[Samba] Howto join Win2000 to a Samba acting as a PDC?

Alexander Skwar lists.ASkwar at DigitalProjects.com
Thu May 9 14:59:03 GMT 2002 

Hi.

As you may have noticed, I'm trying to setup my Samba server so that it
is the PDC.  I'm reading the howtos on
http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html and
http://de.samba.org/samba/docs/Samba-HOWTO-Collection.html#SAMBA-PDC .
Besides being a PDC, samba should use LDAP as the backend for storing
user stuff.

The LDAP contains the user/group accounts as listed in the idealx howto
from http://samba.idealx.org/dist/samba-ldap-howto.pdf, page 41.

The Windows 2000 Pro machine which should join the domain is called
"VIRTUAL-TEICH", so I added a machine account "VIRTUAL-TEICH$" to the
LDAP. 

I'm now trying to actually add the machine to the domain.  So I right
clicked on the "Workspace" (? Arbeitsplatz) icon to open the system
preferences.  Then on "Network identification" (?
Netzwerkidentifikation) -> "Properties" (? Eigenschaften).  There I
changed the radio button from Workgroup to Domain and entered the name
I've set in /etc/samba/smb.conf "workgroup = MDKGROUP" (I entered
MDKGROUP).  Then a dialog popped up, and I entered a user name which is
listed in LDAP (I've tried using a username of a member of the Domain
Admins group as well as from a plain normal user).  Both times I get the
following error message in /var/log/messages:

May  9 21:42:04 teich smbd[31340]: [2002/05/09 21:42:04, 0] passdb/pdb_ldap.c:ldap_open_connection(79) 
May  9 21:42:04 teich smbd[31340]:   ldap_open_connection: cannot access LDAP when not root.. 

Attaching shares with usernames which are only listed in the LDAP works
fine.  But before I tried this, I made sure to remove all attached
shares and reboot the machine.

I also tried using "root" as the username, but then the Windows 2000
just hangs.  In /var/log/messages I get:

May  9 21:51:37 teich smbd[32235]:   api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. 

Oh, after quite some time (~1 minute), a dialog in Win2000 popped up:
"Willkommen zur Domäne MDKGROUP".  ;)

Well, I dislike this.  Do I really have to use root to join the domain?  

This is with samba 2.2.4 on MandrakeLinux 8.2.

What am I missing?

Alexander Skwar
-- 
How to quote:	http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:	http://www.iso-top.de      |    Jabber: askwar at a-message.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
                       Uptime: 4 hours 45 minutes

More information about the samba mailing list