[Samba] Samba 2.2.2 & LDAP
Gonzalo Servat
gonzalo at unixpac.com.au
Wed Feb 6 03:04:03 GMT 2002
Hi All
I'm trying to configure a samba server to be a PDC for a bunch of Win2k
(and maybe WinXP) workstations and authenticate logins via LDAP (with
encrypted passwords)
So far, I've got the Win2k box to join the domain (it's a step forward)
but once I reboot and try to login to the domain it immediately says:
"The system cannot log you on now because the domain SAMBATEST is not
available"
The only error I see in the samba log file is:
[2002/02/06 21:42:46, 0] rpc_server/srv_netlog_nt.c:get_md4pw(162)
get_md4pw: Workstation glaptop$: no account in domain
However that only comes up once I log into the workstation itself, not
the domain, so from what I can see it's not even attempting to log on.
My smb.conf file:
-------------------------------- cut -------------------------------
[global]
workgroup = TESTPDC
server string = Samba PDC Server
netbios name = SMBPDC
log file = /var/log/samba/%m.log
max log size = 0
security = user
debug level = 1
encrypt passwords = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
unix password sync = no
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
dns proxy = no
wins support = yes
logon home = \\SMBPDC\%U
logon drive = H:
name resolve order = lmhosts host wins bcast
ldap suffix = o=Smbpdc,c=AU
ldap admin dn = cn=admin,o=Smbpdc,c=AU
preserve case = yes
short preserve case = yes
domain admin group = " @"Domain Admins" "
[homes]
comment = Home Directories
valid users = %S
read only = no
create mask = 0600
directory mask = 0700
browseable = no
guest ok = no
[netlogon]
comment = Network Logon Service
path = /etc/samba/netlogon
guest ok = no
read only = yes
[profiles]
comment = Windows-User-Profiles
path = /home/%U/.profile
create mode = 0644
directory mode = 0755
guest ok = yes
-------------------------------- cut -------------------------------
To confirm that samba is talking to LDAP properly, I can map
\\SMBPDC\testuser with a login/password in the LDAP database.
Am I missing something in the smb.conf? I've searched google and mailing
list archives and I couldn't find an answer.
Thanks in advance for any help!
Regards,
Gonzalo.
More information about the samba
mailing list