[Samba] Samba 3.0.1 W2K Joing domain error - the user name couldnot be found

John H Terpstra jht at samba.org
Sun Dec 28 05:40:23 GMT 2003


Hi,

There will be a bug fix for 3.0.1 within a few days. Looks like we have a
bug in NTLMSSP code in 3.0.1. This does prevent domain logons. Domain
joins when done as 'root' do work, but subsequent logons do not. A patch
was posted on samba-technical yesterday and should be in 3.0.2pre CVS
within 24 hours.

- John T.

On Sun, 28 Dec 2003 sun at percipia.com wrote:

> Hi,
>
> Thanks for your information. Now I was not able to login as domain user. I
> am getting following error message.
>
> The system cannot log you on now because domain TECHGROUP is not  available.
>
>
> Here is my ldap log message:-
>
> Dec 28 00:31:08 rishi slapd[1753]: conn=93 fd=17 ACCEPT from IP=::1 1230
> (IP=:: 389)
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=0 BIND
> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=0 AUTHZ
> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=0 RESULT tag=97 err=0 text=
> Dec 28 00:31:08 rishi slapd[2167]: conn=93 op=1 SRCH
> base="dc=sfgroup,dc=com" scope=2
> filter="(&(objectClass=sambaDomain)(sambaDomainName=TECHGROUP))"
> Dec 28 00:31:08 rishi slapd[2167]: conn=93 op=1 SEARCH RESULT tag=101
> err=0 nentries=1 text=
> Dec 28 00:31:08 rishi slapd[2340]: conn=93 op=2 SRCH
> base="dc=sfgroup,dc=com" scope=2
> filter="(&(sambaSID=S-1-5-21-554143600-2037058611-3511194912-501)(objectClass=sambaSamAccount))"
> Dec 28 00:31:08 rishi slapd[2340]: conn=93 op=2 SEARCH RESULT tag=101
> err=0 nentries=0 text=
> Dec 28 00:31:08 rishi slapd[1753]: conn=94 fd=23 ACCEPT from
> IP=127.0.0.1:1231 (IP=:: 389)
> Dec 28 00:31:08 rishi slapd[2166]: conn=94 op=0 BIND dn="" method=128
> Dec 28 00:31:08 rishi slapd[2166]: conn=94 op=0 RESULT tag=97 err=0 text=
> Dec 28 00:31:08 rishi slapd[2167]: conn=94 op=1 SRCH
> base="dc=sfgroup,dc=com" scope=2 filter="(uid=nobody)"
> Dec 28 00:31:08 rishi slapd[2167]: conn=94 op=1 SEARCH RESULT tag=101
> err=0 nentries=1 text=
> Dec 28 00:31:08 rishi slapd[2340]: conn=94 op=2 SRCH
> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> filter="(&(objectClass=posixGroup)(|(memberUid=nobody)(uniqueMember=uid=nobody,ou=people,dc=sfgroup,dc=com)))"
> Dec 28 00:31:08 rishi slapd[2340]: conn=94 op=2 SEARCH RESULT tag=101
> err=0 nentries=1 text=
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=3 SRCH
> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> filter="(&(objectClass=sambaGroupMapping)(gidNumber=65533))"
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=3 SEARCH RESULT tag=101
> err=0 nentries=0 text=
> Dec 28 00:31:08 rishi slapd[2167]: conn=93 op=4 SRCH
> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))"
> Dec 28 00:31:08 rishi slapd[2167]: conn=93 op=4 SEARCH RESULT tag=101
> err=0 nentries=0 text=
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=5 SRCH
> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> filter="(&(objectClass=sambaGroupMapping)(gidNumber=546))"
> Dec 28 00:31:08 rishi slapd[2166]: conn=93 op=5 SEARCH RESULT tag=101
> err=0 nentries=1 text=
>
> samba log message:-
> ================
>
> [2003/12/28 00:32:05, 3] smbd/process.c:process_smb(890)
>   Transaction 1 of length 137
> [2003/12/28 00:32:05, 3] smbd/process.c:switch_message(685)
>   switch message SMBnegprot (pid 2677)
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [PC NETWORK PROGRAM 1.0]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LANMAN1.0]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [Windows for Workgroups 3.1a]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LM1.2X002]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [LANMAN2.1]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(455)
>   Requested protocol [NT LM 0.12]
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_nt1(329)
>   using SPNEGO
> [2003/12/28 00:32:05, 3] smbd/negprot.c:reply_negprot(532)
>   Selected protocol NT LM 0.12
> [2003/12/28 00:32:05, 3] smbd/process.c:process_smb(890)
>   Transaction 2 of length 202
> [2003/12/28 00:32:05, 3] smbd/process.c:switch_message(685)
>   switch message SMBsesssetupX (pid 2677)
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(591)
>   wct=12 flg2=0xc807
> [2003/12/28 00:32:05, 2] smbd/sesssetup.c:setup_new_vc_session(544)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(471)
>   Doing spnego session setup
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(502)
>   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
> PrimaryDomain=[]
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(380)
>   Got OID 1 3 6 1 4 1 311 2 2 10
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_spnego_negotiate(383)
>   Got secblob of size 32
> [2003/12/28 00:32:05, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
>   Got NTLMSSP neg_flags=0xe0088297
> [2003/12/28 00:32:05, 3] smbd/process.c:process_smb(890)
>   Transaction 3 of length 234
> [2003/12/28 00:32:05, 3] smbd/process.c:switch_message(685)
>   switch message SMBsesssetupX (pid 2677)
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X(591)
>   wct=12 flg2=0xc807
> [2003/12/28 00:32:05, 2] smbd/sesssetup.c:setup_new_vc_session(544)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(471)
>   Doing spnego session setup
> [2003/12/28 00:32:05, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(502)
>   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
> PrimaryDomain=[]
> [2003/12/28 00:32:05, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(609)
>   Got user=[] domain=[] workstation=[SALES] len1=1 len2=0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] auth/auth.c:check_ntlm_password(219)
>   check_ntlm_password:  Checking password for unmapped user []\[]@[SALES]
> with the new password interface
> [2003/12/28 00:32:05, 3] auth/auth.c:check_ntlm_password(222)
>   check_ntlm_password:  mapped user is: [TECHGROUP]\[]@[SALES]
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 2] lib/smbldap.c:smbldap_search_suffix(1096)
>   smbldap_search_suffix: searching
> for:[(&(sambaSID=S-1-5-21-554143600-2037058611-3511194912-501)(objectclass=sambaSamAccount))]
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1636)
>   ldapsam_search_one_group: searching
> for:[(&(objectClass=sambaGroupMapping)(gidNumber=65533))]
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(235)
>   fetch sid from gid cache 65533 ->
> S-1-5-21-554143600-2037058611-3511194912-132067
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1636)
>   ldapsam_search_one_group: searching
> for:[(&(objectClass=sambaGroupMapping)(gidNumber=65534))]
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 3] smbd/uid.c:push_conn_ctx(287)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2003/12/28 00:32:05, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1636)
>   ldapsam_search_one_group: searching
> for:[(&(objectClass=sambaGroupMapping)(gidNumber=546))]
> [2003/12/28 00:32:05, 2] passdb/pdb_ldap.c:init_group_from_ldap(1680)
>   init_group_from_ldap: Entry found for group: 546
> [2003/12/28 00:32:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:05, 3] auth/auth.c:check_ntlm_password(268)
>   check_ntlm_password: guest authentication for user [] succeeded
> [2003/12/28 00:32:16, 3] smbd/process.c:timeout_processing(1104)
>   timeout_processing: End of file from client (client has disconnected).
> [2003/12/28 00:32:16, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2003/12/28 00:32:16, 2] smbd/server.c:exit_server(558)
>   Closing connections
> [2003/12/28 00:32:16, 3] smbd/connection.c:yield_connection(69)
>   Yielding connection to
> [2003/12/28 00:32:16, 3] smbd/server.c:exit_server(601)
>   Server exit (normal exit)
>
> smb.conf
> =======
> [global]
>         workgroup = TECHGROUP
>         server string = rishi Samba Server
>         null passwords = Yes
>         passdb backend = ldapsam
>         passwd program = /usr/local/bin/smbldap-passwd.pl -o %u
>         passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*
>         passwd chat debug = Yes
>         log level = 3
>         log file = /var/log/samba/%m.log
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         printcap name = cups
>         add user script = /usr/local/sbin/smbldap-useradd.pl -a "%u"
>         delete user script = /usr/local/sbin/smbldap-useradd.pl -d "%u"
>         add group script = /usr/local/sbin/smbldap-useradd.pl -a -g "%g"
>         delete group script = /usr/local/sbin/smbldap-useradd.pl -d -g "%g"
>         add user to group script = /usr/local/sbin/smbldap-useradd.pl -j
> -u "%u" -g "%g"
>         delete user from group script = /usr/local/sbin/smbldap-useradd.pl
> -j -u "%u" -g "%g"
>         set primary group script = /usr/local/sbin/smbldap-useradd.pl -m
> -u "%u" -gid "%g"
>         add machine script = /usr/local/sbin/smbldap-useradd.pl -a -w "%m"
>         domain logons = Yes
>         os level = 22
>         preferred master = Yes
>         domain master = Yes
>         dns proxy = No
>         wins support = Yes
>         ldap suffix = dc=sfgroup,dc=com
>         ldap machine suffix = ou=People
>         ldap user suffix = ou=People
>         ldap group suffix = ou=Groups
>         ldap admin dn = "cn=Manager,dc=sfgroup,dc=com"
>         ldap ssl = no
>         printing = cups
>
> [homes]
>         comment = Home Directories
>         read only = No
>         browseable = No
>
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         printable = Yes
>         browseable = No
>
> ldap data
> =======
>  ldapsearch -x
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope sub
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # sfgroup.com
> dn: dc=sfgroup,dc=com
> objectClass: dcObject
> objectClass: organization
> dc: sfgroup
> o: sfgroup
>
> # People, sfgroup.com
> dn: ou=People,dc=sfgroup,dc=com
> objectClass: organizationalUnit
> ou: People
>
> # Groups, sfgroup.com
> dn: ou=Groups,dc=sfgroup,dc=com
> objectClass: organizationalUnit
> ou: Groups
>
> # Administrator, People, sfgroup.com
> dn: uid=Administrator,ou=People,dc=sfgroup,dc=com
> cn: Administrator
> sn: Administrator
> objectClass: inetOrgPerson
> objectClass: sambaSAMAccount
> objectClass: posixAccount
> gidNumber: 512
> uid: Administrator
> homeDirectory: /home
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomePath: \\_PDCNAME_\homes
> sambaHomeDrive: _HOMEDRIVE_
> sambaProfilePath: \\_PDCNAME_\profiles\
> sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-512
> loginShell: /bin/false
> gecos: Netbios Domain Administrator
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
> uidNumber: 0
> sambaLMPassword: 78BCCAEE08C90E29AAD3B435B51404EE
> sambaAcctFlags: [U]
> sambaNTPassword: F9E37E83B83C47A93C2F09F66408631B
> sambaPwdLastSet: 1072586991
> sambaPwdMustChange: 1076474991
>
> # nobody, People, sfgroup.com
> dn: uid=nobody,ou=People,dc=sfgroup,dc=com
> cn: nobody
> sn: nobody
> objectClass: inetOrgPerson
> objectClass: sambaSAMAccount
> objectClass: posixAccount
> gidNumber: 514
> uid: nobody
> uidNumber: 999
> homeDirectory: /dev/null
> sambaPwdLastSet: 0
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaPwdMustChange: 2147483647
> sambaHomePath: \\_PDCNAME_\homes
> sambaHomeDrive: _HOMEDRIVE_
> sambaProfilePath: \\_PDCNAME_\profiles\
> sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-514
> sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
> sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
> sambaAcctFlags: [NU         ]
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-2998
> loginShell: /bin/false
>
> # Domain Admins, Groups, sfgroup.com
> dn: cn=Domain Admins,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 512
> cn: Domain Admins
> memberUid: Administrator
> description: Netbios Domain Administrators
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-512
> sambaGroupType: 2
> displayName: Domain Admins
>
> # Domain Users, Groups, sfgroup.com
> dn: cn=Domain Users,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 513
> cn: Domain Users
> description: Netbios Domain Users
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-513
> sambaGroupType: 2
> displayName: Domain Users
> memberUid: testuser
>
> # Domain Guests, Groups, sfgroup.com
> dn: cn=Domain Guests,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 514
> cn: Domain Guests
> description: Netbios Domain Guests Users
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-514
> sambaGroupType: 2
> displayName: Domain Guests
>
> # Administrators, Groups, sfgroup.com
> dn: cn=Administrators,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 544
> cn: Administrators
> description: Netbios Domain Members can fully administer the
> computer/sambaDom
>  ainName
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-544
> sambaGroupType: 2
> displayName: Administrators
>
> # Users, Groups, sfgroup.com
> dn: cn=Users,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 545
> cn: Users
> description: Netbios Domain Ordinary users
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-545
> sambaGroupType: 2
> displayName: users
>
> # Guests, Groups, sfgroup.com
> dn: cn=Guests,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 546
> cn: Guests
> memberUid: nobody
> description: Netbios Domain Users granted guest access to the
> computer/sambaDo
>  mainName
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-546
> sambaGroupType: 2
> displayName: Guests
>
> # Power Users, Groups, sfgroup.com
> dn: cn=Power Users,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 547
> cn: Power Users
> description: Netbios Domain Members can share directories and printers
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-547
> sambaGroupType: 2
> displayName: Power Users
>
> # Account Operators, Groups, sfgroup.com
> dn: cn=Account Operators,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 548
> cn: Account Operators
> description: Netbios Domain Users to manipulate users accounts
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-548
> sambaGroupType: 2
> displayName: Account Operators
>
> # Server Operators, Groups, sfgroup.com
> dn: cn=Server Operators,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 549
> cn: Server Operators
> description: Netbios Domain Server Operators
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-549
> sambaGroupType: 2
> displayName: Server Operators
>
> # Print Operators, Groups, sfgroup.com
> dn: cn=Print Operators,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 550
> cn: Print Operators
> description: Netbios Domain Print Operators
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-550
> sambaGroupType: 2
> displayName: Print Operators
>
> # Backup Operators, Groups, sfgroup.com
> dn: cn=Backup Operators,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 551
> cn: Backup Operators
> description: Netbios Domain Members can bypass file security to back up files
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-551
> sambaGroupType: 2
> displayName: Backup Operators
>
> # Replicator, Groups, sfgroup.com
> dn: cn=Replicator,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 552
> cn: Replicator
> description: Netbios Domain Supports file replication in a sambaDomainName
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-552
> sambaGroupType: 2
> displayName: Replicator
>
> # Domain Computers, Groups, sfgroup.com
> dn: cn=Domain Computers,ou=Groups,dc=sfgroup,dc=com
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 553
> cn: Domain Computers
> description: Netbios Domain Computers accounts
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-553
> sambaGroupType: 2
> displayName: Domain Computers
>
> # TECHGROUP, sfgroup.com
> dn: sambaDomainName=TECHGROUP,dc=sfgroup,dc=com
> sambaDomainName: TECHGROUP
> sambaSID: S-1-5-21-554143600-2037058611-3511194912
> sambaAlgorithmicRidBase: 1000
> objectClass: sambaDomain
>
> # rishi$, People, sfgroup.com
> dn: uid=rishi$,ou=People,dc=sfgroup,dc=com
> objectClass: top
> objectClass: inetOrgPerson
> objectClass: posixAccount
> cn: rishi$
> sn: rishi$
> uid: rishi$
> uidNumber: 1000
> gidNumber: 553
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
>
> # sales$, People, sfgroup.com
> dn: uid=sales$,ou=People,dc=sfgroup,dc=com
> objectClass: top
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: sambaSamAccount
> cn: sales$
> sn: sales$
> uid: sales$
> uidNumber: 1001
> gidNumber: 553
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
> sambaSID: S-1-5-21-554143600-2037058611-3511194912-3002
> sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-553
> displayName: sales$
> sambaAcctFlags: [W          ]
> sambaPwdCanChange: 1072588504
> sambaPwdMustChange: 2147483647
> sambaLMPassword: B202D709688A89784A8EA3837AB65FF3
> sambaNTPassword: 9F3902B332FB510F60BED83F46792D35
> sambaPwdLastSet: 1072588504
>
> # testuser, People, sfgroup.com
> dn: uid=testuser,ou=People,dc=sfgroup,dc=com
> objectClass: top
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: sambaSAMAccount
> cn: testuser
> sn: testuser
> uid: testuser
> uidNumber: 1002
> gidNumber: 513
> homeDirectory: /home/testuser
> loginShell: /bin/bash
> gecos: System User
> description: System User
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> displayName: System User
> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-3004
> sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-513
> sambaHomeDrive: _HOMEDRIVE_
> sambaLogonScript: testuser.cmd
> sambaProfilePath: \\_PDCNAME_\profiles\testuser
> sambaHomePath: \\_PDCNAME_\homes
> sambaLMPassword: B69F04706E569E211AA818381E4E281B
> sambaAcctFlags: [U]
> sambaNTPassword: 698057F0BF5073086D2FAFFF49B3E4FF
> sambaPwdLastSet: 1072588703
> sambaPwdMustChange: 1076476703
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 23
> # numEntries: 22
>
> Any help to fix this error message
>
>
> > Hi,
> >
> > I suggest you put computer objects into the People container. Samba-3 does
> > not search the Computers container correctly. That should solve your
> > problem.
> >
> > Cheers,
> > John T.
> >
> > On Sat, 27 Dec 2003 sun at percipia.com wrote:
> >
> >> Hi,
> >>
> >> I am trying to add Windows 2000 (newly installed with service pack 4)
> >> machine to suse linux 8.2 samba 3.0.1 + LDAP PDC. Its giving me user
> >> could
> >> not be found error message.
> >>
> >> When I join it automatically creates account for machine (sales$) under
> >> Computers tree,
> >>
> >> Ldap log file it searching under People tree.
> >>
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=409 op=1 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2 filter="(&(objectClass=posix
> >> Account)(uid=sales$))"
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=409 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=409 op=2 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2 filter="(&(objectClass=posix
> >> Account)(uid=SALES$))"
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=409 op=2 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >>
> >> Here is some more information.
> >>
> >> rishi:/usr/local/sbin # rpm -qa | grep -i samba
> >> samba3-3.0.1-14
> >> samba3-client-3.0.1-14
> >> samba3-winbind-3.0.1-14
> >> samba3-doc-3.0.1-14
> >> rishi:/usr/local/sbin # rpm -qa | grep -i openldap
> >> openldap2-client-2.1.12-50
> >> openldap2-2.1.12-50
> >> openldap-lib-1.2.13-285
> >>
> >>
> >> testparm command output:-
> >>
> >> # Global parameters
> >> [global]
> >>         workgroup = TECHGROUP
> >>         server string = rishi Samba Server
> >>         null passwords = Yes
> >>         passdb backend = ldapsam
> >>         passwd program = /usr/local/bin/smbldap-passwd.pl -o %u
> >>         passwd chat = *new*password* %n\n *new*password:* %n\
> >> *successfully*
> >>         passwd chat debug = Yes
> >>         log level = 3
> >>         log file = /var/log/samba/%m.log
> >>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >>         printcap name = cups
> >>         add user script = /usr/local/sbin/smbldap-useradd.pl -a "%u"
> >>         delete user script = /usr/local/sbin/smbldap-useradd.pl -d "%u"
> >>         add group script = /usr/local/sbin/smbldap-useradd.pl -a -g "%g"
> >>         delete group script = /usr/local/sbin/smbldap-useradd.pl -d -g
> >> "%g"
> >>         add user to group script = /usr/local/sbin/smbldap-useradd.pl -j
> >> -u "%u" -g "%g"
> >>         delete user from group script =
> >> /usr/local/sbin/smbldap-useradd.pl
> >> -j -u "%u" -g "%g"
> >>         set primary group script = /usr/local/sbin/smbldap-useradd.pl -m
> >> -u "%u" -gid "%g"
> >>         add machine script = /usr/local/sbin/smbldap-useradd.pl -a -w
> >> "%m"
> >>         domain logons = Yes
> >>         os level = 22
> >>         preferred master = Yes
> >>         domain master = Yes
> >>         dns proxy = No
> >>         wins support = Yes
> >>         ldap suffix = dc=sfgroup,dc=com
> >>         ldap machine suffix = ou=Computers
> >>         ldap user suffix = ou=People
> >>         ldap group suffix = ou=Groups
> >>         ldap admin dn = "cn=Manager,dc=sfgroup,dc=com"
> >>         ldap ssl = no
> >>         printing = cups
> >>
> >> [homes]
> >>         comment = Home Directories
> >>         read only = No
> >>         browseable = No
> >>
> >> [printers]
> >>         comment = All Printers
> >>         path = /var/spool/samba
> >>         printable = Yes
> >>         browseable = No
> >>
> >> rishi:/var/log/samba # id Administrator
> >> uid=0(Administrator) gid=512(Domain Admins) groups=512(Domain Admins)
> >>
> >> rishi:/usr/local/sbin # ./smbldap-usershow.pl Administrator
> >> dn: uid=Administrator,ou=People,dc=sfgroup,dc=com
> >> cn: Administrator
> >> sn: Administrator
> >> objectClass: inetOrgPerson,sambaSAMAccount,posixAccount
> >> uid: Administrator
> >> homeDirectory: /home
> >> sambaLogonTime: 0
> >> sambaLogoffTime: 2147483647
> >> sambaKickoffTime: 2147483647
> >> sambaPwdCanChange: 0
> >> sambaHomePath: \\_PDCNAME_\homes
> >> sambaHomeDrive: _HOMEDRIVE_
> >> sambaProfilePath: \\_PDCNAME_\profiles\
> >> loginShell: /bin/false
> >> gecos: Netbios Domain Administrator
> >> gidNumber: 512
> >> sambaSID: S-1-5-21-3516781642-1962875130-3438800523-1000
> >> sambaPrimaryGroupSID: S-1-5-21-3516781642-1962875130-3438800523-512
> >> uidNumber: 0
> >> sambaLMPassword: 78BCCAEE08C90E29AAD3B435B51404EE
> >> sambaAcctFlags: [U]
> >> sambaNTPassword: F9E37E83B83C47A93C2F09F66408631B
> >> sambaPwdLastSet: 1072465723
> >> sambaPwdMustChange: 1076353723
> >> userPassword: {SSHA}dboB3GxKxhYDDZqacEuJ5aUnf1Oya8O2
> >>
> >> ldap log file output
> >> =====================
> >> Dec 27 13:54:17 rishi slapd[4494]: conn=401 fd=20 ACCEPT from IP=::1
> >> 2998
> >> (IP=:: 389)
> >> Dec 27 13:54:17 rishi slapd[4580]: conn=401 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:17 rishi slapd[4580]: conn=401 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:17 rishi slapd[4580]: conn=401 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:17 rishi slapd[5265]: conn=401 op=1 SRCH
> >> base="dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=sambaDomain)(sambaDomainName=TECHGROUP))"
> >> Dec 27 13:54:17 rishi slapd[5265]: conn=401 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[7378]: conn=401 op=2 SRCH
> >> base="dc=sfgroup,dc=com" scope=2
> >> filter="(&(uid=Administrator)(objectClass=sambaSamAccount))"
> >> Dec 27 13:54:17 rishi slapd[7378]: conn=401 op=2 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[4581]: conn=380 op=3 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=Administrator))"
> >> Dec 27 13:54:17 rishi slapd[4581]: conn=380 op=3 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[4494]: conn=402 fd=23 ACCEPT from
> >> IP=127.0.0.1:2999 (IP=:: 389)
> >> Dec 27 13:54:17 rishi slapd[5270]: conn=402 op=0 BIND dn="" method=128
> >> Dec 27 13:54:17 rishi slapd[5270]: conn=402 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:17 rishi slapd[4580]: conn=402 op=1 SRCH
> >> base="dc=sfgroup,dc=com" scope=2 filter="(uid=Administrator)"
> >> Dec 27 13:54:17 rishi slapd[4580]: conn=402 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[5265]: conn=402 op=2 SRCH
> >> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixGroup)(|(memberUid=Administrator)(uniqueMember=uid=administrator,ou=people,dc=sfgroup,dc=com)))"
> >> Dec 27 13:54:17 rishi slapd[5265]: conn=402 op=2 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[7378]: conn=401 op=3 SRCH
> >> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=sambaGroupMapping)(gidNumber=512))"
> >> Dec 27 13:54:17 rishi slapd[7378]: conn=401 op=3 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:17 rishi slapd[4581]: conn=380 op=4 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=administrator))"
> >> Dec 27 13:54:17 rishi slapd[4581]: conn=380 op=4 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:18 rishi slapd[5270]: conn=401 op=4 SRCH
> >> base="dc=sfgroup,dc=com" scope=2
> >> filter="(&(uid=sales$)(objectClass=sambaSamAccount))"
> >> Dec 27 13:54:18 rishi slapd[5270]: conn=401 op=4 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:18 rishi slapd[4580]: conn=380 op=5 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=sales$))"
> >> Dec 27 13:54:18 rishi slapd[4580]: conn=380 op=5 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:18 rishi slapd[7378]: conn=380 op=6 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=SALES$))"
> >> Dec 27 13:54:18 rishi slapd[7378]: conn=380 op=6 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:19 rishi slapd[4494]: conn=380 fd=22 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=403 fd=22 ACCEPT from
> >> IP=127.0.0.1:3000 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=403 op=0 BIND dn="" method=128
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=403 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=403 op=1 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uidNumber=1000))"
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=403 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=403 op=2 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uidNumber=1001))"
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=403 op=2 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=404 fd=26 ACCEPT from
> >> IP=127.0.0.1:3001 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=404 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=404 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=404 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=404 op=1 SRCH
> >> base="dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=sales))"
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=404 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=404 op=2 UNBIND
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=404 fd=26 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=405 fd=26 ACCEPT from
> >> IP=127.0.0.1:3002 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=405 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=405 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=405 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=405 op=1 SRCH
> >> base="ou=Groups,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixGroup)(gidNumber=553))"
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=405 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=1 text=
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=405 fd=26 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=406 fd=26 ACCEPT from
> >> IP=127.0.0.1:3003 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=406 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=406 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=406 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=406 op=1 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(sambaSID=S-1-5-21-3516781642-1962875130-3438800523-3002)"
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=406 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=407 fd=29 ACCEPT from
> >> IP=127.0.0.1:3004 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=406 op=2 UNBIND
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=406 fd=26 closed
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=407 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=407 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=407 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=408 fd=26 ACCEPT from
> >> IP=127.0.0.1:3005 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=408 op=0 BIND
> >> dn="cn=Manager,dc=sfgroup,dc=com" method=128
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=408 op=0 AUTHZ
> >> dn="cn=Manager,dc=sfgroup,dc=com" mech=simple ssf=0
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=408 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=408 op=1 ADD
> >> dn="uid=sales$,ou=Computers,dc=sfgroup,dc=com"
> >> Dec 27 13:54:20 rishi slapd[4580]: conn=408 op=1 RESULT tag=105 err=68
> >> text=
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=408 op=2 UNBIND
> >> Dec 27 13:54:20 rishi slapd[7378]: conn=408 fd=26 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=407 fd=29 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=409 fd=26 ACCEPT from
> >> IP=127.0.0.1:3006 (IP=:: 389)
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=403 fd=22 closed
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=409 op=0 BIND dn="" method=128
> >> Dec 27 13:54:20 rishi slapd[5265]: conn=409 op=0 RESULT tag=97 err=0
> >> text=
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=409 op=1 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=sales$))"
> >> Dec 27 13:54:20 rishi slapd[4581]: conn=409 op=1 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=409 op=2 SRCH
> >> base="ou=People,dc=sfgroup,dc=com" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=SALES$))"
> >> Dec 27 13:54:20 rishi slapd[5270]: conn=409 op=2 SEARCH RESULT tag=101
> >> err=0 nentries=0 text=
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=401 fd=20 closed
> >> Dec 27 13:54:20 rishi slapd[4494]: conn=402 fd=23 closed
> >>
> >>
> >>
> >> samba log file:
> >> ---------------
> >>  Transaction 1 of length 137
> >>   switch message SMBnegprot (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   Requested protocol [PC NETWORK PROGRAM 1.0]
> >>   Requested protocol [LANMAN1.0]
> >>   Requested protocol [Windows for Workgroups 3.1a]
> >>   Requested protocol [LM1.2X002]
> >>   Requested protocol [LANMAN2.1]
> >>   Requested protocol [NT LM 0.12]
> >>   using SPNEGO
> >>   Selected protocol NT LM 0.12
> >>   Transaction 2 of length 202
> >>   switch message SMBsesssetupX (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   wct=12 flg2=0xc807
> >>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> >> all old resources.
> >>   Doing spnego session setup
> >>   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
> >> PrimaryDomain=[]
> >>   Got OID 1 3 6 1 4 1 311 2 2 10
> >>   Got secblob of size 32
> >>   Got NTLMSSP neg_flags=0xe0088297
> >>   Transaction 3 of length 330
> >>   switch message SMBsesssetupX (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   wct=12 flg2=0xc807
> >>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> >> all old resources.
> >>   Doing spnego session setup
> >>   NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
> >> PrimaryDomain=[]
> >>   Got user=[Administrator] domain=[TECHGROUP] workstation=[SALES]
> >> len1=24
> >> len2=24
> >>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   check_ntlm_password:  Checking password for unmapped user
> >> [TECHGROUP]\[Administrator]@[SALES] with the new password interface
> >>   check_ntlm_password:  mapped user is:
> >> [TECHGROUP]\[Administrator]@[SALES]
> >>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   smbldap_search_suffix: searching
> >> for:[(&(uid=Administrator)(objectclass=sambaSamAccount))]
> >>   init_sam_from_ldap: Entry found for user: Administrator
> >>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   ldapsam_search_one_group: searching
> >> for:[(&(objectClass=sambaGroupMapping)(gidNumber=512))]
> >>   init_group_from_ldap: Entry found for group: 512
> >>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   fetch sid from gid cache 512 ->
> >> S-1-5-21-3516781642-1962875130-3438800523-512
> >>   check_ntlm_password: sam authentication for user [Administrator]
> >> succeeded
> >>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   check_ntlm_password:  authentication for user [Administrator] ->
> >> [Administrator] -> [Administrator] succeeded
> >>   User name: Administrator      Real name: Administrator
> >>   UNIX uid 0 is UNIX user Administrator, and will be vuid 100
> >>   Adding/updating homes service for user 'Administrator' using home
> >> directory: '/home'
> >>   adding home's share [Administrator] for user 'Administrator' at
> >> '/home'
> >>   Transaction 4 of length 80
> >>   switch message SMBtconX (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   Connect path is '/tmp' for service [IPC$]
> >>   se_access_check: user sid is
> >> S-1-5-21-3516781642-1962875130-3438800523-1000
> >>   se_access_check: also S-1-5-21-3516781642-1962875130-3438800523-512
> >>   se_access_check: also S-1-1-0
> >>   se_access_check: also S-1-5-2
> >>   se_access_check: also S-1-5-11
> >>   Initialising default vfs hooks
> >>   se_access_check: user sid is
> >> S-1-5-21-3516781642-1962875130-3438800523-1000
> >>   se_access_check: also S-1-5-21-3516781642-1962875130-3438800523-512
> >>   se_access_check: also S-1-1-0
> >>   se_access_check: also S-1-5-2
> >>   se_access_check: also S-1-5-11
> >>   setting sec ctx (0, 512) - sec_ctx_stack_ndx = 0
> >>   sales (192.168.0.102) connect to service IPC$ initially as user
> >> Administrator (uid=0, gid=512) (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   tconX service=IPC$
> >>   Transaction 5 of length 104
> >>   switch message SMBntcreateX (pid 8023)
> >>   setting sec ctx (0, 512) - sec_ctx_stack_ndx = 0
> >>   nt_open_pipe: Known pipe lsarpc opening.
> >>   Transaction 6 of length 160
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=72 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "lsarpc" (pnum 720e)api_pipe_bind_req:
> >> \PIPE\lsarpc -> \PIPE\lsass
> >>   check_bind_req for \PIPE\lsarpc
> >>   Transaction 7 of length 172
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=84 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "lsarpc" (pnum 720e)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: LSA_OPENPOLICY2
> >>   se_access_check: user sid is
> >> S-1-5-21-3516781642-1962875130-3438800523-1000
> >>   se_access_check: also S-1-5-21-3516781642-1962875130-3438800523-512
> >>   se_access_check: also S-1-1-0
> >>  se_access_check: also S-1-5-2
> >>   se_access_check: also S-1-5-11
> >>   free_pipe_context: destroying talloc pool of size 816
> >>   Transaction 8 of length 134
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=46 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "lsarpc" (pnum 720e)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 9 of length 134
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=46 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "lsarpc" (pnum 720e)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY
> >>   free_pipe_context: destroying talloc pool of size 512
> >>   Transaction 10 of length 104
> >>   switch message SMBntcreateX (pid 8023)
> >>   nt_open_pipe: Known pipe winreg opening.
> >>   Transaction 11 of length 160
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=72 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)api_pipe_bind_req:
> >> \PIPE\winreg -> \PIPE\winreg
> >>   check_bind_req for \PIPE\winreg
> >>   Transaction 12 of length 124
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=36 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: REG_OPEN_HKLM
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 13 of length 272
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=184 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: REG_OPEN_ENTRY
> >>   free_pipe_context: destroying talloc pool of size 110
> >>   Transaction 14 of length 236
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=148 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: REG_INFO
> >>   free_pipe_context: destroying talloc pool of size 42
> >>   Transaction 15 of length 132
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=44 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: REG_CLOSE
> >>   Closed policy
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 16 of length 132
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=44 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "winreg" (pnum 720f)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: REG_CLOSE
> >>   Closed policy
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 17 of length 45
> >>   switch message SMBclose (pid 8023)
> >>   Transaction 18 of length 100
> >>   switch message SMBntcreateX (pid 8023)
> >>   nt_open_pipe: Known pipe samr opening.
> >>   Transaction 19 of length 160
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=72 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)api_pipe_bind_req:
> >> \PIPE\samr -> \PIPE\lsass
> >>   check_bind_req for \PIPE\samr
> >>   Transaction 20 of length 152
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=64 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_CONNECT4
> >>   se_access_check: user sid is
> >> S-1-5-21-3516781642-1962875130-3438800523-1000
> >>   se_access_check: also S-1-5-21-3516781642-1962875130-3438800523-512
> >>   se_access_check: also S-1-1-0
> >>   se_access_check: also S-1-5-2
> >>   se_access_check: also S-1-5-11
> >>   free_pipe_context: destroying talloc pool of size 748
> >>   Transaction 21 of length 140
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=52 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_ENUM_DOMAINS
> >>   free_pipe_context: destroying talloc pool of size 1080
> >>   Transaction 22 of length 170
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=82 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_LOOKUP_DOMAIN
> >>   Returning domain sid for domain TECHGROUP ->
> >> S-1-5-21-2924897325-2396345819-675404899
> >>   free_pipe_context: destroying talloc pool of size 18
> >>   Transaction 23 of length 164
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=76 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_OPEN_DOMAIN
> >>   se_access_check: user sid is
> >> S-1-5-21-3516781642-1962875130-3438800523-1000
> >>   se_access_check: also S-1-5-21-3516781642-1962875130-3438800523-512
> >>   se_access_check: also S-1-1-0
> >>   se_access_check: also S-1-5-2
> >>   se_access_check: also S-1-5-11
> >>   free_pipe_context: destroying talloc pool of size 732
> >>   Transaction 24 of length 172
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=84 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_CREATE_USER
> >>   push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
> >>   push_conn_ctx(100) : conn_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> >>   smbldap_search_suffix: searching
> >> for:[(&(uid=sales$)(objectclass=sambaSamAccount))]
> >>   pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
> >> failed to add entry: Already exists at /usr/local/sbin//smbldap_tools.pm
> >> line 302.
> >>   _samr_create_user: Running the command
> >> `/usr/local/sbin/smbldap-useradd.pl -a -w "sales"' gave 0
> >>   free_pipe_context: destroying talloc pool of size 14
> >>   Transaction 25 of length 132
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=44 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_CLOSE_HND
> >>   Closed policy
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 26 of length 132
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=44 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "samr" (pnum 7210)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: SAMR_CLOSE_HND
> >>   Closed policy
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 27 of length 45
> >>   switch message SMBclose (pid 8023)
> >>   Transaction 28 of length 132
> >>   switch message SMBtrans (pid 8023)
> >>   trans <\PIPE\> data=44 params=0 setup=2
> >>   named pipe command on <> name
> >>   Got API command 0x26 on pipe "lsarpc" (pnum 720e)free_pipe_context:
> >> destroying talloc pool of size 0
> >>   api_rpcTNP: rpc command: LSA_CLOSE
> >>   Closed policy
> >>   free_pipe_context: destroying talloc pool of size 0
> >>   Transaction 29 of length 45
> >>   switch message SMBclose (pid 8023)
> >>   Transaction 30 of length 39
> >>   switch message SMBtdis (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   sales (192.168.0.102) closed connection to service IPC$
> >>   Yielding connection to IPC$
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   Transaction 31 of length 43
> >>   switch message SMBulogoffX (pid 8023)
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   ulogoffX vuid=100
> >>   timeout_processing: End of file from client (client has disconnected).
> >>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> >>   Closing connections
> >>   Yielding connection to
> >>   Server exit (normal exit)
> >>
> >>
> >>
> >
> > --
> > John H Terpstra
> > Email: jht at samba.org
> >
>

-- 
John H Terpstra
Email: jht at samba.org


More information about the samba mailing list