[Samba] samba with ldap PDC cannot join my windows to domain?
Dale Schroeder
dale at BriannasSaladDressing.com
Wed Aug 12 12:17:30 MDT 2009
Alberto,
You will need a [netlogon] share.
I used these tutorials for my setup, taking the best from both. I know
they can work.
I did skip the [profiles] share, as I didn't want roaming profiles.
http://wiki.makethemove.net/index.php?title=LDAP-Samba
https://help.ubuntu.com/community/OpenLDAP-SambaPDC-OrgInfo-Posix
Compare these to what you've done; see if anything was missed.
Dale
Alberto Moreno wrote:
> Hi people.
>
> I have been working with samba+ldap = PDC in my test netwwork. I had
> follow the good tutorial: Samba By Example, chapter 5, I had done all
> the test the book say and no issues.
>
> I have 2 issues:
>
> 1; I cannot see my domain at my windows browser.
> 2; I cannot add my windows xp pro to my domain.
>
> I have been trying to see if I could find the solution but nothing
> yet, there is the reason I send this email.
>
> My server is Centos 5.3 latest one all the packages are the current
> from centos.
>
> Ldap looks that is working, because all my test from the book pass,
> and the same with samba.
>
> Went I try to add one Winbox to the domain I receive this:
>
> "The following error occurred attempting to join the domain "MyDomain"
> "The network path as not found"
>
> My smb.conf is this:
>
> [global]
> dos charset = 850
> unix charset = ISO8859-1
> display charset = ISO8859-1
> workgroup = RMAI
> netbios name = RMAIPDC
> server string = Samba Server on %L
> os level = 33
> remote announce = 192.168.50.255
> interfaces = eth0,lo
> bind interfaces only = Yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> allow hosts = 192.168.50.0/24 127.0.0.1
> admin users = Manager @"Domain Admins"
> passdb backend = ldapsam:ldap://127.0.0.1
> enable privileges = Yes
> username map = /etc/samba/smbusers
> log level = 6
> syslog = 1
> log file = /var/log/samba/%m.log
> max log size = 100
> smb ports = 139 445
> name resolve order = wins bcast hosts
> time server = No
> #printcap name = CUPS
> show add printer wizard = No
> add user script = /usr/sbin/smbldap-useradd -m "%u"
> delete user script = /usr/sbin/smbldap-userdel "%u"
> add group script = /usr/sbin/smbldap-groupadd -p "%g"
> delete group script = /usr/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
> add machine script = /usr/sbin/smbldap-useradd -w "%u"
> #logon script = scripts\logon.bat
> #logon path = \\%L\profiles\%U
> #logon drive = X:
> domain logons = Yes
> domain master = Yes
> preferred master = Yes
> wins support = Yes
> ##########LDAP###################
> ldap suffix = dc=rmai,dc=local
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=People
> ldap group suffix = ou=Groups
> ldap idmap suffix = ou=Idmap
> ldap admin dn = cn=Manager,dc=rmai,dc=local
> idmap backend = ldap:ldap://127.0.0.1
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> #################################
> map acl inherit = Yes
> cups options = ""
>
> [homes]
> comment = RMAI Home Directories
> browseable = No
> writeable = Yes
> read only = No
> create mask = 0664
> browseable = No
> valid users = %U
>
> [profiles]
> path = /home/samba/profiles
> read only = No
> store dos attributes = Yes
> create mask = 0600
> directory mask = 0700
> browseable = No
> writeable = Yes
> guest ok = No
>
> The stuff I can see at the log files is this:
>
> windows-box.log
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
> 004c uni_max_len: 0000000c
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
> 0050 offset : 00000000
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
> 0054 uni_str_len: 0000000c
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:dbg_rw_punival(942)
> 0058 buffer : F.A.M.-.C.H.O.R.I.Z.O...
> [2009/08/11 16:40:49, 6] rpc_parse/parse_prs.c:prs_debug(84)
> 000070 smb_io_chal
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint8s(857)
> 0070 data: 03 a3 f4 30 4b c7 3c 90
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_debug(84)
> 000000 net_io_r_auth
> [2009/08/11 16:40:49, 6] rpc_parse/parse_prs.c:prs_debug(84)
> 000000 smb_io_chal
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint8s(857)
> 0000 data: 00 00 00 00 00 00 00 00
> [2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
> 0008 status: NT_STATUS_ACCESS_DENIED
> [2009/08/11 16:40:49, 5] rpc_server/srv_pipe.c:api_rpcTNP(2305)
> api_rpcTNP: called NETLOGON successfully
> [2009/08/11 16:40:49, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(529)
> free_pipe_context: destroying talloc pool of size 70
>
> I will increase the debug level and give u more info.
>
> Thanks for your time!!!
>
>
More information about the samba
mailing list