[Samba] LDAP PDC problems

Yura Pismerov ypismerov at tucows.com
Thu Sep 12 13:36:01 GMT 2002 

	In the profiles share, do you have "nt acl support = no" ?
If not, set it up and see if that helps.

Edoardo Causarano wrote:
> 
> Hello there,
> 
> I'm running 2.2.5 compiled with ACL and LDAP auth. The PDC used to work
> flawlessly using smbpasswd but I want to dual boot the workstations to
> Linux so I need a centralized LDAP authentication repository.
> 
> Once I reinstalled the LDAPized samba I started populating the directory
> with the "well-known" identities using the smbldap tools (bear in mind
> I'm more of a UNIX guy so these MSisms are a bit of a black magic to
> me). Following that I started using smbldap-useradd to insert the users
> in the domain, chowning their homes to the new UNIX uids and wile I was
> at it, moved the profiles to a separate place in the filesystem (the
> profile used to be in unix HOME; worked fine but docs said it gives
> problems so I followed instructions).
> 
> The situation is as follows:
> Users no longer have unix private group, their primary group is 100
> (Users) which is default in those tools and logon to the NT4 machines is
> ok and attribute mapping is fully turned on (hoped this would cure the
> sync briefcase becoming a regular dir after roaming logoff/login).
> File/Directory masks are all 0777.
> 
> I'm experiencing many problem with this configuration so please give me
> some hints (documentation pointers if necessary): MS Office keeps
> popping up the registration initials/username window as if is had been
> run for the first time (often locking up). Printing no longer works, eg.
> Acrobat 5 asks to define a default printer before proceeding but the
> control panel wizard refuses to run. Outlook express asks to choose a
> user profile from an empty list and creation of a new one fails. Homes
> drive mapping no longer works. Accounts belonging to Domain Admins group
> work ok.
> 
> I'm not near the machines ATM, but I suspect it's the primary group
> that's @ fault; perhaps it sould be Domain Users. Can you confirm this
> or is there something worse @ play?
> 
> Ciao,
> Edo
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 

Yuri Pismerov, Sr. System Administrator, 
TUCOWS.COM INC.	(416) 535-0123  ext. 1352

More information about the samba mailing list