[Samba] migration nt4 with ldap problem
Thomas Will
thomas.will at xinux.de
Thu Mar 18 17:30:28 GMT 2004
hello
i try to migrate nt4 to samba. the passwd-backend is ldap.
the migration itself works fine but after that, i cannot logon from the
windows xp clients
to the domain. -> i have to rejoin the client to the domain then it works
is this a bug or feature?
the sambaNTPassword change then in ldap data base
here is part of my smb.conf
------------------- snip -----------------
workgroup = holladie
preferred master = yes
domain master = no
local master = yes
security = user
encrypt passwords = true
passdb backend = ldapsam:ldap://localhost
domain logons = yes
logon path = \\%N\profiles\%U
logon drive = Z:
logon home = \\%N\%U
logon script = logon.cmd
ldap suffix = dc=schmeich,dc=tux
ldap admin dn = cn=root,dc=schmeich,dc=tux
ldap user suffix =ou=mitarbeiter
ldap machine suffix =ou=rechner
ldap group suffix =ou=gruppen
ldap ssl = no
ldap delete dn = no
add user script = /usr/local/sbin/smbldap-useradd.pl -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel.pl "%u"
add group script = /usr/local/sbin/smbldap-groupadd.pl -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel.pl "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod.pl -g
"%g" "%u"
add machine script = /usr/local/sbin/smbldap-useradd.pl -w -d
/dev/null -g domcomputers -s /bin/false "%u"
-----------------snap---------------------------------
here are the steps of my migration
1. smbldap-groupadd.pl -g 512 -r 512 domadmins
smbldap-groupadd.pl -g 513 -r 513 domusers
smbldap-groupadd.pl -g 514 -r 514 domguests
smbldap-groupadd.pl -g 515 -r 515 domcomputers
1. smbd and nmbd don''t run
2. net rpc join -S WALDFEE -w HOLLADIE -U administrator%blabla
3. net rpc testjoin
Join to 'HOLLADIE' is OK
4. net rpc vampire -S waldfee -U Administrator%blabla
works fine and sort all user to the right groups
5. I switch the nt pdc off
6 . i change "domain master = yes"
7 . i restart smb and nmb
8 . i restart the client
9. i can't login to the domain
here a part of log.smb
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/03/18 18:22:03, 5] auth/auth_util.c:debug_nt_user_token(486)
NT user token: (NULL)
[2004/03/18 18:22:03, 5] auth/auth_util.c:debug_unix_user_token(505)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2004/03/18 18:22:03, 5] smbd/uid.c:change_to_root_user(218)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2004/03/18 18:22:03, 2] smbd/server.c:exit_server(558)
Closing connections
[2004/03/18 18:22:03, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2004/03/18 18:22:03, 3] smbd/connection.c:yield_connection(76)
yield_connection: tdb_delete for name failed with error Record does
not exist.
[2004/03/18 18:22:03, 5] smbd/oplock.c:receive_local_message(107)
receive_local_message: doing select with timeout of 1 ms
[2004/03/18 18:22:03, 3] smbd/server.c:exit_server(601)
Server exit (normal exit)
where is my error
grettings
--
- thomas will -
- xinux --- networking - security - consulting - training -
- fon 06332 44040 - fax 06332 44041 - mobil 0170 52 18 548 -
- 66482 zweibruecken - wichernstr.18 - http://www.xinux.de -
More information about the samba
mailing list