[Samba] adding computer in domain with user other than root

Fri Oct 31 15:55:18 GMT 2003

Oh and BTW I still have to add machine accounts manually in the
/etc/passwd file.

Jean-Rene Cormier

On Fri, 2003-10-31 at 11:51, Jean-Rene Cormier wrote:
> My smb.conf is pretty basic, I don't see anything else other than the
> domain admin group that would change that behaviour.
> 
> Here's part of my smb.conf:
> 
> [global]
>         workgroup = DOMAIN
>         netbios name = SERVER
>         server string = SERVER
>         interfaces = 192.168.0.2 127.0.0.1
>         bind interfaces only = Yes
>         encrypt passwords = Yes
>         passwd program = /usr/bin/passwd %u
>         username map = /etc/samba/private/usermap
>         unix password sync = Yes
>         log file = /var/log/samba/%m
>         socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
> 
>         name resolve order = wins bcast hosts
>         domain admin group = root, admina, adminb
>         logon path = \\%N\profiles\%u
>         logon drive = I:
>         domain logons = Yes
>         os level = 35
>         preferred master = Yes
>         local master = Yes
>         domain master = Yes
>         wins support = Yes
>                                                                                      	ldap server = 127.0.0.1
>         ldap port = 389
>         ldap suffix = "dc=domain,dc=com"
>         ldap admin dn = "uid=smbadmin,ou=People,dc=domain,dc=com"
>         ldap ssl = Yes
> 
> Jean-Rene Cormier
> 
> On Fri, 2003-10-31 at 11:36, werner maes wrote:
> > I'm glad it works for you :-)
> > can you give some configuration details of smb.conf?
> > 
> > I have: domain admin group = root ldaptest.
> > 
> > Werner
> > 
> > At 11:27 31/10/2003, Jean-Rene Cormier wrote:
> > >I just reformatted a computer and I joined it with my regular username
> > >which doesn't have uid=0 and is not mapped to root either. I thought
> > >that maybe it was because the machine account was already in LDAP so I
> > >booted up another Windows in VMWare and removed it from the domain and
> > >changed the computer name to one that wasn't already in LDAP and I was
> > >able to join it with the same username. I'm using the "domain admin
> > >group" and it seems to be working fine. Running on Samba 2.2.8a btw.
> > >
> > >Jean-Rene Cormier
> > >
> > >On Fri, 2003-10-31 at 10:37, Thiago Lima wrote:
> > > > The user MUST be root, if you want to use another user map it to root in
> > > > smbusers.
> > > >
> > > >
> > > > regards.
> > > > thiago.
> > > >
> > > >
> > > > > I tried to add a computer to a Samba domain using another account
> > > > > (testuser) than root.
> > > > > I use LDAP for authentication and added the account
> > > > > (testuser) with uid=0
> > > > > in ldap. If I use this account to add an computer to the
> > > > > domain I get the
> > > > > error: "Access is denied".
> > > > >
> > 
> > 