Re: [Samba] Errors logging in from Windows - LDAP + Samba PDC

2007-03-16 Thread Paul Traylor 
There are not any 2000 or 2003 servers on the network, but I bumped the 
os level up to 100 anyways and restarted samba though it still gives me 
the same login error.
The system cound not log you on.  Make sure your User name and domain 
are correct, then type your password again.  Letters in passwords must 
be typed using the correct case



Felipe Augusto van de Wiel wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 03/14/2007 11:06 AM, Paul Traylor wrote:
[...]

os level = 35

[...]

Any chances that you have a Windows machine around (like
a 2000 server or a 2003) that could win the election and answering
the domain requests instead of you samba server?


Kind regards,

- --
Felipe Augusto van de Wiel [EMAIL PROTECTED]
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF+Us7Cj65ZxU4gPQRAnVwAJ9r4ageQKrAmZsoO0bGLe0BWp6KiACbBvse
6Q5NCLSXYzSMsmufZ7w6dP8=
=2AyG
-END PGP SIGNATURE-


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Errors logging in from Windows - LDAP + Samba PDC

2007-03-16 Thread Felipe Augusto van de Wiel 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 03/16/2007 10:54 AM, Paul Traylor wrote:
 There are not any 2000 or 2003 servers on the network, 
 but I bumped the os level up to 100 anyways and restarted
 samba though it still gives me the same login error.
 The system cound not log you on.  Make sure your User name 
 and domain are correct, then type your password again.
 Letters in passwords must be typed using the correct case

It stills sounds like the client is not finding your
samba server. Try to increase the log level and see what
happens on the server side with more detail.

Kind regards,

- --
Felipe Augusto van de Wiel [EMAIL PROTECTED]
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF+qePCj65ZxU4gPQRArQiAJ92s82BgCAMYXae3p7awNG8syq36wCgiwuU
cCgONW6d/Fk32VtxdmzZwnw=
=R+w4
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Errors logging in from Windows - LDAP + Samba PDC

2007-03-15 Thread Felipe Augusto van de Wiel 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 03/14/2007 11:06 AM, Paul Traylor wrote:
[...]
 os level = 35
[...]

Any chances that you have a Windows machine around (like
a 2000 server or a 2003) that could win the election and answering
the domain requests instead of you samba server?


Kind regards,

- --
Felipe Augusto van de Wiel [EMAIL PROTECTED]
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF+Us7Cj65ZxU4gPQRAnVwAJ9r4ageQKrAmZsoO0bGLe0BWp6KiACbBvse
6Q5NCLSXYzSMsmufZ7w6dP8=
=2AyG
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Errors logging in from Windows - LDAP + Samba PDC

2007-03-14 Thread Paul Traylor 

Just to get these things out of the way

 CentOS (2.6.9-42.0.10.ELsmp)

 # yum list installed | grep openssl
 openssl.i686 0.9.7a-43.14   installed
 openssl-devel.i586   0.9.7a-43.14   installed

 # yum list installed | grep samba
 samba.i386   3.0.10-1.4E.11 installed
 samba-client.i3863.0.10-1.4E.11 installed
 samba-common.i3863.0.10-1.4E.11 installed
 samba-swat.i386  3.0.10-1.4E.11 installed

 # yum list installed | grep samba
 nss_ldap.i386226-17 installed
 openldap.i3862.2.13-6.4Einstalled
 openldap-clients.i3862.2.13-6.4Einstalled
 openldap-devel.i386  2.2.13-6.4Einstalled
 openldap-servers.i3862.2.13-6.4Einstalled
 smbldap-tools-0.9.2

 I think that should cover most of what someone else would need to know.
The goal is to have a PDC that uses Samba and LDAP.  I have used guides
like the guide from here
http://www.idealx.com/content/view/184/169/lang,en/ .  I seem to have
LDAP and Samba working and the smbldap-tools working properly.  I can
use the LDAP Account Manager ( http://lam.sourceforge.net/ ) to add
users to the domain and then use ssh and pam_ldap to connect with those
user names.  I can add users to the domain, and use the domain usernames
and passwords to connect to shares off the server.  I can also add
machines to the domain from Windows without any problems and they show
up in LDAP.  The part that has me stumped is that I can't  seem to login
to the domain from one of the domain accounts.  I can login with the
local admin account then use a domain login to login to domain shares I
just can't do the initial Windows login.  Turning the samba debugging up
to 3 doesn't seem to help since I see log messages like
   check_ntlm_password:  authentication for user [testuser] -
[testuser] - [testuser] succeeded
 which would make me think that things are working properly.  I kinda
suspect that the problem could be with smbldap-tools somewhere since I
was able to switch samba to authing from the /etc/samba/smbpasswd file
and it was able to login fine though I have yet to figure out which
script is called on Windows logins.  Any help would be appreciated.

smb.conf (I replaced the server address with 'server.address' but that's
the only change I made for posting to this list.
[global]

workgroup = TEMPDOMAIN
netbios name = SSC2
server string = Samba Server %v
security = user
allow trusted domains = yes

time server = no

log level = 3
log file = /var/log/samba/log.%m
max log size = 10

domain logons = yes
os level = 35
local master = yes
domain master = yes
preferred master = yes
encrypt passwords = yes
lm announce = true

passwd program = /usr/local/sbin/smbldap-tools/smbldap-passwd %u
passwd chat debug = yes
ldap passwd sync = yes
passdb backend = ldapsam:ldap://server.address:389

ldap ssl = start_tls
ldap suffix = dc=soil,dc=ncsu,dc=edu
ldap admin dn = cn=Manager,dc=soil,dc=ncsu,dc=edu
ldap delete dn =no
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
admin users = administrator

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

logon home =
logon path =
logon script = logon.cmd

add user script = /usr/local/sbin/smbldap-tools/smbldap-useradd -a %u
add machine script = /usr/local/sbin/smbldap-tools/smbldap-useradd -w 
%u
add group script = /usr/local/sbin/smbldap-tools/smbldap-groupadd -p 
%g
add user to group script =
/usr/local/sbin/smbldap-tools/smbldap-groupmod -m %u %g
delete user from group script =
/usr/local/sbin/smbldap-tools/smbldap-groupmod -x %u %g
set primary group script =
/usr/local/sbin/smbldap-tools/smbldap-usermod -g %g %u

dos charset = 850
hosts allow = 152.1.121.0/24
mangling method = hash2
obey pam restrictions = no
syslog = 0
unix charset = ISO8859-1
username map = /etc/samba/smbusers
wins support = no
template shell = /bin/false
winbind use default domain = no
[netlogon]
comment = Network Logon Service
path = /usr/local/samba/netlogon
writeable = no
public = no
browsable = no

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba