[Samba] Can't join Samba3 domain
suse at arsoft-online.com
suse at arsoft-online.com
Mon May 12 18:18:19 GMT 2003
Hello,
I have some problems with my Samba3 on my Suse 8.2 Linux. I got the
Samba binaries from
ftp://ftp.gwdg.de/linux/suse/ftp.suse.com/people/gd/8.2-i386/samba3-3
.0alpha24cvs/.
When i want to join my domain from a winxp client (registry patch
already applied), i got the error access denied.
Regards,
A. Roth
Related Samba files are below:
/var/log/samba/log/smbd:
----------------- SNIP ---------------------------
[2003/05/12 11:52:17, 2] passdb/pdb_ldap.c:init_group_from_ldap(2662)
Entry found for group: 512
[2003/05/12 11:52:17, 2] auth/auth.c:check_ntlm_password(294)
check_ntlm_password: authentication for user [Administrator] ->
[Administrato
r] -> [Administrator] suceeded
[2003/05/12 11:52:18, 2]
rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513)
Returning domain sid for domain ARSOFT ->
S-1-5-21-780478325-1810273558-396141
6456
[2003/05/12 11:52:18, 2]
rpc_server/srv_samr_nt.c:access_check_samr_object(93)
_samr_open_domain: ACCESS DENIED (requested: 0x00000211)
[2003/05/12 11:52:18, 2]
rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513)
Returning domain sid for domain ARSOFT ->
S-1-5-21-780478325-1810273558-396141
6456
[2003/05/12 11:52:18, 2]
rpc_server/srv_samr_nt.c:access_check_samr_function(115
)
_samr_create_user: ACCESS DENIED (granted: 0x00000201; required:
0x00000010)
[2003/05/12 11:52:18, 2] smbd/server.c:exit_server(558)
Closing connections
----------------- END ---------------------------
/etc/samba/smb.conf:
[global]
dos charset = ASCII
display charset = UTF8
workgroup = ARSOFT
server string = AR Soft Domain Server
interfaces = 127.0.0.1, eth0
bind interfaces only = Yes
update encrypted = Yes
min passwd length = 4
passdb backend = ldapsam:ldap://localhost/
non unix account range = 5000-50000
algorithmic rid base = 100000
log level = 2
announce version = 5.0
time server = Yes
unix extensions = Yes
keepalive = 30
socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192
SO_RCVBUF=8192
printcap name = cups
add user script = ldapsmb -a -u
delete user script = ldapsmb -d -u
add group script = ldapsmb -a -g
delete group script = ldapsmb -d -g
add user to group script = ldapsmb -j -u
delete user from group script = ldapsmb -j -u
add machine script = ldapsmb -a -w
shutdown script = ldapsmb --shutdown=
abort shutdown script = ldapsmb --abortshutdown
logon script = \\%L\%U\scripts\logon.bat
logon path = \\%L\%U\profile
logon drive = U:
logon home = \\%L\%U
domain logons = Yes
os level = 254
preferred master = Yes
domain master = Yes
kernel oplocks = No
ldap suffix = dc=arsoft,dc=local
ldap machine suffix = ou=Computers,dc=arsoft,dc=local
ldap user suffix = ou=Users,dc=arsoft,dc=local
ldap admin dn = cn=Administrator,dc=arsoft,dc=local
ldap ssl = no
ldap passwd sync = Yes
ldap trust ids = Yes
time offset = 60
winbind uid = 10000-20000
winbind gid = 10000-20000
template homedir = /home/%U
template shell = /bin/bash
admin users = @Domain, Admins
printer admin = @Printer, Admins
use sendfile = Yes
printing = cups
[netlogon]
comment = Network Logon Service
path = /export/netlogon
directory mask = 0775
guest ok = Yes
browseable = No
[profiles]
comment = Network Profiles
path = /export/users/%U
read only = No
create mask = 0600
directory mask = 0700
browseable = No
----------------- SNIP ---------------------------
LDAP Entries:
dn: dc=arsoft,dc=local
dc: arsoft
description: AR Soft
objectClass: top
objectClass: domain
dn: ou=Groups, dc=arsoft,dc=local
ou: Groups
objectClass: organizationalUnit
dn: ou=Computers, dc=arsoft,dc=local
ou: Computers
objectClass: organizationalUnit
dn: cn=Domain Admins,ou=Groups, dc=arsoft,dc=local
ntGroupType: 2
gidNumber: 512
displayName: Domain Admins
memberUid: Administrator
ntSid: S-1-5-21-780478325-1810273558-3961416456-512
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: Domain Admins
dn: cn=Domain Users,ou=Groups, dc=arsoft,dc=local
ntGroupType: 2
gidNumber: 513
displayName: Domain Users
ntSid: S-1-5-21-780478325-1810273558-3961416456-513
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: Domain Users
dn: cn=Domain Guests,ou=Groups, dc=arsoft,dc=local
ntGroupType: 2
gidNumber: 514
displayName: Domain Guests
ntSid: S-1-5-21-780478325-1810273558-3961416456-514
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: Domain Guests
dn: cn=Administrators,ou=Groups, dc=arsoft,dc=local
gidNumber: 544
description: Netbios Domain Members can fully administer the
computer/domain
(not implemented yet)
objectClass: posixGroup
cn: Administrators
dn: cn=Users,ou=Groups, dc=arsoft,dc=local
gidNumber: 545
description: Netbios Domain Ordinary users (not implemented yet)
objectClass: posixGroup
cn: Users
dn: cn=Guests,ou=Groups, dc=arsoft,dc=local
gidNumber: 546
memberUid: nobody
description: Netbios Domain Users granted guest access to the
computer/domain
(not implemented yet)
objectClass: posixGroup
cn: Guests
dn: cn=Power Users,ou=Groups, dc=arsoft,dc=local
gidNumber: 547
description: Netbios Domain Members can share directories and
printers (not i
mplemented yet)
objectClass: posixGroup
cn: Power Users
dn: cn=Account Operators,ou=Groups, dc=arsoft,dc=local
gidNumber: 548
description: Netbios Domain Users to manipulate users accounts (not
implement
ed yet)
objectClass: posixGroup
cn: Account Operators
dn: cn=Server Operators,ou=Groups, dc=arsoft,dc=local
gidNumber: 549
description: Netbios Domain Server Operators (need smb.conf
configuration)
objectClass: posixGroup
cn: Server Operators
dn: cn=Print Operators,ou=Groups, dc=arsoft,dc=local
gidNumber: 550
description: Netbios Domain Print Operators (need smb.conf
configuration)
objectClass: posixGroup
cn: Print Operators
dn: cn=Backup Operators,ou=Groups, dc=arsoft,dc=local
gidNumber: 551
description: Netbios Domain Members can bypass file security to back
up files
(not implemented yet)
objectClass: posixGroup
cn: Backup Operators
dn: cn=Replicator,ou=Groups, dc=arsoft,dc=local
gidNumber: 552
description: Netbios Domain Supports file replication in a domain
(not implem
ented yet)
objectClass: posixGroup
cn: Replicator
dn: cn=Domain Computers,ou=Groups, dc=arsoft,dc=local
gidNumber: 553
description: Netbios Domain Computers accounts
objectClass: posixGroup
cn: Domain Computers
dn: ou=Users, dc=arsoft,dc=local
ou: Users
objectClass: organizationalUnit
dn: uid=Administrator,ou=Users, dc=arsoft,dc=local
logonTime: 0
objectClass: inetOrgPerson
objectClass: sambaAccount
objectClass: posixAccount
lmPassword: E701F9FAB541320CAAD3B435B51404EE
primaryGroupID: 512
acctFlags: [U ]
smbHome: \\DS\homes
uid: Administrator
uidNumber: 998
cn: Administrator
ntSid: S-1-5-21-780478325-1810273558-3961416456-500
loginShell: /bin/false
homeDrive: H:
logoffTime: 2147483647
gidNumber: 512
kickoffTime: 2147483647
pwdLastSet: 1052727850
gecos: Netbios Domain Administrator
homeDirectory: /export/users/
pwdCanChange: 1052727850
profilePath: \\DS\profiles\
sn: Administrator
pwdMustChange: 1054542250
ntPassword: 55F79BF273802801CFC79712AAC292F3
dn: uid=nobody,ou=Users, dc=arsoft,dc=local
logonTime: 0
objectClass: inetOrgPerson
objectClass: sambaAccount
objectClass: posixAccount
lmPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
primaryGroupID: 514
acctFlags: [NU ]
smbHome: \\DS\homes
uid: nobody
uidNumber: 999
cn: nobody
ntSid: S-1-5-21-780478325-1810273558-3961416456-501
loginShell: /bin/false
homeDrive: U:
logoffTime: 2147483647
gidNumber: 514
kickoffTime: 2147483647
pwdLastSet: 0
homeDirectory: /dev/null
pwdCanChange: 0
profilePath: \\DS\profiles\
sn: nobody
pwdMustChange: 2147483647
ntPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
----------------- END ---------------------------
More information about the samba
mailing list