[Samba] Debian Lenny - Samba 3.2.5 + OpenLDAP (slapd) 2.4.11
Gaiseric Vandal
gaiseric.vandal at gmail.com
Wed Jan 27 14:22:57 MST 2010
Sorry, should be "Administrator"
Verify the user exists in samba with " pdbedit -Lv Administrator"
and that group mapping is setup.
# net groupmap list | grep "Domain Admins"
Domain Admins (S-1-5-21-xxxxx-512) -> Domain Admins
#
The unix group name (on the right side of the mapping) may not exactly
match the windows name.
You might have
# net groupmap list | grep "Domain Admins"
Domain Admins (S-1-5-21-xxxxx-512) -> Samba_Domain_Admins
#
Also verify that the Administrator is the correct groups
#groups Administrator
Domain Admins Domain Users ....
I also had mappings for
Domain Users
Domain Computers
Domain Guests
Domain Controllers
On 01/27/10 15:33, Henrik Dige Semark wrote:
> I have just tried with "net join -U Admin" and I get the same error as
> before.
>
> # net join -U Admin
> Enter admin's password:
> Could not connect to server PDC
> The username or password was not correct.
> Connection failed: NT_STATUS_LOGON_FAILURE
>
> Ldap search for Admin:
>
> # ldapsearch -x -h 127.0.0.1 -p 389
>
> # Admin, Users, semark-testing.dk
> dn: uid=Admin,ou=Users,dc=semark-testing,dc=dk
> cn: Admin
> sn: Admin
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> gidNumber: 0
> uid: Admin
> uidNumber: 0
> homeDirectory: /home/Admin
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomePath: \\192.168.1.182\Admin
> sambaHomeDrive: H:
> sambaProfilePath: \\192.168.1.182\profiles\Admin
> sambaPrimaryGroupSID: S-1-5-21-860714184-2299130787-2886737959-512
> sambaSID: S-1-5-21-860714184-2299130787-2886737959-500
> loginShell: /bin/false
> gecos: Netbios Domain Administrator
> sambaLMPassword: my-pass
> sambaAcctFlags: [U]
> sambaNTPassword: my-pass
> sambaPwdLastSet: 1264374249
> sambaPwdMustChange: 1268262249
> shadowMax: 45
>
> Log dump from net join command:
>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=3 do_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:>>> dnPrettyNormal:<dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<<< dnPrettyNormal:<dc=semark-testing,dc=dk>,<dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH "dc=semark-testing,dc=dk" 2 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: (&(uid=admin)(objectClass=sambaSamAccount))
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: uid
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: gidNumber
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: homeDirectory
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdLastSet
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdCanChange
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPwdMustChange
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonTime
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogoffTime
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaKickoffTime
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: cn
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sn
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: displayName
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomeDrive
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaHomePath
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonScript
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaProfilePath
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: description
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaUserWorkstations
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaSID
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLMPassword
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaNTPassword
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaDomainName
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: objectClass
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaAcctFlags
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMungedDial
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordCount
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaBadPasswordTime
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaPasswordHistory
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLogonHours
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: modifyTimestamp
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: uidNumber
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => hdb_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry("dc=semark-testing,dc=dk")
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: search_candidates: base="dc=semark-testing,dc=dk" (0x00000001) scope=2
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => hdb_dn2idl("dc=semark-testing,dc=dk")
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940]
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_index_read: failed (-30990)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=0, first=0, last=0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => bdb_equality_candidates (uid)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [f67dad88]
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_index_read 1 candidates
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=1, first=6, last=6
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [f937ce0f]
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_index_read 3 candidates
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=3, first=6, last=18
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_search_candidates: id=1 first=6 last=6
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => send_search_entry: conn 22 dn="uid=Admin,ou=Users,dc=semark-testing,dc=dk"
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= send_search_entry: conn 22 exit.
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: conn=22 op=3 p=3
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text=""
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_response: msgid=4 tag=101 err=0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=4 do_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:>>> dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<<< dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>,<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH "sambaDomainName=semarktest,dc=semark-testing,dc=dk" 0 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: (objectClass=*)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaMaxPwdAge
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => hdb_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: base_candidates: base: "sambaDomainName=semarktest,dc=semark-testing,dc=dk" (0x00000011)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => send_search_entry: conn 22 dn="sambaDomainName=semarktest,dc=semark-testing,dc=dk"
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= send_search_entry: conn 22 exit.
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: conn=22 op=4 p=3
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text=""
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_response: msgid=5 tag=101 err=0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: conn=22 op=5 do_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:>>> dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<<< dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>,<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: SRCH "sambaDomainName=semarktest,dc=semark-testing,dc=dk" 0 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: 0 15 0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: filter: (objectClass=*)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: attrs:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: sambaLockoutThreshold
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => hdb_search
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: bdb_dn2entry("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: base_candidates: base: "sambaDomainName=semarktest,dc=semark-testing,dc=dk" (0x00000011)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: => send_search_entry: conn 22 dn="sambaDomainName=semarktest,dc=semark-testing,dc=dk"
> Jan 27 21:31:11 hds-debian-virt slapd[1868]:<= send_search_entry: conn 22 exit.
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: conn=22 op=5 p=3
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text=""
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: send_ldap_response: msgid=6 tag=101 err=0
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_get(22): got connid=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_read(22): checking for input on id=22
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: ber_get_next on fd 22 failed errno=0 (Success)
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_closing: readying conn=22 sd=22 for close
> Jan 27 21:31:11 hds-debian-virt slapd[1868]: connection_close: conn=22 sd=22
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: connection_get(14)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: connection_get(14): got connid=5
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: connection_read(14): checking for input on id=5
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: conn=5 op=1145 do_search
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:>>> dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:<<< dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>,<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: SRCH "sambaDomainName=semarktest,dc=semark-testing,dc=dk" 2 0
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: 0 15 0
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: filter: (objectClass=sambaTrustedDomainPassword)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: attrs:
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: sambaDomainName
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: sambaSID
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => hdb_search
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: bdb_dn2entry("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: search_candidates: base="sambaDomainName=semarktest,dc=semark-testing,dc=dk" (0x00000011) scope=2
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => hdb_dn2idl("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940]
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:<= bdb_index_read: failed (-30990)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=0, first=0, last=0
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [633a0e9d]
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:<= bdb_index_read: failed (-30990)
> Jan 27 21:31:41 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=0, first=0, last=0
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: bdb_search_candidates: id=0 first=17 last=0
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: hdb_search: no candidates
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: send_ldap_result: conn=5 op=1145 p=3
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text=""
> Jan 27 21:31:41 hds-debian-virt slapd[1868]: send_ldap_response: msgid=1146 tag=101 err=0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: connection_get(14)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: connection_get(14): got connid=5
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: connection_read(14): checking for input on id=5
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: conn=5 op=1146 do_search
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:>>> dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:<<< dnPrettyNormal:<sambaDomainName=semarktest,dc=semark-testing,dc=dk>,<sambaDomainName=semarktest,dc=semark-testing,dc=dk>
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: SRCH "sambaDomainName=semarktest,dc=semark-testing,dc=dk" 2 0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: 0 15 0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: filter: (objectClass=sambaTrustedDomainPassword)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: attrs:
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: sambaDomainName
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: sambaSID
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => hdb_search
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: bdb_dn2entry("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: search_candidates: base="sambaDomainName=semarktest,dc=semark-testing,dc=dk" (0x00000011) scope=2
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => hdb_dn2idl("sambaDomainName=semarktest,dc=semark-testing,dc=dk")
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [b49d1940]
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:<= bdb_index_read: failed (-30990)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=0, first=0, last=0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => bdb_equality_candidates (objectClass)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: => key_read
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: bdb_idl_fetch_key: [633a0e9d]
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:<= bdb_index_read: failed (-30990)
> Jan 27 21:32:11 hds-debian-virt slapd[1868]:<= bdb_equality_candidates: id=0, first=0, last=0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: bdb_search_candidates: id=0 first=17 last=0
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: hdb_search: no candidates
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: send_ldap_result: conn=5 op=1146 p=3
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: send_ldap_result: err=0 matched="" text=""
> Jan 27 21:32:11 hds-debian-virt slapd[1868]: send_ldap_response: msgid=1147 tag=101 err=0
>
> ---
> Med Venlig Hilsen / Best regards
> Henrik Dige Semark
>
>
> On 27-01-2010 21:06, Gaiseric Vandal wrote:
>
>> Try using "net ... -U Administrator" instead, since "root" is not
>> by default a member of the domain admin group. This presumes you have
>> created the Administrator account in samba, created the "domain
>> admins" group and setup the approp group mapping for key groups
>> (domain admins, domain users etc.)
>>
>>
>>
>>
>> On 01/27/10 14:23, Henrik Dige Semark wrote:
>>
>>> Dos the PDC have to join the domain also?
>>>
>>> When I try to join my PDC to its domain with "net join" I get the
>>> following error.
>>>
>>> Enter root's password:
>>> Could not connect to server PDC
>>> The username or password was not correct.
>>> Connection failed: NT_STATUS_LOGON_FAILURE
>>>
>>>
>>> The netbios name for my PDC is pdc.semarktest.dk I guess that way it
>>> tells my that is can't connect to server PDC
>>> I have checked that pdc is in the name server (nameserver is on
>>> 127.0.0.1)
>>>
>>> # host pdc
>>> pdc.semarktest.dk has address 192.168.1.182
>>>
>>> Is there something I'm missing?
>>>
>>> Log dump from net join command:
>>>
>>> # tail -200 /var/log/syslog | grep slapd
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got
>>> connid=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22):
>>> checking for input on id=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=2 do_search
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:>>>
>>> dnPrettyNormal:<sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk>
>>>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<<<
>>> dnPrettyNormal:<sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk>,<sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk>
>>>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH
>>> "sambaDomainName=SEMARKTEST,sambaDomainName=semarktest,dc=semark-testing,dc=dk"
>>> 2 0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter:
>>> (&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=semarktest))
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs:
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_search
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:
>>> bdb_dn2entry("sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk")
>>>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: =>
>>> hdb_dn2id("sambaDomainName=semarktest,sambaDomainName=semarktest,dc=semark-testing,dc=dk")
>>>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<= hdb_dn2id: get failed:
>>> DB_NOTFOUND: No matching key/data pair found (-30990)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result:
>>> conn=15 op=2 p=3
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=10
>>> matched="sambaDomainName=semarktest,dc=semark-testing,dc=dk" text=""
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response:
>>> msgid=3 tag=101 err=32
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got
>>> connid=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22):
>>> checking for input on id=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: conn=15 op=3 do_search
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:>>>
>>> dnPrettyNormal:<dc=semark-testing,dc=dk>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<<<
>>> dnPrettyNormal:<dc=semark-testing,dc=dk>,<dc=semark-testing,dc=dk>
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: SRCH
>>> "dc=semark-testing,dc=dk" 2 0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: 0 15 0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: filter:
>>> (&(uid=root)(objectClass=sambaSamAccount))
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: attrs:
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: uid
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: gidNumber
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: homeDirectory
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdLastSet
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdCanChange
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPwdMustChange
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonTime
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogoffTime
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaKickoffTime
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: cn
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sn
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: displayName
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomeDrive
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaHomePath
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonScript
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaProfilePath
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: description
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaUserWorkstations
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaSID
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPrimaryGroupSID
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLMPassword
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaNTPassword
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaDomainName
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: objectClass
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaAcctFlags
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaMungedDial
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordCount
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaBadPasswordTime
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaPasswordHistory
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: modifyTimestamp
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: sambaLogonHours
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: modifyTimestamp
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: uidNumber
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: => hdb_search
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:
>>> bdb_dn2entry("dc=semark-testing,dc=dk")
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: search_candidates:
>>> base="dc=semark-testing,dc=dk" (0x00000001) scope=2
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: =>
>>> hdb_dn2idl("dc=semark-testing,dc=dk")
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: =>
>>> bdb_equality_candidates (objectClass)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: => key_read
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_idl_fetch_key:
>>> [b49d1940]
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<= bdb_index_read: failed
>>> (-30990)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<=
>>> bdb_equality_candidates: id=0, first=0, last=0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: =>
>>> bdb_equality_candidates (uid)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: => key_read
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_idl_fetch_key:
>>> [15f2129b]
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<= bdb_index_read: failed
>>> (-30990)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]:<=
>>> bdb_equality_candidates: id=0, first=0, last=0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: bdb_search_candidates:
>>> id=0 first=1 last=0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: hdb_search: no candidates
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result:
>>> conn=15 op=3 p=3
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_result: err=0
>>> matched="" text=""
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: send_ldap_response:
>>> msgid=4 tag=101 err=0
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_get(22): got
>>> connid=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_read(22):
>>> checking for input on id=15
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: ber_get_next on fd 22
>>> failed errno=0 (Success)
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_closing:
>>> readying conn=15 sd=22 for close
>>> Jan 27 20:21:53 hds-debian-virt slapd[1868]: connection_close:
>>> conn=15 sd=22
>>>
>>> ---
>>> Med Venlig Hilsen / Best regards
>>> Henrik Dige Semark
>>>
>>>
>>> On 26-01-2010 22:42, Dale Schroeder wrote:
>>>
>>>
>>>> Henrik,
>>>>
>>>> I saw that another user wanted you to make sure that the PDC was added
>>>> to the domain, and he is correct.
>>>> If it is still not working after adding the PDC to the domain,
>>>> consider changing the add machine script to this:
>>>>
>>>> add machine script = /usr/sbin/smbldap-useradd -i -w '%u'
>>>>
>>>> I ran into this problem with Samba 3.4.3 on Debian Squeeze, and that
>>>> is what fixed the issue.
>>>>
>>>> Dale
>>>>
>>>>
>>>> On 01/25/2010 3:23 PM, Henrik Dige Semark wrote:
>>>>
>>>>
>>>>> I have a serous problem.
>>>>>
>>>>> I have for some time now tried to get an SAMBA based Domain Controller
>>>>> working.
>>>>> I have tried with OpenLDAP and tdbsam as backend, but I get the same
>>>>> error every time.
>>>>>
>>>>> I wood prefer to use LDAP as my backend.
>>>>> I have read tons of how-to SAMBA + LDAP, but non of the seams to work
>>>>> for my, is there someone that maybe can see what I have done rung in
>>>>> my config.?
>>>>>
>>>>> I have attached my samba conf and LDAP conf.
>>>>>
>>>>> Samba is connected to OpenLDAP, and LDAP is running fine.
>>>>> But when I try to join my Windows XP Pro SP3 I takes about one Min and
>>>>> it tells my that Username and/or Password maybe rung, ore not
>>>>> existing.
>>>>>
>>>>> There is no doubt that Samba and Ldap is talking together (samba have
>>>>> updated the SID and RID's), cause when I try to join the domain LDAP
>>>>> is activated, but the return value is somehow disappearing on the way
>>>>> back to my client
>>>>>
>>>>> I have some wireshark dump that I can provide if its necessary.
>>>>> I can provide LOGS, DUMPS, and everything needed if its necessary.
>>>>>
>>>>> System info:
>>>>> Clean installed Debian Lenny (5.0.3)
>>>>> Clean installed Samba 3.2.5 + Winbind 3.2.5
>>>>> Clean installed OpenLDAP 2.4.11 (slapd)
>>>>> Debian default smbldap-tools (smbldap-populate is working and have
>>>>> populated LDAP without problems)
>>>>> if there is something I have forgotten please just ask for it, I'm
>>>>> close to be desperate.!
>>>>>
>>>>> ---
>>>>> Med Venlig Hilsen / Best regards
>>>>> Henrik Dige Semark
>>>>>
>>>>>
>>>>>
>>>>>
>>
More information about the samba
mailing list