[Samba] Followed John's book, frustrating smbldap-problem

Rolf A. Vaglid rolf at qt-developer.org
Tue Dec 14 20:41:02 GMT 2004

Beast wrote:

> Rolf A. Vaglid wrote:
>> Hi all, Im having a hard time figuring whats wrong with my Samba-ldap 
>> setup. I hope somebody may point out the error.
> Hi,
> Did you join the Win2k machine? from samba server did you able to get 
> correct id for win2k machine (using "id w2kclint$")? whats the error 
> message in W2k?
Yes, I've already joined the domain. I just added the machine again, but 
this time under a different name, but to no avail.
The Windows 2000 event logs have no report of the login attempt.
Just out of curiosity I tried logging on from a Windows 98-computer, and 
the user now slips right in, no problem. This makes me
wonder if there might be something wrong on the Win2000-client I've been 
testing. I checked the local security policy,
but I didn't spot anything suspicious. Any tips? Could it be user-/group 
mapping or Idmap?

I'll install a new Windows 2000 client from scratch to eliminate the 
possibility that it's just the test client thats messing up.

When trying to log on with the user 'mhervik', I get the usual "The 
system could not log you on. Make sure your user name
and Domain are correct, then type your password again."

These are actualle the same computer, only with different names.
tkelev:/var/log/samba # id tk-02870$
uid=1001(tk-02870$) gid=553(Domain Computers) groups=553(Domain Computers)
tkelev:/var/log/samba # id tk-test002870$
uid=1008(tk-test002870$) gid=553(Domain Computers) groups=553(Domain 

I've uploaded two tcpdump-files for those up for a challenge:

Rolf (Would sacrifice a finger to solve this one)

More information about the samba mailing list