LDAP: Administrator/Groups/RID

Martin Hofbauer Bacher Systems EDV mh at bacher.at
Fri Jan 15 22:21:28 GMT 1999

Today I continued testing the LDAP/PDC functionality;

I succeeded joining the domain and login with an LDAP User !!!!!!

	With the Administrator ( mapped to uid=sadmin,ntuid=Administrator)
	login is rejected with NT Client Error
	(C0000250). Password is ok, because if I add a different password
	here is the ldap record:

dn: cn=Super User,ou=People,ou=Zentrale,o=ACG,c=AT
 uid: sadmin
 nickname: sadmin
 userpassword: {crypt}kW09aUFbp4zvs
 objectclass: top
 objectclass: person
 objectclass: organizationalPerson
 objectclass: inetOrgPerson
 objectclass: emailPerson
 objectclass: sambaAccount
 ou: Zentrale
 cn: Super User
 uidnumber: 0
 gidnumber: 1
 ntuid: Administrator
 homedrive: H:
 script: scripts\sadmin.bat
 smbhome: sadmin
 profile: sadmin\profile
 rid: 0
 grouprid: 1
 workstations: seppi
 pwdcanchange: 367ECAD3
 pwdmustchange: 967ECAD3
 logontime: 111
 logofftime: 111
 kickofftime: 111
 lmpassword: 14875687C26E8C2990004151ADA7B438
 ntpassword: E735EDF15BD6D35F6187C8DEC377D561
 pwdlastset: 369FAA9F
 acctflags: [U          ]

	My Problem: Due to my lack of NT PDC knowledge,
	I have no idea what I have to set to
	rid, group_rid,( *time values) .

My normal user( who's LDAP login is working) has UNIX UID 6000 and RID
6000, too, 

	The last thing I can see in the log files is a ldap
	search to (member=ADMINISTRATOR,*)(objectclass=SAMBAGROUP)

	What about the objectclass SAMBAGROUP ?
	What are the attributes ?

Martin Hofbauer                                       IT-Consulting
phone : +43 (1) 60 126-34                   Bacher Systems EDV GmbH
fax   : +43 (1) 60 126-4                         Wienerbergstr. 11B
e-mail: mh at bacher.at                         A-1101 Vienna, Austria

More information about the samba-technical mailing list