[Samba] Samba 3 problem.

Francisco Santis fsantis at rdc.cl
Tue Jul 13 02:42:34 GMT 2004 

Hi, I have a problem with samba3. I run samba 3.0.2 with ldap 2.1.23 and
smbldap tools 0.8.4, when i logging to the domain i don't have problems with
"Domain Admins" groups, but i try logging to the domain from user in the
"Domain Users" groups the client (Windows 2000) send me the message "You do
not have access to logon to this Session".  When I add the user to the
"Domains Admins" groups he log without problems. Somebody had east problem?.


Greetings
FSP

pd: This is my smb.conf:

[global]
unix charset = LOCALE
workgroup = TPI
netbios name = TITAN
winbind uid = 1 - 65535
interfaces = eth1, lo
bind interfaces only = Yes
passdb backend = ldapsam:ldap://127.0.0.1
username map = /etc/samba/smbusers
log level = 10
syslog = 0
log file = /var/log/samba/%m
max log size = 50000
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
domain logons = Yes
preferred master = Yes
domain master = Yes
wins support = Yes
ldap suffix = dc=tpi,dc=cl
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap admin dn = cn=root,dc=tpi,dc=cl
map acl inherit = Yes
idmap uid = 1000-20000
idmap gid = 1000-20000
printing = cups
printer admin = Administrator

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
read only = yes
guest ok = Yes
locking = No

[profiles]
comment = Profile Share
path = /home/samba/profiles
read only = yes

More information about the samba mailing list