[Samba] member server is not resolving usernames anymore

Matthias Eichler me-lists at kernzeit.com
Mon Apr 26 08:38:04 GMT 2004


Dear List,

from one day to the next I am experiencing problems with my
Samba/LDAP-Setup.
We have one PDC (Master LDAP), a Slave LDAP and a fileserver.

The problem is that I can not change the access rights of a
file from a windows client.
The fileserver
a) does not resolve the SIDs anymore
b) does not find the username (if e.g. entered one for adding)
The problem seems to be that the fileserver does not resolves
via LDAP anymore, but local as the shown search path for the
user object is \\fileserver.

The weird is that the basic access functionality is still there,
so the problem is just with changing a files (or directory) access
attributes.

Thank you very much for any input and help!

Matthias

--- /etc/samba/smb.conf (fileserver)
[global]
        workgroup = KERNZEIT
        netbios name = FILESERVER
        server string = %h
        announce version = 5.0
        os level = 20

        passdb backend = ldapsam:"ldap://10.1.1.1 ldap://10.1.1.10"
        ldap suffix = dc=kernzeit,dc=com
        ldap machine suffix =
"ou=smb-machines,ou=NSS,dc=kernzeit,dc=com"
        ldap admin dn = "cn=admin,dc=kernzeit,dc=com"
        ldap ssl = no
        ldap user suffix = "dc=kernzeit,dc=com"
        ldap group suffix = ou=groups,ou=nss

        #LOG STUFF
        log file = /var/log/samba/log.%m
        max log size = 1000
        log level = 3 
        syslog = 0

#NETWORK
        interfaces = 10.1.1.20/16
        hosts allow = 10.1. 10.99.
        bind interfaces only = yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        
        #SECURITY
        null passwords = no
        #admin users = @domadmins
        encrypt passwords = true
        guest account = nobody
        obey pam restrictions = no
        security = domain
        #password server = LOGIN, APPSERVER
        password server = LOGIN
        
        #FEATURES
        panic action = /usr/share/samba/panic-action %d
        nt acl support = yes
        wins support = no
        wins proxy = no
        wins server = 10.1.1.1 
        dns proxy = no
        local master = no
        preferred master = no

        #DOMAIN STUFF
        domain master = no
        domain logons = no

        #INTERNATIONALIZATION
        unix charset = iso8859-15 
        dos charset = cp850

#======================= Share Definitions =======================

[temp]
        path = /data/temp
        browsable = yes
        writable = yes
        directory mask = 770
        create mask = 770
        nt acl support = yes
        vfs objects = recycle
---


--- /var/log/samba/log.client
[2004/04/23 14:42:47, 3] rpc_server/srv_pipe.c:api_rpcTNP(1509)
  api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX
  checking name: \\fileserver\lf
[2004/04/23 14:42:47, 3]
rpc_server/srv_spoolss_nt.c:set_printer_hnd_printertype(447)
  Setting printer type=\\fileserver\lf
[2004/04/23 14:42:47, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
  Closed policy
[2004/04/23 14:42:47, 3]
rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
  free_pipe_context: destroying talloc pool of size 68
[2004/04/23 14:42:47, 3] smbd/process.c:process_smb(890)
  Transaction 1717 of length 104
[2004/04/23 14:42:47, 3] smbd/process.c:switch_message(685)
  switch message SMBntcreateX (pid 582)
[2004/04/23 14:42:47, 3] smbd/error.c:error_packet(118)
  error packet at smbd/nttrans.c(498) cmd=162 (SMBntcreateX)
NT_STATUS_OBJECT_NAME_NOT_FOUND
[2004/04/23 14:42:47, 3] smbd/process.c:process_smb(890)
  Transaction 1718 of length 104
[2004/04/23 14:42:47, 3] smbd/process.c:switch_message(685)
  switch message SMBntcreateX (pid 582)
[2004/04/23 14:42:47, 3] smbd/error.c:error_packet(118)
  error packet at smbd/nttrans.c(498) cmd=162 (SMBntcreateX)
NT_STATUS_OBJECT_NAME_NOT_FOUND
[2004/04/23 14:43:47, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
---

-- 
Matthias Eichler <me-lists at kernzeit.com>
kernzeit AG



More information about the samba mailing list