[Samba] ldap and xp can´t join the domain

Axel Machens axel_machens at gmx.net
Thu Apr 25 13:59:02 GMT 2002 

Hi samba admins,

I have a problem to join with a XP prof. in samba with ldap domain test system.
All works fine, I can work with my shares and pdbedit -l list all my
users in ldap system verry well (samba and ldap is great - thanks
samba team!!!).
But I ´m not shure about the working with machine accounts to join my
domain named samba.
I make a ldif file with my machine account:

dn: cn=xp$,dc=tux,dc=org
objectclass: posixaccount
cn: xp$
uid: xp$
uidNumber: 1002
gidNumber: 101
homeDirectory: /home/xp
loginShell: /bin/bash

and ldapsearch -x gives me the working entry.
And I have a user named admin and set passwd with smbpasswd -w ######.
But when I join the domain with admin and passwd it gives the error
that I have not the rights to join the samba domin.
(pdbedit -a -m -u xp creates xp$ but the effect is the same)
Please can sombody gives me a exampel for a machine account and samba
ldap admin configuration to join it???? I´m verry new with samba and ldap.

Thanks verry much !

Axel Machens

------------------------------------------------------------------
# admin.ldif / set passwd with smbpasswd -w xxxxxx #
dn: cn=admin,dc=tux,dc=org
objectclass: posixaccount
cn: admin
uid: admin
uidNumber: 1000
gidNumber: 100
homeDirectory: /home/admin
loginShell: /bin/bash

----------------------------------------------------------------


[global]
        workgroup = SAMBA
        encrypt passwords = Yes
        root directory = /
        character set = ISO8859-1
        logon path = \\neptun\profile\%U
        logon home = \\neptun\profile\%U
        domain logons = Yes
        os level = 65
        preferred master = True
        domain master = True
        wins support = Yes
        ldap port = 389
        ldap suffix = dc=tux,dc=org
        ldap filter = (&(objectclass=sambaaccount)(uid=%u))
        ldap admin dn = cn=admin,dc=tux,dc=org
        ldap ssl = no
        admin users = admin
        printer admin = admin

[homes]
        valid users = %S
        read only = No
        browseable = No

[profile]
        comment = profile
        path = /profile
        read only = No
        browseable = No

[Gruppe]
        comment = Für alle Lesen/Schreiben
        path = /public
        read only = No

More information about the samba mailing list