[Samba] Samba 3 PDC with LDAP backend problem

Bousquet Francois Francois.Bousquet at cgi.ca
Thu Jul 29 23:32:21 GMT 2004


I am installing an Samba 3 PDC with an OpenLDAP backend.

I am currently having a problem when I try to add a Windows workstation to
the domain with the Administrator user or trying to connect to a share.

I get the following error :

[2004/07/29 13:35:22, 1] auth/auth_util.c:make_server_info_sam(822)
  User Administrator in passdb, but getpwnam() fails!
[2004/07/29 13:35:22, 0] auth/auth_sam.c:check_sam_security(260)
  check_sam_security: make_server_info_sam() failed with
'NT_STATUS_NO_SUCH_USER'

But the user exists in my ldap, because if I do this command :

# getent passwd | grep Administrator
Administrator:x:0:512:Netbios Domain Administrator:/home/:/bin/false

nss_ldap is installed and configured proprely :
# grep "ldap" /etc/nsswitch.conf
passwd:     files ldap
group:      files ldap
#


Here is my smb.conf

[global]
workgroup = DEV_BLC
netbios name = ud1981wfx01
passdb backend = ldapsam:ldap://ud1981wfx01
#username map = /etc/samba/smbusers
add user script = /usr/local/sbin/smbldap-useradd -m '%u'
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add user to group script = /usr/local/sbin/ \
smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/local/sbin/ \
smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/local/sbin/ \
smbldap-usermod -g '%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
#logon script = scripts\logon.bat
#logon path = \\%L\Profiles\%U
#logon drive = H:
#logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
ldap suffix = dc=blc,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=People
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager,dc=blc,dc=com
idmap backend = ldap:ldap://ud1981wfx01
ldap passwd sync = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +

[share1]
path = /tmp

[share2]
path = /
browseable = Yes
comment = Some random files


Any idea ?

- Francois


More information about the samba mailing list