[Samba] Can No Longer Join to Domain
Bert_De_Ridder at peopleware.be
Bert_De_Ridder at peopleware.be
Tue Mar 27 05:48:50 GMT 2007
I don't know it it's going to make a difference, but my "calls" to the
smbldap scripts in smb.conf don't have quoted parameters, ie I have the
parameters without quotes
->
add machine script = /usr/local/sbin/smbldap-useradd -w %u
add user script = /usr/local/sbin/smbldap-useradd -a %u
etc...
HTH
Bert
Jason Baker <jbaker at glastender.com>
Sent by: samba-bounces+bdr=peopleware.be at lists.samba.org
26/03/2007 16:36
To
sato x <garasi9 at gmail.com>
cc
samba List <samba at lists.samba.org>
Subject
Re: [Samba] Can No Longer Join to Domain
I tried recreating the password and I still get the same error.
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
r+++ y+++
------END GEEK CODE BLOCK------
On 3/24/2007 10:32 AM, sato x wrote:
> Hi...
>
> Sorry if I was wrong. I just want to ask, did you join the machine
> (via windows machine) using root account? If it's true, then I guess
> you have to have samba password for your root. If you have made it
> before, try to recreate your root's samba password (with
> smbldap-passwd), then try to join the machine. Let me know if it
> failed. :)
>
> Regards,
>
> sato
>
> On 3/24/07, *Jason Baker* <jbaker at glastender.com
> <mailto:jbaker at glastender.com>> wrote:
>
> I have Samba 3.0.24 running on CentOS 4 as a PDC with an LDAP
backend.
> When I first set everything up, I could join workstations to the
> domain
> automatically with the Windows Network ID Wizard. Now when I try to
> join a workstation I get:
>
> Your computer could not be joined to the domain because the
> following error has occurred:
> The user name could not be found.
>
> If I add the computer name to the domain manually from the command
> line
> or with LDAP Account Manager, then go back and join it, it works.
> But it
> sure would be nice not to have to set up each machine manually. Any
> thoughts?
>
> [global]
> unix charset = LOCALE
> workgroup = glastendernet
> netbios name = aster
> server string = Glastender Domain Controller running %v
> interfaces = eth1, lo
> bind interfaces only = yes
> os level = 255
> preferred master = yes
> local master = yes
> domain master = yes
> security = user
> time server = yes
> username map = /etc/samba/smbusers
> wins support = yes
> encrypt passwords = yes
> pam password change = yes
> name resolve order = wins bcast hosts
> winbind nested groups = no
> passdb backend = ldapsam:ldap://127.0.0.1/
> ldap passwd sync = Yes
> ldap suffix = dc=glastender,dc=com
> ldap admin dn = cn=Manager,dc=glastender,dc=com
> ldap ssl = no
> ldap group suffix = ou=Groups
> ldap user suffix = ou=People
> ldap machine suffix = ou=People
> ldap idmap suffix = ou=Idmap
> idmap backend = ldap:ldap://127.0.0.1/
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> map acl inherit = yes
> add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
> #delete user script = /etc/smbldap-tools/smbldap-userdel
"%u"
> add machine script = /etc/smbldap-tools/smbldap-useradd -w
> "%u"
> add group script = /etc/smbldap-tools/smbldap-groupadd -p
> "%g"
> #delete group script = /etc/smbldap-tools/smbldap-groupdel
> "%g"
> add user to group script =
/etc/smbldap-tools/smbldap-groupmod
> -m "%u" "%g"
> delete user from group script =
> /etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
> set primary group script =
> /etc/smbldap-tools/smbldap-usermod -g
> "%g" "%u"
> domain logons = yes
> log file = /var/log/samba/log.%m
> log level = 1
> syslog = 0
> max log size = 50
> #smb ports = 139 445
> smb ports = 139
> hosts allow = 127.0.0.1 <http://127.0.0.1>
> 172.16.0.0/255.255.0.0 <http://172.16.0.0/255.255.0.0>
> # User profiles and home directories
> logon drive = U:
> logon path = \\%L\profiles\%U
> logon script = %U.bat
> large readwrite = no
> read raw = no
> write raw = no
> printcap name = /etc/printcap
> load printers = no
> printing =
>
> #=========Shares=======
> template shell = /bin/false
> winbind use default domain = no
>
> [homes]
> comment = Home Directories
> browseable = no
>
> --
>
> *Jason Baker
> */IT Coordinator/
>
>
> *Glastender Inc.*
> 5400 North Michigan Road
> Saginaw, Michigan 48604 USA
> 800.748.0423
> Phone: 989.752.4275 ext. 228
> Fax: 989.752.4444
> www.glastender.com <http://www.glastender.com>
> <http://www.glastender.com>
>
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.1
> GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
> w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
> r+++ y+++
> ------END GEEK CODE BLOCK------
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list