[Samba] joining a domain (ldap)
Michael Knigge
Michael.Knigge at set-software.de
Thu Dec 18 14:11:50 GMT 2003
All,
I try to add a computer to a PDC running SAMBA 3.0 (client is Windows
NT 4.0 SP5). I want all the user- and machine accounts stored on my
LDAP server.
When I try to join the domain I just get the error message "The
machine account for this computer either does not exist or is not
accessible".
When I look on my LDAP-Server, I see that SAMBA has not created an
account for my computer. Why?
This is my first step into LDAP and also PDC so let me describe what
I've done so far:
My LDAP-Server is configured like this:
dc=set-software,dc=de
+- cn=admin (My LDAP-Admin)
+- ou=Computer (for Machine accounts)
+- ou=User (for SAMBA and UNIX-Users)
+- uid=Administrator
+- uid=nobody
+- uid=root
+- ou=Group (for SAMBA and UNIX-Groups)
+- sambaDomainName=S.E.T.
And this is my smb.conf:
[global]
log level = 10 passdb:10 auth:10 winbind:10
workgroup = S.E.T.
netbios name = KIRK
server string = Captain Kirk (SAMBA %v on %h)
account = nobody
invalid users = root
guest ok = no
keep alive = 30
os level = 65
security = user
obey pam restrictions = yes
printing = bsd
printcap name = /etc/printcap
load printers = no
printer admin = mk
bind interfaces only = yes
interfaces = eth1
hosts allow = 192.168.199.0/255.255.255.0
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096
SO_RCVBUF=4096
wins support = yes
domain logons = yes
domain master = yes
local master = yes
preferred master= yes
logon drive = U:
logon home = \\KIRK\home
logon path = \\KIRK\profile
encrypt passwords = true
passdb backend = ldapsam:ldap://localhost
time server = yes
dns proxy = no
oplocks = yes
fake oplocks = no
level2 oplocks = yes
dead time = 15
read raw = yes
write raw = yes
getwd cache = yes
dos filetime resolution = yes
case sensitive = no
default case = lower
preserve case = yes
short preserve case = yes
dos charset = CP850
unix charset = ISO8859-1
lm announce = yes
lm interval = 60
max log size = 1000
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
ldap suffix = "dc=set-software,dc=de"
ldap user suffix = "ou=User"
ldap machine suffix = "ou=Computer"
ldap admin dn = "cn=admin,dc=set-software,dc=de"
[netlogon]
path = /home/netlogon
public = no
read only = yes
browseable = no
locking = no
guest ok = yes
[profile]
path = /home/profile
read only = no
browseable = no
create mode = 0600
directory mode = 0700
[home]
path = /home/%U
read only = no
create mode = 0600
directory mode = 0700
Hope someone can help me!
Thank you,
Michael
More information about the samba
mailing list