[Samba] Samba/Netscape Directory Server
Christian Merrill
cmerrill at redhat.com
Tue Nov 16 16:05:13 GMT 2004
For whatever reason I am trying to configure the following environment
and am running into trouble towards the end of things. Hopefully I am
overlooking something basic, any assistance would be greatly appreciated.
1. Redhat AS 2.1 server running Netscape Directory Server 5.2
2. RHEL3 system using Samba 3.0.8 acting as a PDC integrated with the
Netscape LDAP server
3. Win2k/XP clients as domain members
4.**Using crypt and not md5
Following through various documentation I have what I believe is a
functional directory server with the appropriate samba schema loaded
in. The RHEL3 system is able to act as an ldap client -- via the
various idealx tools the directory server has been populated. " net
getlocalsid" works, getent passwd/group shows appropriate users, and I
can su to the various directory users that exist.
However, I am unable to join the domain from a windows machine or even
manually access a share via something like "net use * \\server\share
/user:Administrator". The directory server is getting a query but I am
getting bad user/pw errors. Additionally I cannot ssh/telnet/ftp on the
client machine with ldap accounts though I believe this is likely due to
using crypt and pam needing modification.
--------
A "net use * \\192.168.0.8\test /user:Administrator
--with password, returns in the netscape directory log:
[16/Nov/2004:10:36:50 -0500] conn=157 op=-1 msgId=-1 - fd=56 slot=56
LDAP connection from 172.16.59.205 to 172.16.59.50
[16/Nov/2004:10:36:50 -0500] conn=157 op=0 msgId=1 - BIND
dn="cn=Directory Manager" method=128 version=3
[16/Nov/2004:10:36:50 -0500] conn=157 op=0 msgId=1 - RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=directory manager"
[16/Nov/2004:10:36:50 -0500] conn=157 op=1 msgId=2 - SRCH
base="dc=rdu,dc=redhat,dc=com" scope=2
filter="(&(objectClass=sambaDomain)(sambaDomainName=LDAP))"
attrs="sambaDomainName sambaNextRid sambaNextUserRid sambaNextGroupRid
sambaSID sambaAlgorithmicRidBase objectClass"
[16/Nov/2004:10:36:50 -0500] conn=157 op=1 msgId=2 - RESULT err=0
tag=101 nentries=1 etime=0
[16/Nov/2004:10:36:50 -0500] conn=157 op=2 msgId=3 - SRCH
base="dc=rdu,dc=redhat,dc=com" scope=2
filter="(&(sambaSID=S-1-5-21-709490077-3483046013-2562787883-501)(objectClass=sambaSamAccount))"
attrs="uid uidNumber gidNumber homeDirectory sambaPwdLastSet
sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime
sambaKickoffTime cn displayName sambaHomeDrive sambaHomePath
sambaLogonScript sambaProfilePath description sambaUserWorkstations
sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword
sambaDomainName objectClass sambaAcctFlags sambamungeddial
sambabadpasswordcount sambabadpasswordtime sambapasswordhistory
modifyTimestamp sambalogonhours modifyTimestamp"
[16/Nov/2004:10:36:50 -0500] conn=157 op=2 msgId=3 - RESULT err=0
tag=101 nentries=0 etime=0
[16/Nov/2004:10:36:50 -0500] conn=158 op=-1 msgId=-1 - fd=59 slot=59
LDAP connection from 172.16.59.205 to 172.16.59.50
[16/Nov/2004:10:36:50 -0500] conn=158 op=0 msgId=1 - BIND
dn="cn=Directory Manager" method=128 version=3
[16/Nov/2004:10:36:50 -0500] conn=158 op=0 msgId=1 - RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=directory manager"
[16/Nov/2004:10:36:50 -0500] conn=158 op=1 msgId=2 - SRCH
base="ou=groups,dc=rdu,dc=redhat,dc=com" scope=1
filter="(&(objectClass=posixGroup)(memberUid=nobody))" attrs="gidNumber"
[16/Nov/2004:10:36:50 -0500] conn=158 op=1 msgId=2 - RESULT err=0
tag=101 nentries=0 etime=0
[16/Nov/2004:10:36:50 -0500] conn=157 op=3 msgId=4 - SRCH
base="ou=groups,dc=rdu,dc=redhat,dc=com" scope=2
filter="(&(objectClass=sambaGroupMapping)(gidNumber=99))"
attrs="gidNumber sambaSID sambaGroupType sambasidlist description
displayName cn objectClass"
[16/Nov/2004:10:36:50 -0500] conn=157 op=3 msgId=4 - RESULT err=0
tag=101 nentries=0 etime=0
[16/Nov/2004:10:36:50 -0500] conn=157 op=4 msgId=5 - SRCH
base="dc=rdu,dc=redhat,dc=com" scope=2
filter="(&(uid=root)(objectClass=sambaSamAccount))" attrs="uid
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
displayName sambaHomeDrive sambaHomePath sambaLogonScript
sambaProfilePath description sambaUserWorkstations sambaSID
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
objectClass sambaAcctFlags sambamungeddial sambabadpasswordcount
sambabadpasswordtime sambapasswordhistory modifyTimestamp
sambalogonhours modifyTimestamp"[16/Nov/2004:10:36:50 -0500] conn=157
op=4 msgId=5 - RESULT err=0 tag=101 nentries=0 etime=0
[16/Nov/2004:10:36:51 -0500] conn=157 op=5 msgId=6 - SRCH
base="dc=rdu,dc=redhat,dc=com" scope=2
filter="(&(uid=root)(objectClass=sambaSamAccount))" attrs="uid
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
displayName sambaHomeDrive sambaHomePath sambaLogonScript
sambaProfilePath description sambaUserWorkstations sambaSID
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
objectClass sambaAcctFlags sambamungeddial sambabadpasswordcount
sambabadpasswordtime sambapasswordhistory modifyTimestamp
sambalogonhours modifyTimestamp"[16/Nov/2004:10:36:51 -0500] conn=157
op=5 msgId=6 - RESULT err=0 tag=101 nentries=0 etime=0
Thanks again for any help,
Christian
More information about the samba
mailing list