[Samba] samba3 PDC+ldap domain logon problem
David Caplan
david at david.ath.cx
Tue Jun 22 17:41:24 GMT 2004
Hi,
I've got an issue with a samba 3 PDC with an ldap backend. I get a logon
failure (unknown username or bad password) when trying to add a win2k
box to the domain. I'm using Mandrake with Samba 3.0.2a and openldap 2.1.22.
I am able to set up the workgroup on the w2k box, and access folders for
users registered in the ldap database, however I am not able to join the
domain with the user Administrator.
Any ideas on where I can look to find errors or test another way? (I cant find anything
in the ldap logs or the samba logs).
Please CC me any response, as I'm not subscribed to the list.
Thanks.
- David
---Some relevant smb.conf
[global]
...
username map = /etc/samba3/smbusers
obey pam restrictions = No
ldap passwd sync = yes
passdb backend = ldapsam:ldap://127.0.0.1/
unix password sync = yes
pam password change = yes
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *LDAP*password*information*changed*for*dcaplan*\n *passwd:*all*authentication*tokens*updated*successfully*
ldap admin dn = cn=root,dc=cloudraker,dc=com
ldap suffix = dc=cloudraker,dc=com
ldap group suffix = ou=Group
ldap user suffix = ou=People
ldap machine suffix = ou=Hosts
ldap idmap suffix = ou=People
ldap ssl = off
#ldap ssl = start tls
add user script = /usr/bin/smbldap-useradd3 -m "%u"
ldap delete dn = Yes
delete user script = /usr/bin/smbldap-userdel3 "%u"
add machine script = /usr/bin/smbldap-useradd3 -w "%u"
add group script = /usr/bin/smbldap-groupadd3 -p "%g"
#delete group script = /usr/bin/smbldap-groupdel3 "%g"
add user to group script = /usr/bin/smbldap-groupmod3 -m "%u" "%g"
delete user from group script = /usr/bin/smbldap-groupmod3 -x "%u" "%g"
set primary group script = /usr/bin/smbldap-usermod3 -g "%g" "%u"
os level = 65
security = user
logon path = \\%L\profiles\%U
logon drive = U:
update encrypted = Yes
encrypt passwords = yes
domain master = yes
domain logons = yes
local master = yes
preferred master = yes
guest ok = no
admin users = root Administrator
#wins support = yes
#wins proxy = yes
----
--
David Caplan <david at david.ath.cx>
Key fingerprint: AADC 53B6 D5FB 31FE E191 4E9A 8D5D 2952 9358
More information about the samba
mailing list