[Samba] Problem joining Samba Domain
Collins, Kevin
KCollins at nesbittengineering.com
Wed Jun 11 14:22:05 GMT 2003
I have a small test environment setup with the following:
Server
Red Hat Enterprise Linux ES 2.1
Samba 2.2.7 - built from source
OpenLDAP 2.0.27 - built from source
OpenSSL 0.96b - built from source
Note: All packages were downloaded from the Red Hat Network as Source RPMs
- as far as I know, these are the latest "red Hat approved" versions. I
made the proper changes to the .spec file and recompiled each of them with
rpmbuild.
Workstation
Windows 2000 Server with no service packs
I have the Samba machine setup to use LDAP as it's
user/group/workstation/password backend following the IDEALX.org HOWTO.
This seems to be working as I can access any share on the Samba machine
using accounts from the LDAP database. I'm using SSL/TSL to control LDAP
transfer traffic as I plan on having three LDAP/Samba Servers in the end.
I'm also using a MD5 hashed rootDN password as well - just for a more secure
environment.
My intention is to load the Windows 2000 machine up as an Exchange 5.5
Server and use the Samba/LDAP users/groups for authentication in this test.
This is the last big hurdle I have before going to an nearly pure Samba ran
backoffice! (Now if only there was a Linux Exchange clone.... :-P )
But when I go to have the Windows 2000 machine join the domain, I get this
in the <machine-name>.log:
--------------------------------------------
passdb/pdb_ldap.c: ldap_open_connection(200)
LDAPS Option Set...!
passdb/pdb_ldap.c: ldap_connect_system(246)
BIND FAILED: Can't contact LDAP Server.
--------------------------------------------
Does anyone have a clue about this?
That last part is the most puzzling - the LDAP server is the SAME machine as
the Samba Server. I'm thinking it has something to do with authentication,
but I can't seem to find anything "out-o-whack". I didn't post any ".conf"
files as I did't know the proper way to send those - as attachments or as
inline text. If they will help anyone, I can post those at a later time.
--
Kevin L. Collins, MCSE
Systems Manager
Nesbitt Engineering, Inc.
More information about the samba
mailing list