[Samba] BDC not working in a full-samba-env

Matthias Eichler me-lists at eichler-fleschuetz.de
Thu Apr 21 16:32:46 GMT 2005

Dear List,

I am trying to set up a BDC in a full-samba environment,
without full success.
I followed the howtos about this topic with the following

        workgroup = KERNZEIT
        netbios name = APPSERVER
        security = user
        server string = %h (Samba %v)
        announce version=5.0

        #LDAP STUFF
        passdb backend = ldapsam:"ldap:// ldap://"
        ldap suffix = dc=kernzeit,dc=com
        ldap machine suffix = ou=smb-machines
        ldap admin dn = "cn=admin,dc=kernzeit,dc=com"
        ldap ssl = no
        ldap user suffix = "dc=kernzeit,dc=com"
        ldap group suffix = ou=groups,ou=nss

        wins support = yes
        preferred master = yes
        time server = yes
        os level = 33

        domain master = yes
        (tried this with domain master yes and no, as there
         are different howtos regarding this setting)
        domain logons = yes
        idmap backend = "ldap: ldap:"

        #LOGON STUFF
        logon path = \{}\{}%L\{}Profiles\{}%u
        logon script = login.bat
        logon drive = H:
        logon home = \\LOGIN\%U
        template homedir = /home/%U

        workgroup = KERNZEIT
        netbios name = FILESERVER
        server string = %h
        announce version = 5.0
        os level = 20

        encrypt passwords = true
        obey pam restrictions = no
        security = domain
        password server =,

        panic action = /usr/share/samba/panic-action %d
        nt acl support = yes
        wins support = no
        wins proxy = no
        wins server =
        dns proxy = no
        local master = no
        preferred master = no

        domain master = no
        domain logons = no

The problem is:
- user workstations can log on and are getting the netlogon-
  script in the right way
- the fileserver (members server of the domain) says the
  following while the netlogon script is failing:

[2005/04/21 18:24:22, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [service] -> [service]

Thanks for any help!


More information about the samba mailing list