[Samba] Re: SuSE 9.3 + Samba 3 + LDAP
Horst Simon
hsimon at optusnet.com.au
Thu Aug 11 10:04:45 GMT 2005
On Thu, 11 Aug 2005 10:35, Geoffrey Scott wrote:
> Horst B. Simon wrote:
> > Hi All,
> >
> > I have OX with Samba 3 and Ldap working fine, except that workstation
> > can not join the domain. When I try to join the domain I get
> > following error message: The following error occurred attempting to
> > join the domain. Can not find user name in Domain. But the user is
> > there and it creates the computer in ou=computers in ldap. All users
> > have no problems accessing the samba shares and using OX. Anyone in
> > this group has successful joined a computer into ldap with OX and
> > Samba3?
> >
> > Regards,
> > Horst
>
> Horst,
> Is the user either root account in LDAP or been given sepriveledges
> as per chapter 5 of JHT example book? Does your smb.conf point to the
> correct part of ldap for your users? Have nss and pam been configured
> pointing correctly to where to the users are? Is the user that you are
> trying actually in that part of LDAP? Eg. You aren't trying to use:
>
> cn=Manager,dc=hsimon,dc=com,dc=au
>
> When your users are in :
>
> ou=Users,ou=OxObjects,dc=hsimon,dc=com,dc=au
>
> Are you?
>
> Cheers Geoff
Hi,
Following are part of slapd.conf, smb.conf and samba log for the client.
Maybe someone know what the log file output mean.
Regards,
Horst
in /etc/openldap/slapd.conf
suffix "dc=hsc-consulting,dc=com,dc=au"
rootdn "uid=mailadmin,dc=hsc-consulting,dc=com,dc=au"
in /etc/ldap.conf
host 127.0.0.1
base dc=hsc-consulting,dc=com,dc=au
ldap_version 3
binddn uid=mailadmin,dc=hsc-consulting,dc=com,dc=au
timelimit 50
bind_timelimit 50
bind_policy hard
nss_base_passwd ou=Users,ou=OxObjects,dc=hsc-consulting,dc=com,dc=au?one
nss_base_shadow ou=Users,ou=OxObjects,dc=hsc-consulting,dc=com,dc=au?one
nss_base_group ou=Groups,ou=OxObjects,dc=hsc-consulting,dc=com,dc=au?one
in smb.conf
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = uid=mailadmin,dc=hsc-consulting,dc=com,dc=au
ldap suffix = dc=hsc-consulting,dc=com,dc=au
ldap group suffix = ou=Groups,ou=OxObjects
ldap user suffix = ou=Users,ou=OxObjects
ldap machine suffix = ou=Computers,ou=OxObjects
ldap ssl = No
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"
"%u"
enable privileges = yes
domain master = yes
domain logons = yes
encrypt passwords = yes
ldap passwd sync = Yes
log level = 3
syslog = 0
log file = /var/log/samba/log.%m
part of client log
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user
[HSC-CONSULTING]\[root]@[JUPITER-KO] with the new password interface
[2005/08/07 10:22:31, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is: [HSC-CONSULTING]\[root]@[JUPITER-KO]
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 2] lib/smbldap.c:smbldap_open_connection(692)
smbldap_open_connection: connection opened
[2005/08/07 10:22:31, 3] lib/smbldap.c:smbldap_connect_system(866)
ldap_connect_system: succesful connection to the LDAP server
ldap_connect_system: LDAP server does support paged results
[2005/08/07 10:22:31, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499)
init_sam_from_ldap: Entry found for user: root
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-500]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-2] pop_sec_ctx (0, 0)
- sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-500]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-2]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-11]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-1001]
[2005/08/07 10:22:31, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [root] succeeded
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2005/08/07 10:22:31, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
NTLMSSP Sign/Seal - Initialising with flags:
[2005/08/07 10:22:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(222)
User name: root Real name: root
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(241)
UNIX uid 0 is UNIX user root, and will be vuid 100
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(270)
Adding homes service for user 'root' using home directory: '/root'
[2005/08/07 10:22:31, 3] param/loadparm.c:lp_add_home(2360)
adding home's share [root] for user 'root' at '/root'
[2005/08/07 10:22:31, 3] smbd/process.c:process_smb(1091)
Transaction 3 of length 84
[2005/08/07 10:22:31, 3] smbd/process.c:switch_message(886)
switch message SMBtconX (pid 7053) conn 0x0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-11]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249) pop_sec_ctx (0,
0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-500]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-2]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID [S-1-5-11]
[2005/08/07 10:22:31, 3] lib/privileges.c:get_privileges(249)
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-1001]
[2005/08/07 10:22:31, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [root] succeeded
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2005/08/07 10:22:31, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
NTLMSSP Sign/Seal - Initialising with flags:
[2005/08/07 10:22:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(222)
User name: root Real name: root
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(241)
UNIX uid 0 is UNIX user root, and will be vuid 100
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(270)
Adding homes service for user 'root' using home directory: '/root'
[2005/08/07 10:22:31, 3] param/loadparm.c:lp_add_home(2360)
adding home's share [root] for user 'root' at '/root'
[2005/08/07 10:22:31, 3] smbd/process.c:process_smb(1091)
Transaction 3 of length 84
[2005/08/07 10:22:31, 3] smbd/process.c:switch_message(886)
switch message SMBtconX (pid 7053) conn 0x0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
get_privileges: No privileges assigned to SID
[S-1-5-21-2848152307-2665265979-542469840-1001]
[2005/08/07 10:22:31, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [root] succeeded
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/08/07 10:22:31, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [root] -> [root] -> [root]
succeeded
[2005/08/07 10:22:31, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
NTLMSSP Sign/Seal - Initialising with flags:
[2005/08/07 10:22:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(222)
User name: root Real name: root
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(241)
UNIX uid 0 is UNIX user root, and will be vuid 100
[2005/08/07 10:22:31, 3] smbd/password.c:register_vuid(270)
Adding homes service for user 'root' using home directory: '/root'
[2005/08/07 10:22:31, 3] param/loadparm.c:lp_add_home(2360)
adding home's share [root] for user 'root' at '/root'
[2005/08/07 10:22:31, 3] smbd/process.c:process_smb(1091)
Transaction 3 of length 84
[2005/08/07 10:22:31, 3] smbd/process.c:switch_message(886)
switch message SMBtconX (pid 7053) conn 0x0
[2005/08/07 10:22:31, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
More information about the samba
mailing list