[Samba] Re: Re: SAMBA / LDAP / Domain Password change problem
John Schmerold
john at katy.com
Wed Dec 1 06:47:06 GMT 2004
First I setup DHCP on the server - we were using the Linksys router to
provide DHCP
Then did following:
service smb stop ; service winbind stop ; rm -f
/var/cache/samba/wins.dat ; service smb start ; service winbind start
Same problem
I looked at the log file for one of the computers that won't join the
domain. It says the following:
cat /var/log/samba/log.ron_laptop
[2004/11/30 11:25:24, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1870)
ldapsam_add_sam_account: failed to modify/add user with uid =
ron_laptop$ (dn = uid=ron_laptop$,ou=Computers,dc=twinoakschurch,dc=org)
[2004/11/30 11:25:24, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2277)
could not add user/computer ron_laptop$ to passdb. Check permissions?
Any ideas?
To summarize, we can't change user passwords at the workstations &
several PCs won't attach to the domain.
John
Danny Paul wrote:
>Remove the 'pam password change' option along with the 'remote announce'.
>Also take out the 'password chat' option - it's not needed with ldapsam.
>
>It sounds like maybe your clients don't realize your PDC is also a WINS
>server. Is that info added to DHCPd? If not, are the clients configured
>to use it as a WINS server manually?
>
>Also, I still stand by the wins.dat fix. It seems like the wins file is
>corrupted. Try it again after everyone has left for the day.
>
>One more thing, run your config through testparm to make sure there are no
>errors. Then catch the output of the testparm -s into a new smb.conf file.
>This way the conf file is optimised and the errors are removed.
>
>I usually make all my changes to smb.conf.master, then do testparm -s
>smb.conf.master > smb.conf.
>
>Also, please do not contact me directly - only through the newsgroup
>posting.
>
>
>
>
>>>>John Schmerold <john at katy.com> 11/30 1:26 pm >>>
>>>>
>>>>
>Danny,
>
>Thanks but that didn't solve the problem, matter of fact things have
>gotten a little worse since I first wrote. None of the XP boxes will
>join the TOPC domain, boxes that have already joined aren't having the
>problem, just new joins seem to be giving us trouble.
>
>I'll wait until end of day when everyone is off system & try the
>wins.dat delete trick again, I've also added a couple lines that may
>make a difference with regard to the password change issue:
>pam password change = yes
>&the browsing issue:
>remote announce = 192.168.70.255
>local master = Yes
>
>Thanks again, it's really helpful having someone that knows what they
>are doing help out.
>
>John
>
>John Schmerold
>Katy Computer & Wireless
>20 Meramec Station Rd
>Valley Park MO 63088
>636-861-6900 v
>775-227-6947 f
>
>
>
>Danny Paul wrote:
>
>
>
>>While it looks wrong, it is correct. It means the subnet at that
>>
>>
>interface,
>
>
>>so you're OK there.
>>
>>What you're experiencing is bad entries in the WINS.DAT file. You should
>>stop smbd and nmbd, delete the wins.dat file
>>(/usr/local/samba/var/locks/wins.dat), then restart smbd and nmbd. That
>>should fix your problem.
>>
>>
>>John Schmerold wrote:
>>
>>
>>
>>
>>
>>>cat /var/log/samba/nmbd.log | grep error shows:
>>> register_name_response: WINS server at IP 127.0.0.1 rejected our name
>>>registration of TOPC<00> IP 192.168.70.10 with error code 5.
>>> register_name_response: WINS server at IP 127.0.0.1 rejected our name
>>>registration of TOPC<1e> IP 192.168.70.10 with error code 5.
>>>lists.samba.org has reported this error 6 times with no solutions
>>>listed, any idea what I'm doing wrong
>>>
>>>tail -50 < /var/log/samba/nmbd.log shows following may be a problem,
>>>what do you think?
>>>Samba server FS1 is now a domain master browser for workgroup TOPC on
>>>subnet UNICAST_SUBNET
>>>Samba server FS1 is now a domain master browser for workgroup TOPC on
>>>subnet 192.168.70.10
>>>
>>>Shouldn't the second line read 192.168.70.0 ?
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
>
>
>
More information about the samba
mailing list