[Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles
J. Echter
j.echter at elektro-mayer-echter.de
Thu Aug 4 04:09:13 MDT 2011
Am 03.08.2011 18:43, schrieb TAKAHASHI Motonobu:
> From: "J. Echter"<j.echter at elektro-mayer-echter.de>
> Date: Tue, 02 Aug 2011 14:12:05 +0200
>
>> I thought im done setting domain to WORKGROUP, as its set in smbldap.conf.
>>
>> I don't get why smbldap tools thinks im on a domain called BDC.
>>
>> Would it help if i post some output from pdbedit or stuff like that? I
>> really don't get where this error comes from.
> Have you set the SID same as PDC on BDC? For example
>
> -----
> bdc# net rpc getsid
> Storing SID S-1-5-21-2535719703-1779805756-2758924810 for Domain DomanName in secrets.tdb
> -----
>
> Remembet that before running the command, you have to set smb.conf
> correctly as BDC.
>
>> here's the conf of my testing smb machine:
>>
>> [global]
>> domain master = no
>> domain logons = no
>> passdb backend = ldapsam:ldap://mule
>> idmap backend = ldap:ldap://mule
>> idmap uid = 10000-15000
>> idmap gid = 10000-15000
> You have to set "domain logons = yes" to make this machine act as BDC.
>
> And are you running Winbind? If not, idmap backend/uid/gid does not mean
> anything.
>
>> there's something wrong with my config... the successful logins are only
>> able because the users are already there as local unix accounts.
>>
>> i created a new user 'test' and this one can't even login.
> Have you correctly set nss-ldap on BDC? For example /etc/nss_ldap.conf
>
> "getent passwd<a-user-created-on-PDC>" on BDC shows his entry?
>
> ---
> TAKAHASHI Motonobu<monyo at samba.gr.jp>
>
>
ok, im sorry. im stupid. i overlooked that i disabled domain logons...
now its showing the right domain with pdbedit -v
thanks a lot.
now im trying to logon again...
cheers.
More information about the samba
mailing list