[Samba] Win2k joining a Samba domain

Jim C. jcllings at javahop.com
Wed Mar 10 04:07:54 GMT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mr. Terpstra,
Are you saying that if I have a user account in ldap which is
responsible for admin, that it must be uid=root or that it must be
uidNumber=0? What about gid=root/gidNumber=0 for a group?  I have the
setup below and somethings do get done. Machines accounts are added
automatically and both Admin and root can authorize the joining of the
domain.  On a Mandrake system like mine the smbldap scripts belong to a
group named "adm" and uid=root belongs to this group also as well as to
the group "Domain Admins".

getent group shows:

netusers:x:502:njim,Admin,root
njim:x:503:njim
adm:x:4:ldap,Admin,adm,root
machines:x:1001:
nogroup:x:65534:
root:x:0:root,Admin
[LDAP entries end here]

[root at enigma root]# net3 groupmap list
Domain Users (S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-513) -> netusers
Domain Computers (S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-515) -> machines
Domain Guests (S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-514) -> nogroup
Domain Admins (S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-512) -> root

I do have your book "The Official Samba 3 HOWTO and Reference Guide",
BTW.  Definitely worth the money but I sure wish I had more money. ;-)

The problem I am having though is that I cannot use the Windows Server
Manager or User Manager for Domains.  I can browse the information but I
cannot change it.  Any tips or references to relevant portions of the
book would help.


Thanks,
Jim C.

|>Having managed to get far enough with the config to get a win2k box to
|>connect to a Samba v3.0 share where the Samba machine's backend is based
|>in LDAP, I cannot now add this win2k machine to the domain.
|>
|>Can anyone give me an example of how to set up an account within the
|>LDAP server that has sufficient rights to allow the machine to join my
|>Samba domain?
|

- --

- -----------------------------------------------------------------
| I can be reached on the following messenger services:		|
|---------------------------------------------------------------|
| MSN: j_c_llings at hotmail.com  AIM: WyteLi0n  ICQ: 123291844 	|
|---------------------------------------------------------------|
| Y!: j_c_llings               Jabber: jcllings at njs.netlab.cz	|
- -----------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFATpSa57L0B7uXm9oRAh9BAJ9cKdoO+IM6rxA/K8T90NDsg88HdwCfZqof
eOFZ16/I07+e1t3arClBB4Y=
=vMn6
-----END PGP SIGNATURE-----

More information about the samba mailing list