[Samba] LDAP Domain Trust

Sat Aug 10 04:48:30 GMT 2002

The problem seems to be that the trust account isnt being saved in Samba.

-- 

Arthur H. Johnson II
Senior Systems Engineer

The Linux Box
206 S. Fifth Ave. Suite 150
Ann Arbor, MI  48104

tel.  734-761-4689
fax.  734-769-8938
pgr.  734-882-0323

On Fri, 9 Aug 2002, Simon Chambers wrote:

> Have you created a machine account for the computer?
>
> If not this is your problem.
>
> You do it by creating a blank user with the name WSName$ in /etc/passwd and
> then creating a SMB entry using
>
> smbpasswd -a -m WSName
>
> this will create the trust account.
>
> If you have any problems check the samba-pdc-howto
> http://www.mirror.ac.uk/sites/ftp.samba.org/docs/htmldocs/samba-pdc-howto.ht
> ml
>
> Regards,
>
> Simon
>
> ----- Original Message -----
> From: "Arthur H. Johnson II" <arthur at linuxbox.nu>
> To: <samba at lists.samba.org>
> Cc: "Matt Benjamin" <matt at linuxbox.nu>; <elizabeth at linuxbox.nu>
> Sent: Thursday, August 08, 2002 9:27 PM
> Subject: [Samba] LDAP Domain Trust
>
>
> >
> > I have a small problem.  I'm an LDAP newbie, and am having trouble getting
> > Samba to authenticate.  What I have is an LDAP tree, with the samba.schema
> > loaded in out LDAP configuration.  I already tested smb.conf without
> > ldap-sam compiled in, and it authenticates just fine to smbpasswd and
> > locally added machine trust accounts.
> >
> > Submitted for your assistance:
> >
> > Prelim:
> >
> > 1. WSName = workstation name
> > 2. TESTDOM = domain name
> > 3. myuser = User in LDAP database
> >    a. authenticated via smbpasswd
> > 4. Joined domain as configured with LDAP with smbpasswd
> >
> >
> > On Server:
> >
> > 1. User accounts added
> > 2. run:  smbldap-useradd.pl -w WSName
> >    a. Not sure where the perl script came from
> >    b. LDAP was set up for my by my boss
> > 3. Added "root" user to LDAP
> >
> >
> > On XP: First Run
> >
> > 1. Edit registry to zero out requiresignorseal
> > 2. Reboot
> > 3. right click on My Computer, to to properties
> > 4. Go to Computer Name, click on Change
> > 5. Make sure name is:  WSName
> > 6. Click on Domain, add "TESTDOM" to domain field
> > 7. Asks for user allowed access, enter "root" user and pass
> > 8. After long wait, it says "Welcom to domain...." blah blah
> > 9. Reboot, try to authenticate as "myuser"
> >    a. Says something about not being able to find the domain
> > 10. Log in as administrator local, says that I am joined to the
> >     domain.
> >
> > On XP, second run:
> >
> > 1. right click on My Computer, go to properties
> > 2. go to computer name, go to Network ID
> > 3. Follow directions in Wizard
> > 4. When I get to the final window, where it asks to
> >    add a user, it tells me that it cant establish a
> >    "Trust Account" with the server.  WTF?
> >
> > Like I said, when I manually add all the info in Samba's smbpasswd with
> > Samba compiled without LDAP, everything goes smooth.  I can auth as
> > different users, etc.
> >
> > Any help out there?  We are a commercial company and would be willing to
> > pay someone.  I have a feeling this has something to do with Samba and
> > LDAP not playing well together.  My LDAP samba.schema is located here:
> >
> > http://arthur.linuxbox.nu/samba.schema
> >
> > --
> >
> > Arthur H. Johnson II
> > Senior Systems Engineer
> >
> > The Linux Box
> > 206 S. Fifth Ave. Suite 150
> > Ann Arbor, MI  48104
> >
> > tel.  734-761-4689
> > fax.  734-769-8938
> > pgr.  734-882-0323
> >
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
>