[Samba] Samba 2.2.2 & LDAP

Gonzalo Servat gonzalo at unixpac.com.au
Wed Feb 6 03:04:03 GMT 2002

Hi All

I'm trying to configure a samba server to be a PDC for a bunch of Win2k
(and maybe WinXP) workstations and authenticate logins via LDAP (with
encrypted passwords)

So far, I've got the Win2k box to join the domain (it's a step forward)
but once I reboot and try to login to the domain it immediately says:

"The system cannot log you on now because the domain SAMBATEST is not

The only error I see in the samba log file is:

[2002/02/06 21:42:46, 0] rpc_server/srv_netlog_nt.c:get_md4pw(162)
  get_md4pw: Workstation glaptop$: no account in domain

However that only comes up once I log into the workstation itself, not
the domain, so from what I can see it's not even attempting to log on.

My smb.conf file:

-------------------------------- cut -------------------------------
   workgroup = TESTPDC
   server string = Samba PDC Server
   netbios name = SMBPDC
   log file = /var/log/samba/%m.log
   max log size = 0
   security = user
   debug level = 1
   encrypt passwords = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
   unix password sync = no
   domain logons = yes
   domain master = yes
   local master = yes
   preferred master = yes
   os level = 65
   dns proxy = no
   wins support = yes
   logon home = \\SMBPDC\%U
   logon drive = H:
   name resolve order = lmhosts host wins bcast
   ldap suffix = o=Smbpdc,c=AU
   ldap admin dn = cn=admin,o=Smbpdc,c=AU
   preserve case = yes
   short preserve case = yes
   domain admin group = " @"Domain Admins" "

   comment = Home Directories
   valid users = %S
   read only = no
   create mask = 0600
   directory mask = 0700
   browseable = no
   guest ok = no

   comment = Network Logon Service
   path = /etc/samba/netlogon
   guest ok = no
   read only = yes

   comment = Windows-User-Profiles
   path = /home/%U/.profile 
   create mode = 0644
   directory mode  = 0755
   guest ok = yes

-------------------------------- cut -------------------------------

To confirm that samba is talking to LDAP properly, I can map
\\SMBPDC\testuser with a login/password in the LDAP database.

Am I missing something in the smb.conf? I've searched google and mailing
list archives and I couldn't find an answer.

Thanks in advance for any help!



More information about the samba mailing list