[Samba] Domain login problem...

Vesa Jääskeläinen jaaskela at ksao.fi
Thu Oct 24 05:25:02 GMT 2002


Hi.

Whups... Posted to wrong mailing list at first... but anyway...

I am using Samba 2.2.6 with LDAP-support compiled in under RH7.3. (same 
happened with 2.2.5)

I can logon from Win9x clients nicely to domain. I can usually
join domain under Win2k-sp3. But I can't logon to domain.

If I make local login to computer and then try to access shares,
it works correctly.

I can do logon to Linux with any user in LDAP. So nss_ldap & pam settings
should be correct. I do have two LDAP servers here. One is master LDAP server 
and then another is at samba server. Master LDAP-server replicates all changes 
to samba server.

I can find computer from LDAP (<comp name>$). If I delete it from LDAP and try 
to join again then it appears again there. So creating works (atleast somehow). 
There could be problem in this procedure.

I am unsing smbldap-tools from samba package. And have configure master ldap 
server for write operations and samba server's ldap server for read operations.

Also requiresingorseal has value 0.

I am running out of clues here... So does anyone known how this problem could 
be fixed? I can provide samba/tcpdump logs on request.

Thanks,
Vesa Jääskeläinen

-------- smb.conf -------

[global]
   log level = 5
   workgroup = TECHDOME
   netbios name = NORNOR
   server string = just testing
   log file = /var/log/samba/log.%m
   max log size = 50
   security = user
   encrypt passwords = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = yes
   os level = 64
   domain master = yes 
   domain logons = yes
   wins server = 1.2.3.4
   dns proxy = no 
   domain admin group = @"Domain Admins" root

   ldap suffix = dc=somedomain,dc=com
   ldap admin dn = cn=manager,dc=somedomain,dc=com
   ldap port = 389
   ldap server = 2.3.4.5
   ldap ssl = no

   add user script = /usr/local/sbin/smbldap-useradd.pl -w %u

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   guest ok = yes
   writable = no
   share modes = no

[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes




More information about the samba mailing list