[Samba] Win2k, Samba 2.2.5 and LDAP [Success]

[drgn65 at ufl.edu]

Thank you very much Eddie for all your help. I succesfully got 2 win2k
machines and an XP machine to join my domain.  I did have to do a few minor
adjustments though, so I figured if someone else had this issue they could
share from my experience as well.

First, I had already added accounts for these machines in /etc/passwd and in
the LDAP directory.  So I deleted those accounts.  After doing your smb.conf
adjustments and adding ou=Computers.  I tried to just change the name of the
computer and join the domain.  No success.  Then I added the computer to
/etc/passwd and tried to rename the computer in order to join the domain.
No success.  Finally, I changed the name of the computer but I changed it to
a Workgroup instead of a domain.  Rebooted the computer.  Then once rebooted
I changed it from workgroup to domain and I got "Welcome to the Domain" and
I received success.  I did this for the other win2k machine and XP machine.

using the script in my smb.conf did not add the computer to /etc/passwd.  It
did however add the computer to the LDAP tree but only once and in
ou=People. Although, just realizing this now, in my smb.conf I don't have
/usr/local/sbin/smbldap-useradd.pm I just have
/home/some_user/samba-2.2.5/examples/.../smbldap-useradd.pm.  Might that of
made the difference as to why the computer wasn't added to /etc/passwd?

Anyway, it all works now.  Thank you so much for your help.

-Peter

--Original Message-----
From: Eddie Lania [mailto:e.lania at elton.nl]
Sent: Thursday, July 25, 2002 3:19 AM
To: drgn65 at ufl.edu
Cc: samba at lists.samba.org
Subject: Re: [Samba] Win2k, Samba 2.2.5 and LDAP


Hi ?,

I have had the same problem a while ago.

After downloading and installing the smbldap tools, I modified the
smbldap-conf.pm according to my own needs.
Pay special attention to the group (number) parameter for the computers in
the ldap tree and smbldap-conf.pm, and the location of your smbpasswd
program (/usr/local/samba/bin/smbpasswd).

You also need to add the computers group (102 in my case) to the /etc/group
file.

domwks:x:102:

I added the parameter "add user script =
/usr/local/sbin/smbldap-useradd.pm -g 102 -w %u" to my smb.conf.
I restarted the smb and nmb services.

After that I was able to succesfully add a win2k/xpclient pc to the domain.
Later I noticed that the client pc was added to /etc/password AND it was
added twice to my ldap tree, one time as a user in the Users tree and also
as a computer in the Computers tree.
This makes sence to me since samba (smbpasswd) needs to find the pc in the
/etc/passwd file but the authentication is also done to the ldap database.

Look for the Softerra ldap browser and Administrator, they are helpfull
tools!

I hope this works for you too?

Greetings,

Eddie.