[Samba] Samba ADS Error

Alex Murphy murphy at sgtp.samara.ru
Fri Mar 14 07:07:09 GMT 2003


How do you do !!!
  Already several days are beaten with such problem:
 Beside me Windows 2000 Domain - with server Windows 2000 in own mode,
 want to install samba as BDC, came to conclusion that necessary to use Samba 
3 + ADS.
Has Compiled samba-3.0alpha22 with with the following option:
./configure --with-ads --with-ldap --with-pam --with-pam_smbpass 
--with-ldapsam --with-tdbsa --with-quotas --with-libsmbclient 
--with-acl-support --with-sendfile-support --with-winbind
Has Installed, created the smb.conf file:
[global]
        passdb backend = smbpasswd
        use sendfile = Yes
        update encrypted = Yes
        ldap server = 192.168.1.5
        ldap port = 389 #636
        ldap suffix = dc=lan,dc=sgtp,dc=ru
        ldap machine suffix = CN=Computers,DC=lan,DC=sgtp,DC=ru
        ldap user suffix = dc=lan,dc=sgtp,dc=ru
        ldap filter = (&(sAMAccountName=%u)(objectclass=user))
        ldap admin dn = CN=murphy AM. murphy,CN=Users,DC=lan,DC=sgtp,DC=ru
        ldap ssl = No
        ldap passwd sync = yes
        ldap trust ids = No
        profile acls = No
        realm = LAN.SGTP.RU
        client NTLMv2 auth = Yes
        hide local users = Yes
        ADS server = 192.168.1.5
        dos charset = 866
        unix charset = KOI8-R
        encrypt passwords = true
        winbind uid = 10000-65000
        winbind gid = 10000-65000
        winbind separator = +
        template homedir = /home/%D/%U
        template shell = /bin/sh
        winbind cache time = 5
        netbios name = sana
        workgroup = SGTP
        server string = Samba Server
        log file = /usr/local/samba/var/log.%m
        max log size = 50
        security = ADS
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        local master = no
        os level = 3
        domain master = no
        preferred master = no
        domain logons = yes
        name resolve order = wins lmhosts bcast
        wins server = 192.168.1.5
        inherit acls = yes

#============================ Share Definitions ==============================
[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes

[test]
    path = /mnt/xfs/samba
    writeable = yes
    force group = root

[netlogon]
    comment = Network Logon Service
    path = /usr/local/samba/lib/netlogon
    guest ok = yes
    writable = no
    share modes = no

It Was Registered in domain: kinit murphy at LAN.SGTP.RU
has Prescribed in domain: net ads join
has Started smbd,nmbd,winbindd
has Done wbinfo -p - all have fine Done
wbinfo -u - has got list of the groups has Done
./wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b)
Could not check secret

Restart computer - has Started smbd,nmbd,winbindd
wbinfo -u
Error looking up domain users

If once again execute net ads join and restart all samba services, that all 
ok.
That to do in given situations ?  

RESPECTFULLY YOURS, Aleksey.



More information about the samba mailing list