[Samba] Joining XP clients to a Samba PDC

Andrew depaan at bibleinfo.com
Wed Dec 8 01:07:06 GMT 2004 

Greetings,

I've been pulling my hair out on this problem for several days and I'm 
not really any closer to a solution. I hope someone out there can help 
me.

I'm trying to set up a samba PDC on a Fedora Core 2 box using an LDAP 
backend (on another server). The base install of everything is working 
fine. At the unix level LDAP connectivity is configured and working 
properly for users and groups. I've also installed idealix's 
smbldap-tools and used their script to configure the ldap directory for 
SAMBA. As far as I can tell that's all configured and working properly 
too. I can add users and groups with smbldap-useradd and groupadd tools 
and they show up in the proper places when I browse the LDAP directory 
with a gui tool I have. (Note, the SAMBA PDC and the LDAP server are 
two separate machines)

Here's what's installed for samba on my FC2 box:

samba-swat-3.0.7-2.FC2
samba-common-3.0.7-2.FC2
samba-client-3.0.7-2.FC2
samba-3.0.7-2.FC2

The relevant portions of my smb.conf file are as follows:


# Global parameters
[global]
         netbios name = LUNA
         workgroup = BI
         passdb backend = ldapsam:ldap://mercury.bibleinfo.com
         os level = 35
         preferred master = yes
         domain master = yes
         local master = yes
         security = user
         domain logons = yes
         logon path = \\LUNA\profiles\%u
         logon drive = H:
         logon home = \\LUNA\%u
         logon script = logon.cmd
         ldap delete dn = Yes
         add user script = /usr/sbin/smbldap-useradd -a -m "%u"
         add machine script = /usr/sbin/smbldap-useradd -w "%u"
         add group script = /usr/sbin/smbldap-groupadd -p "%g"
         add user to group script = /usr/sbin/smbldap-groupmod -m "%u" 
"%g"
         delete user from group script = /usr/sbin/smbldap-groupmod -x 
"%u" "%g"
         set primary group script = /usr/sbin/smbldap-usermod -g "%g" 
"%u"
         server string = Bibleinfo.com file server
         log file = /var/log/samba/%m.log
         log level = 10
         max log size = 50
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         printcap name = /etc/printcap
         dns proxy = No
         ldap suffix = dc=bibleinfo,dc=iiw
         ldap machine suffix = ou=Computers
         ldap user suffix = ou=People
         ldap group suffix = ou=Groups
         ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
         ldap admin dn = "cn=Manager,dc=bibleinfo,dc=iiw"
         ldap ssl = start tls
         ldap passwd sync = Yes
         idmap uid = 16777216-33554431
         idmap gid = 16777216-33554431

[netlogon]
         path = /var/lib/samba/netlogon

<snip>


As far as I can tell I should be able to join the domain with the root 
account (added with smbldap-useradd -a -G 512 -m -s /bin/false -d 
/dev/null -F "" -P root). But all I get for my efforts is an error 
dialog "The following error occurred attempting to join the domain 
'BI': The network path was not found".

The log of this attempt server side is as follows:

[Administrator at luna samba]# cat 10.10.10.153.log
[2004/12/07 17:02:59, 6] param/loadparm.c:lp_file_list_changed(2684)
   lp_file_list_changed()
   file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Tue 
Dec  7 16:51:08 2004

[2004/12/07 17:02:59, 3] smbd/oplock.c:init_oplocks(1302)
   open_oplock_ipc: opening loopback UDP socket.
[2004/12/07 17:02:59, 10] lib/util_sock.c:open_socket_in(717)
   bind succeeded on port 0
[2004/12/07 17:02:59, 3] 
smbd/oplock_linux.c:linux_init_kernel_oplocks(303)
   Linux kernel oplocks enabled
[2004/12/07 17:02:59, 3] smbd/oplock.c:init_oplocks(1333)
   open_oplock ipc: pid = 12086, global_oplock_port = 32895
[2004/12/07 17:02:59, 4] lib/time.c:get_serverzone(122)
   Serverzone is 28800
[2004/12/07 17:02:59, 10] lib/smbldap.c:smbldap_idle_fn(1118)
   ldap connection not idle...
[2004/12/07 17:02:59, 10] 
lib/util_sock.c:read_smb_length_return_keepalive(505)
   got smb length of 68
[2004/12/07 17:02:59, 6] smbd/process.c:process_smb(1091)
   got message type 0x81 of len 0x44
[2004/12/07 17:02:59, 3] smbd/process.c:process_smb(1092)
   Transaction 0 of length 72
[2004/12/07 17:02:59, 2] smbd/reply.c:reply_special(235)
   netbios connect: name1=LUNA            name2=OLDDELL
[2004/12/07 17:02:59, 2] smbd/reply.c:reply_special(242)
   netbios connect: local=luna remote=olddell, name type = 0


the other thing that's puzzling is that SAMBA never creates the machine 
trust account using the script denoted in smb.conf. If I run the script 
manually on the command line it works fine, but that still doesn't get 
my any further with joining the domain (Same error too fact).

Thanks for the help.

-Andrew

More information about the samba mailing list