Samba-3.0-alpha19 as PDC and Openldap

Bradley W. Langhorst brad at langhorst.com
Fri Aug 23 09:19:00 GMT 2002 

did you apply the signorseal reg patch to the clients?
It's required for w2kSP2 and winXP to join a domain.

I saw that andrew mentioned nss_ldap for user auth

I've not had any problems with smbds dying as a result of getting an
unhandled signal - should I be worried?

brad


On Fri, 2002-08-23 at 10:00, georges.goebel at ist.lu wrote:
> Hi,
> 
> I have installed Openldap 2.0.23 and downloaded the alpha version of Samba
> (Samba-3.0-alpha19)  because I need the "userWorkstations" attribute of the 
> samba.schema. With Samba 2.2.5, everything works fine but 
> the "userWorkstations" attribute is not implemented, which I need. After having 
> compiled the alpha version of Samba 3.0, I took the same configuration file and 
> changed some parameters. Now the "userWorkstations" attribute is respected 
> (some users may only login on their own machine), but I am not able to login to 
> the Domain from a Windows 2000 SP2 client. With the command: "net use 
> \\servername\sharename /user:name" I may access the share name (only when the 
> user is on the machine I specified in userworkstations), but I cannot join the 
> domain under Windows.
> 
> My Question now: Is it POSSIBLE to join a domain with ldap password 
> authentification und samba 3.0 alpha, or do I have to wait for the release ?
> 
> I try under Red Hat 7.2 and Solaris 9
> 
> Here my global section:
> 
> [global]
> 
>    workgroup = SIN-NT2
>    netbios name = testlinux
>    server string = samba / nfs
>    encrypt passwords = yes
>    passwd program = /usr/local/smbldap-tools-0.7/smbldap-passwd.pl -o %u
>    passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
>    unix password sync = yes
> 
>    log file = /var/log/samba/%m.log
>    log level = 7
> #   max log size = 0
> 
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> 
>    domain logons = yes
>    os level = 255 
>    preferred master = true
>    domain master = true
>    dns proxy = no
>    wins support = no
> 
>    ldap suffix = dc=pch,dc=etat,dc=lu
>    ldap admin dn = cn=Manager,dc=pch,dc=etat,dc=lu
>    ldap filter = (&(uid=%u)(objectClass=sambaAccount))
>    ldap machine suffix = ou=Computers,dc=pch,dc=etat,dc=lu
>    ldap user suffix = ou=Users,dc=pch,dc=etat,dc=lu
>    ldap ssl = no
> 
>    security = user
> 
>    passdb backend = ldapsam_nua
>    use spnego = no
> 
>    add machine script = /usr/local/smbldap-tools-0.7/smbldap-useradd.pl -w %u
>    add user script = /usr/local/smbldap-tools-0.7/smbldap-useradd.pl -a %u
> #   domain admin group = @"Domain Admins"
> 
> 
>    logon path = \\TESTLINUX\profiles\%u
>    logon home = \\TESTLINUX\%u
>    logon drive = H:
>    logon script = start.bat
> 
> Thanks
> 
> Georges
> Goebel
> 
> 
> 
> 
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> mswadmin at ist.lu
> 
> This footnote also confirms that this email message has been swept
>  for the presence of computer viruses.
> **********************************************************************
> 
> 
>

More information about the samba-technical mailing list