian-virt slapd[1868]: displayName Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: description Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 20:21:53 hds-debian-virt slapd[1868]: objectClass Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 20:21:53 hds-debian-virt
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
Try using net ... -U Administrator instead, since root is not by default a member of the domain admin group. This presumes you have created the Administrator account in samba, created the domain admins group and setup the approp group mapping for key groups (domain admins, domain users etc.) On 01/27/10 14:23, Henrik Dige Semark wrote: Dos the PDC have to join the domain also? When I try to join my PDC to its domain with net join I get the following error. Enter root's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE The netbios name for my PDC is pdc.semarktest.dk I guess that way it tells my that is can't connect to server PDC I have checked that pdc is in the name server (nameserver is on 127.0.0.1) # host pdc pdc.semarktest.dk has address 192.168.1.182 Is there something I'm missing? Log dump from net join command: # tail -200 /var/log/syslog | grep slapd Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=2 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal:sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal:sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk,sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: ((objectClass=sambaTrustedDomainPassword)(sambaDomainName=semarktest)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: Jan 27 20:21:53 hds-debian-virt slapd[1868]: = hdb_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_dn2entry(sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk) Jan 27 20:21:53 hds-debian-virt slapd[1868]: = hdb_dn2id(sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk) Jan 27 20:21:53 hds-debian-virt slapd[1868]:= hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990) Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: conn=15 op=2 p=3 Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=10 matched=sambaDomainName=semarktest,dc=semark-testing,dc=dk text= Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response: msgid=3 tag=101 err=32 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got connid=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=15 Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=3 do_search Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk,dc=semark-testing,dc=dk Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter: ((uid=root)(objectClass=sambaSamAccount)) Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs: Jan 27 20:21:53 hds-debian-virt slapd[1868]: uid Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: gidNumber Jan 27 20:21:53 hds-debian-virt slapd[1868]: homeDirectory Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 20:21:53 hds-debian-virt slapd[1868]: cn Jan 27 20:21:53 hds-debian-virt slapd[1868]: sn Jan 27 20:21:53 hds-debian-virt slapd[1868]: displayName Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 20:21:53 hds-debian-virt slapd[1868]: description Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaDomainName Jan 27
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
I have just tried with net join -U Admin and I get the same error as before. # net join -U Admin Enter admin's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE Ldap search for Admin: # ldapsearch -x -h 127.0.0.1 -p 389 # Admin, Users, semark-testing.dk dn: uid=Admin,ou=Users,dc=semark-testing,dc=dk cn: Admin sn: Admin objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: Admin uidNumber: 0 homeDirectory: /home/Admin sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaHomePath: \\192.168.1.182\Admin sambaHomeDrive: H: sambaProfilePath: \\192.168.1.182\profiles\Admin sambaPrimaryGroupSID: S-1-5-21-860714184-2299130787-2886737959-512 sambaSID: S-1-5-21-860714184-2299130787-2886737959-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: my-pass sambaAcctFlags: [U] sambaNTPassword: my-pass sambaPwdLastSet: 1264374249 sambaPwdMustChange: 1268262249 shadowMax: 45 Log dump from net join command: Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=3 do_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal: dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal: dc=semark-testing,dc=dk, dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: ((uid=admin)(objectClass=sambaSamAccount)) Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs: Jan 27 21:31:11 hds-debian-virt slapd[1868]: uid Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: gidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: homeDirectory Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: cn Jan 27 21:31:11 hds-debian-virt slapd[1868]: sn Jan 27 21:31:11 hds-debian-virt slapd[1868]: displayName Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: description Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 21:31:11 hds-debian-virt slapd[1868]: objectClass Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPasswordHistory Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonHours Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: Jan 27 21:31:11 hds-debian-virt slapd[1868]: = hdb_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry(dc=semark-testing,dc=dk) Jan 27 21:31:11 hds-debian-virt slapd[1868]: search_candidates: base=dc=semark-testing,dc=dk (0x0001) scope=2 Jan 27 21:31:11 hds-debian-virt slapd[1868]: = hdb_dn2idl(dc=semark-testing,dc=dk) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = bdb_equality_candidates (objectClass) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = key_read Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940] Jan 27 21:31:11 hds-debian-virt slapd[1868]: = bdb_index_read: failed (-30990) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = bdb_equality_candidates: id=0, first=0, last=0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: = bdb_equality_candidates (uid) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = key_read Jan 27 21:31:11
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
Did you remember to run smbpasswd -W? Sometimes you have to add the -S switch for the join to work. net rpc join -S pdc -U root Dale On 01/27/2010 2:33 PM, Henrik Dige Semark wrote: I have just tried with net join -U Admin and I get the same error as before. # net join -U Admin Enter admin's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE Ldap search for Admin: # ldapsearch -x -h 127.0.0.1 -p 389 # Admin, Users, semark-testing.dk dn: uid=Admin,ou=Users,dc=semark-testing,dc=dk cn: Admin sn: Admin objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: Admin uidNumber: 0 homeDirectory: /home/Admin sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaHomePath: \\192.168.1.182\Admin sambaHomeDrive: H: sambaProfilePath: \\192.168.1.182\profiles\Admin sambaPrimaryGroupSID: S-1-5-21-860714184-2299130787-2886737959-512 sambaSID: S-1-5-21-860714184-2299130787-2886737959-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: my-pass sambaAcctFlags: [U] sambaNTPassword: my-pass sambaPwdLastSet: 1264374249 sambaPwdMustChange: 1268262249 shadowMax: 45 Log dump from net join command: Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=3 do_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk,dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: ((uid=admin)(objectClass=sambaSamAccount)) Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs: Jan 27 21:31:11 hds-debian-virt slapd[1868]: uid Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: gidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: homeDirectory Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: cn Jan 27 21:31:11 hds-debian-virt slapd[1868]: sn Jan 27 21:31:11 hds-debian-virt slapd[1868]: displayName Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: description Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 21:31:11 hds-debian-virt slapd[1868]: objectClass Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPasswordHistory Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonHours Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: Jan 27 21:31:11 hds-debian-virt slapd[1868]: = hdb_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry(dc=semark-testing,dc=dk) Jan 27 21:31:11 hds-debian-virt slapd[1868]: search_candidates: base=dc=semark-testing,dc=dk (0x0001) scope=2 Jan 27 21:31:11 hds-debian-virt slapd[1868]: = hdb_dn2idl(dc=semark-testing,dc=dk) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = bdb_equality_candidates (objectClass) Jan 27 21:31:11 hds-debian-virt slapd[1868]: = key_read Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940] Jan 27 21:31:11 hds-debian-virt slapd[1868]:= bdb_index_read: failed (-30990) Jan 27 21:31:11 hds-debian-virt slapd[1868]:=
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
I have remembered to run smbpassd -W, and I still get the same error when I try with -S pdc on net join command. I can see that LDAP is activated, and that samba is doing something, but it seams like the answer is disappear on the way back. Samba have initialised my LDAP with its SID and RID's, when it can do this way is it not possible to lookup users? Is it necessary to join my PDC to its own domain btw.? cause the new server here is going to be PDC and replace my old Win2k DC (its not a member it a separate test-domain) --- Med Venlig Hilsen / Best regards Henrik Dige Semark On 27-01-2010 21:56, Dale Schroeder wrote: Did you remember to run smbpasswd -W? Sometimes you have to add the -S switch for the join to work. net rpc join -S pdc -U root Dale On 01/27/2010 2:33 PM, Henrik Dige Semark wrote: I have just tried with net join -U Admin and I get the same error as before. # net join -U Admin Enter admin's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE Ldap search for Admin: # ldapsearch -x -h 127.0.0.1 -p 389 # Admin, Users, semark-testing.dk dn: uid=Admin,ou=Users,dc=semark-testing,dc=dk cn: Admin sn: Admin objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: Admin uidNumber: 0 homeDirectory: /home/Admin sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaHomePath: \\192.168.1.182\Admin sambaHomeDrive: H: sambaProfilePath: \\192.168.1.182\profiles\Admin sambaPrimaryGroupSID: S-1-5-21-860714184-2299130787-2886737959-512 sambaSID: S-1-5-21-860714184-2299130787-2886737959-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: my-pass sambaAcctFlags: [U] sambaNTPassword: my-pass sambaPwdLastSet: 1264374249 sambaPwdMustChange: 1268262249 shadowMax: 45 Log dump from net join command: Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=3 do_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk,dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: ((uid=admin)(objectClass=sambaSamAccount)) Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs: Jan 27 21:31:11 hds-debian-virt slapd[1868]: uid Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: gidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: homeDirectory Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: cn Jan 27 21:31:11 hds-debian-virt slapd[1868]: sn Jan 27 21:31:11 hds-debian-virt slapd[1868]: displayName Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: description Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 21:31:11 hds-debian-virt slapd[1868]: objectClass Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPasswordHistory Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonHours Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
Sorry, should be Administrator Verify the user exists in samba with pdbedit -Lv Administrator and that group mapping is setup. # net groupmap list | grep Domain Admins Domain Admins (S-1-5-21-x-512) - Domain Admins # The unix group name (on the right side of the mapping) may not exactly match the windows name. You might have # net groupmap list | grep Domain Admins Domain Admins (S-1-5-21-x-512) - Samba_Domain_Admins # Also verify that the Administrator is the correct groups #groups Administrator Domain Admins Domain Users I also had mappings for Domain Users Domain Computers Domain Guests Domain Controllers On 01/27/10 15:33, Henrik Dige Semark wrote: I have just tried with net join -U Admin and I get the same error as before. # net join -U Admin Enter admin's password: Could not connect to server PDC The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE Ldap search for Admin: # ldapsearch -x -h 127.0.0.1 -p 389 # Admin, Users, semark-testing.dk dn: uid=Admin,ou=Users,dc=semark-testing,dc=dk cn: Admin sn: Admin objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: posixAccount objectClass: shadowAccount gidNumber: 0 uid: Admin uidNumber: 0 homeDirectory: /home/Admin sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaHomePath: \\192.168.1.182\Admin sambaHomeDrive: H: sambaProfilePath: \\192.168.1.182\profiles\Admin sambaPrimaryGroupSID: S-1-5-21-860714184-2299130787-2886737959-512 sambaSID: S-1-5-21-860714184-2299130787-2886737959-500 loginShell: /bin/false gecos: Netbios Domain Administrator sambaLMPassword: my-pass sambaAcctFlags: [U] sambaNTPassword: my-pass sambaPwdLastSet: 1264374249 sambaPwdMustChange: 1268262249 shadowMax: 45 Log dump from net join command: Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22) Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22 Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=3 do_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: dnPrettyNormal:dc=semark-testing,dc=dk,dc=semark-testing,dc=dk Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH dc=semark-testing,dc=dk 2 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0 Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: ((uid=admin)(objectClass=sambaSamAccount)) Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs: Jan 27 21:31:11 hds-debian-virt slapd[1868]: uid Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: gidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: homeDirectory Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdLastSet Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdCanChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdMustChange Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaKickoffTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: cn Jan 27 21:31:11 hds-debian-virt slapd[1868]: sn Jan 27 21:31:11 hds-debian-virt slapd[1868]: displayName Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomeDrive Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonScript Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaProfilePath Jan 27 21:31:11 hds-debian-virt slapd[1868]: description Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaUserWorkstations Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLMPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaNTPassword Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaDomainName Jan 27 21:31:11 hds-debian-virt slapd[1868]: objectClass Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaAcctFlags Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMungedDial Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordCount Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordTime Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPasswordHistory Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonHours Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber Jan 27 21:31:11 hds-debian-virt slapd[1868]: Jan 27 21:31:11 hds-debian-virt slapd[1868]: = hdb_search Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry(dc=semark-testing,dc=dk) Jan 27 21:31:11 hds-debian-virt
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
My admin account is called Admin: # pdbedit -Lv Admin INFO: Current debug levels: all: True/256 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 doing parameter log file = /var/log/samba/%m.log doing parameter panic action = /usr/share/samba/panic-action %d doing parameter security = user doing parameter encrypt passwords = true doing parameter unix password sync = yes doing parameter pam password change = yes doing parameter obey pam restrictions = no doing parameter passwd program = /usr/sbin/smbldap-passwd %u doing parameter passwd chat = *Nyt kodeord* \n *Det nye kodeord skal være minimum 6 karaktere lange, og kan indeholde [0-9], [a-z] og [A-Z]* \n *Ny kode* %n\n *Tast koden igen* %n\n * Koden skiftet korrekt* doing parameter printing = cups doing parameter load printers = Yes doing parameter printcap name = cups doing parameter socket options = TCP_NODELAY pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_DOMAIN_PDC Attempting to register new charset UCS-2LE Registered charset UCS-2LE Attempting to register new charset UTF-16LE Registered charset UTF-16LE Attempting to register new charset UCS-2BE Registered charset UCS-2BE Attempting to register new charset UTF-16BE Registered charset UTF-16BE Attempting to register new charset UTF8 Registered charset UTF8 Attempting to register new charset UTF-8 Registered charset UTF-8 Attempting to register new charset ASCII Registered charset ASCII Attempting to register new charset 646 Registered charset 646 Attempting to register new charset ISO-8859-1 Registered charset ISO-8859-1 Attempting to register new charset UCS2-HEX Registered charset UCS2-HEX Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to find an passdb backend to match ldapsam:ldap://127.0.0.1 (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=SEMARKTEST))] smbldap_search_ext: base = [dc=semark-testing,dc=dk], filter = [((objectClass=sambaDomain)(sambaDomainName=SEMARKTEST))], scope = [2] Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE The connection to the LDAP server was closed smb_ldap_setup_connection: ldap://127.0.0.1 smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as cn=admin,dc=semark-testing,dc=dk ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results The LDAP server is successfully connected attribute sambaAlgorithmicRidBase does not exist pdb backend ldapsam:ldap://127.0.0.1 has a valid init Netbios name list:- my_netbios_names[0]=PDC Attempting to find an passdb backend to match ldapsam:ldap://127.0.0.1 (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=SEMARKTEST))] smbldap_search_ext: base = [dc=semark-testing,dc=dk], filter = [((objectClass=sambaDomain)(sambaDomainName=SEMARKTEST))], scope = [2] The connection to the LDAP server was closed smb_ldap_setup_connection: ldap://127.0.0.1 smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as cn=admin,dc=semark-testing,dc=dk ldap_connect_system: successful
Re: [Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
On 01/25/10 16:23, Henrik Dige Semark wrote: I have a serous problem. I have for some time now tried to get an SAMBA based Domain Controller working. I have tried with OpenLDAP and tdbsam as backend, but I get the same error every time. I wood prefer to use LDAP as my backend. I have read tons of how-to SAMBA + LDAP, but non of the seams to work for my, is there someone that maybe can see what I have done rung in my config.? I have attached my samba conf and LDAP conf. Samba is connected to OpenLDAP, and LDAP is running fine. But when I try to join my Windows XP Pro SP3 I takes about one Min and it tells my that Username and/or Password maybe rung, ore not existing. There is no doubt that Samba and Ldap is talking together (samba have updated the SID and RID's), cause when I try to join the domain LDAP is activated, but the return value is somehow disappearing on the way back to my client I have some wireshark dump that I can provide if its necessary. I can provide LOGS, DUMPS, and everything needed if its necessary. System info: Clean installed Debian Lenny (5.0.3) Clean installed Samba 3.2.5 + Winbind 3.2.5 Clean installed OpenLDAP 2.4.11 (slapd)Did you Debian default smbldap-tools (smbldap-populate is working and have populated LDAP without problems) if there is something I have forgotten please just ask for it, I'm close to be desperate.! --- Med Venlig Hilsen / Best regards Henrik Dige Semark Did you join the PDC to the domain (not sure of the exact syntax from memory, but something along the lines of net join ..) With an LDAP backend you should see an ldap entry created for the DOMAIN. I also found under LDAP on solaris that syncing passwords between windows and unix was a little tricky, so you may want to also temp try disabling the unix password sync until you have at least got machines joining the domain. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
I have a serous problem. I have for some time now tried to get an SAMBA based Domain Controller working. I have tried with OpenLDAP and tdbsam as backend, but I get the same error every time. I wood prefer to use LDAP as my backend. I have read tons of how-to SAMBA + LDAP, but non of the seams to work for my, is there someone that maybe can see what I have done rung in my config.? I have attached my samba conf and LDAP conf. Samba is connected to OpenLDAP, and LDAP is running fine. But when I try to join my Windows XP Pro SP3 I takes about one Min and it tells my that Username and/or Password maybe rung, ore not existing. There is no doubt that Samba and Ldap is talking together (samba have updated the SID and RID's), cause when I try to join the domain LDAP is activated, but the return value is somehow disappearing on the way back to my client I have some wireshark dump that I can provide if its necessary. I can provide LOGS, DUMPS, and everything needed if its necessary. System info: Clean installed Debian Lenny (5.0.3) Clean installed Samba 3.2.5 + Winbind 3.2.5 Clean installed OpenLDAP 2.4.11 (slapd) Debian default smbldap-tools (smbldap-populate is working and have populated LDAP without problems) if there is something I have forgotten please just ask for it, I'm close to be desperate.! --- Med Venlig Hilsen / Best regards Henrik Dige Semark # Defining domain name, hostname [global] dns proxy = no netbios name = pdc wins support = Yes workgroup = semarktest include = /etc/samba/dhcp.conf server string = Debian Lenny (5.0.3) PDC name resolve order = host lmhosts bcast wins # Netwok-settings hosts deny = ALL hosts allow = 192.168.1.0/24 127. # Specifying passwd backend database #username map = /etc/samba/smbusers #smb passwd file = /etc/samba/smbpasswd #passdb backend = tdbsam:/etc/samba/userdatabase.tdb passdb backend = ldapsam:ldap://127.0.0.1 # LDAPSMB-CONFIG - SMBLDAP-TOOLS # LDAPSMB-CONFIG # add user script = /usr/sbin/ldapsmb -a -u %u # add machine script = /usr/sbin/ldapsmb -a -w %u # add group script = /usr/sbin/ldapsmb -a -g %g # add user to group script = /usr/sbin/ldapsmb -j -u %u -g %g # delete user script = /usr/sbin/ldapsmb -d -u %u # delete group script = /usr/sbin/ldapsmb -d -g %g # delete user from group script = /usr/sbin/ldapsmb -r -u %u -g %g # set primary group script = /usr/sbin/ldapsmb -m -u %u -g %g # SMBLDAP-TOOLS add user script = /usr/sbin/smbldap-useradd -a -m %u -M %u add machine script = /usr/sbin/smbldap-useradd -w %u add group script = /usr/sbin/smbldap-groupadd -p %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user script = /usr/sbin/smbldap-userdel %u delete group script = /usr/sbin/smbldap-groupdel %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u # TDBSAM # add user script = /usr/sbin/useradd -m %u # delete user script = /usr/sbin/userdel -r %u # add group script = /usr/sbin/groupadd %g # delete group script = /usr/sbin/groupdel %g # add user to group script = /usr/sbin/usermod -G %g %u # add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g machines %u # Various other directives ( man smb.conf ) ### logon drive = H: logon home = \\%L\%U #logon path = \\%L\profile\%U logon script = scripts/logon.bat os level = 65 time server = Yes domain master = Yes domain logons = Yes preferred master = Yes enable privileges = yes show add printer wizard = yes dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd # Windbind ## winbind separator = % winbind cache time = 10 winbind enum users = Yes winbind uid = 1000-21000 winbind gid = 1000-21000 winbind enum groups = Yes template shell = /bin/bash template homedir = /home/%U winbind use default domain = Yes # OpenLDAP stuff is defined here ### ldap ssl = no ldap delete dn = Yes ldap passwd sync = Yes ldap user suffix = ou=Users ldap idmap suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap suffix = dc=semark-testing,dc=dk ldap admin dn = cn=admin,dc=semark-testing,dc=dk idmap uid = 1000-21000 idmap