[Samba] XP Can't Join Domain

Daniel R. Meigs dmeigs at tlinenm.com
Tue Jun 29 18:57:06 GMT 2004


I am running Samba 3.0.2 as a PDC on a Fedora Core 1 machine using openldap
as the password backend. I think I've got all the openldap stuff working. I
can log in, ssh, etc. using ldap accounts.

When I try to join an XP machine to the domain, I get an error on the XP
machine that reads: The following error occurred attempting to join the
domain "TIMBERLINE": The user name could not be found.

When I check the logs, it is clear that the authentication succeeded and the
script to add a machine account completed successfully. So I can't figure
out what is causing the error. 

Any help would be much appreciated!

Dan Meigs

--------
My smb.conf file is as follows:


#======================= Global Settings =========
[global]
   log level = 3
   workgroup = TIMBERLINE
   netbios name = RAINIER
   security = user
   encrypt passwords = yes
   username map = /etc/samba/smbusers
   add user script = /usr/local/sbin/smbldap-useradd.pl -a -m '%u'
   delete user script = /usr/local/sbin/smbldap-userdel.pl '%u'
   add group script = /usr/local/sbin/smbldap-groupadd.pl -p '%g'
   delete group script = /usr/local/sbin/smbldap-groupdel.pl '%g'
   add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m '%g'
'%u'
   delete user from group script = /usr/local/sbin/smbldap-groupmod.pl -x
'%g' '%u'
   set primary group script = /usr/local/sbin/smbldap-usermod.pl -g '%g'
'%u'
   add machine script = /usr/local/sbin/smbldap-useradd.pl -w '%m'
   ldap admin dn = "cn=Manager,dc=tlinenm,dc=com"
   ldap ssl = start tls
   passdb backend = ldapsam:ldap://rainier.tlinenm.com
   ldap delete dn = no
   ldap user suffix = ou=People
   ldap group suffix = ou=Groups
   ldap machine suffix = ou=Computers
   ldap suffix = dc=tlinenm,dc=com
   ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
   server string = Samba Server on Rainier
   hosts allow = 192.168.0. 127.
   printcap name = cups
   printing = cups
   log file = /var/log/samba/%m.log
   max log size = 500
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   os level = 35
   domain master = yes 
   preferred master = yes
   domain logons = yes
   wins support = yes
   dns proxy = yes 

#============================ Share Definitions ==============
[homes]
   comment = Home Directories
   browseable = no
   writable = yes

 [netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   guest ok = yes
   writable = no
   share modes = no


[Profiles]
    path = /home/profiles
    browseable = no
    guest ok = yes


[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes

[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes

---------
The smb log file is as follows (log level 2):

[2004/06/29 12:35:07, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
  init_sam_from_ldap: Entry found for user: root
[2004/06/29 12:35:07, 2] passdb/pdb_ldap.c:init_group_from_ldap(1697)
  init_group_from_ldap: Entry found for group: 512
[2004/06/29 12:35:07, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [Administrator] -> [root] ->
[root] succeeded
[2004/06/29 12:35:07, 2] lib/access.c:check_access(324)
  Allowed connection from  (192.168.0.98)
[2004/06/29 12:35:08, 2] smbd/server.c:exit_server(558)
  Closing connections
[2004/06/29 12:35:09, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462)
  init_sam_from_ldap: Entry found for user: root
[2004/06/29 12:35:09, 2] passdb/pdb_ldap.c:init_group_from_ldap(1697)
  init_group_from_ldap: Entry found for group: 512
[2004/06/29 12:35:09, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [Administrator] -> [root] ->
[root] succeeded
[2004/06/29 12:35:09, 2] lib/access.c:check_access(324)
  Allowed connection from  (192.168.0.98)
[2004/06/29 12:35:09, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461)
  Returning domain sid for domain TIMBERLINE ->
S-1-5-21-1936347354-1918943746-3536452940
[2004/06/29 12:35:10, 2] smbd/server.c:exit_server(558)
  Closing connections



More information about the samba mailing list