Samba 3 PDC with LDAP backend problem
Richard Sharpe
rsharpe at richardsharpe.com
Tue Aug 3 01:32:46 GMT 2004
On Sat, 31 Jul 2004, Wong Onn Chee wrote:
> Hi,
>
> Can you provide a extract of your LDAP database?
> In addition, can you provide the output of "pdbedit -L -v -u
> Administrator" ?
Indeed. Having gone through much pain these last few days, make sure that
your tools are not adding entities with duplicate SIDs etc. This was a
problem with the smbldap-useradd.pl and other scripts for me.
> On Thu, 2004-07-29 at 13:29 -0400, Bousquet Francois wrote:
> > I am installing an Samba 3 PDC with an OpenLDAP backend.
> >
> > I am currently having a problem when I try to add a Windows workstation to
> > the domain with the Administrator user or trying to connect to a share.
> >
> > I get the following error :
> >
> > [2004/07/29 13:35:22, 1] auth/auth_util.c:make_server_info_sam(822)
> > User Administrator in passdb, but getpwnam() fails!
> > [2004/07/29 13:35:22, 0] auth/auth_sam.c:check_sam_security(260)
> > check_sam_security: make_server_info_sam() failed with
> > 'NT_STATUS_NO_SUCH_USER'
> >
> > But the user exists in my ldap, because if I do this command :
> >
> > # getent passwd | grep Administrator
> > Administrator:x:0:512:Netbios Domain Administrator:/home/:/bin/false
> >
> > nss_ldap is installed and configured proprely :
> > # grep "ldap" /etc/nsswitch.conf
> > passwd: files ldap
> > group: files ldap
> > #
> >
> >
> > Here is my smb.conf
> >
> > [global]
> > workgroup = DEV_BLC
> > netbios name = ud1981wfx01
> > passdb backend = ldapsam:ldap://ud1981wfx01
> > #username map = /etc/samba/smbusers
> > add user script = /usr/local/sbin/smbldap-useradd -m '%u'
> > delete user script = /usr/local/sbin/smbldap-userdel %u
> > add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
> > delete group script = /usr/local/sbin/smbldap-groupdel '%g'
> > add user to group script = /usr/local/sbin/ \
> > smbldap-groupmod -m '%g' '%u'
> > delete user from group script = /usr/local/sbin/ \
> > smbldap-groupmod -x '%g' '%u'
> > set primary group script = /usr/local/sbin/ \
> > smbldap-usermod -g '%g' '%u'
> > add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
> > #logon script = scripts\logon.bat
> > #logon path = \\%L\Profiles\%U
> > #logon drive = H:
> > #logon home = \\%L\%U
> > domain logons = Yes
> > os level = 35
> > preferred master = Yes
> > domain master = Yes
> > ldap suffix = dc=blc,dc=com
> > ldap machine suffix = ou=People
> > ldap user suffix = ou=People
> > ldap group suffix = ou=People
> > ldap idmap suffix = ou=People
> > ldap admin dn = cn=Manager,dc=blc,dc=com
> > ldap passwd sync = Yes
> > idmap uid = 15000-20000
> > idmap gid = 15000-20000
> > winbind separator = +
> >
> > [share1]
> > path = /tmp
> >
> > [share2]
> > path = /
> > browseable = Yes
> > comment = Some random files
> >
> >
> > Any idea ?
> >
> > - Francois
>
>
Regards
-----
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
More information about the samba-technical
mailing list