[Samba] pdc and ldap, logon problem

[tom at free]

hi list

i've been banging my head against the wall trying to setup a samba PDC
with ldapsam backend for the last couple of weeks

here is the background:
machine is a debian woody
samba v3.0.0 compiled qith following configure:
./configure --prefix=/usr/ --localstatedir=/var
--with-configdir=/etc/samba --with-privatedir=/etc/samba
--with-codepagedir=/etc/codepages --with-acl-support --with-profile
--disable-static --with-msdfs --with-ldapsam
ldap v 2.0.23

clients are w2k sp0 and sp4

what i have done
following doc and using tools from http://samba.idealix.org with some
modifications.

where i am:
- libnss_ldap and pam_ldap works - getent passwd | group show
informations from ldap base and i can logging locally using an ldap test
user

- i can list shares anonymously and using test user from linux box using
smbclient -L

- i can "connect" to samba server using smbclient \\samba\user -U user,
listing, creating / removing files ok

- i can add w2k machines in domain, using smbldaptools or from w2k
network identification properties

- BUT i can not login in using my test user
windows gives me "system couldnot log you in, make sure password is ok
blah blah" although samba logs give me a " check_ntlm_password: 
authentication for user [wuser1] -> [wuser1] -> [wuser1] succeeded"

BTW if i enter a wrong password logs show a "check_ntlm_password: 
Authentication for user [wuser1] -> [wuser1] FAILED with error
NT_STATUS_WRONG_PASSWORD"

and a nonexistent user gives me "check_ntlm_password:  Authentication
for user [wuser1E] -> [wuser1E] FAILED with error
NT_STATUS_NO_SUCH_USER"

finally, login locally on the w2k box, i can connect, browse, list / add
/ delete files without problem using my ldap wuser1

extensive search of google and google groups have not given me a
solution

any ideas ?

thanks for answering





-- 
tom at free <tom.constans at free.fr>