[Samba] Joining a Samba 3 domain repost
John H Terpstra
jht at samba.org
Thu Dec 15 21:41:00 GMT 2005
On Thursday 15 December 2005 14:26, Mike wrote:
> Thanks
>
> Yes I can add the machine name to the userlist by executing the same
> command
> add machine script = /usr/sbin/"useradd -s /bin/false -d /var/lib/nobody
> machinename" < this part only
> manually. Once the machine account has been added I can then add the PC
> to the domain.
>
> May be its a problem running the script by a user who is not root. Hmmm
> I used root & tried Administrator as well?
The useradd command can only be run by root. That is why you need to add
machines using the root account.
Since Samba-3.0.11 you can use the user rights and privileges facility
(documented in the HOWTO) to give this authority to non-privileged users.
See: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
- John T.
>
> Many thanks
>
> Mike
>
> John H Terpstra wrote:
> >On Thursday 15 December 2005 13:24, Mike wrote:
> >>Hi
> >>
> >>I have followed the Samba 3 by Example Chapter 2 small office network to
> >>the letter. I can connect to server shares using the root user and pw
> >>but when I try to join the domain I still get the message " while
> >>attempting to join the domain xxxx the user could not be found"
> >>
> >>>From the log
> >>
> >> getpeername failed. Error was Transport endpoint is not connected
> >>[2005/12/16 09:22:30, 0] lib/util_sock.c:get_peer_addr(1000)
> >> getpeername failed. Error was Transport endpoint is not connected
> >>[2005/12/16 09:22:30, 0] lib/util_sock.c:write_socket_data(430)
> >> write_socket_data: write failure. Error = Connection reset by peer
> >>[2005/12/16 09:22:30, 0] lib/util_sock.c:write_socket(455)
> >> write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection
> >>reset by peer [2005/12/16 09:22:30, 0] lib/util_sock.c:send_smb(647)
> >> Error writing 4 bytes to client. -1. (Connection reset by peer)
> >>useradd: invalid user name 'arthp1$'
> >
> >Check that your useradd command permits upper case characters and the use
> > of the '$' symbol in a user name. If not, you will need to write a script
> > to add y
> >
> >>Thanks for any help you may be able to give
> >>
> >>Mike
> >>
> >>Mike wrote:
> >>>Thanks Jimmy
> >>>
> >>>Yes this is a Unix SAMBA server, only xp workstations here. Can log
> >>>int shares using administrator or root but not join the domain?
> >>>
> >>>Arhhhhhh
> >>>
> >>>Many thanks
> >>>
> >>>mike
> >>>
> >>>Jimmy D. Smith wrote:
> >>>>Mike,
> >>>>
> >>>>You must join the Domain with a valid "Windows" user that has
> >>>>Administrative
> >>>>privileges in the Domain, assuming this is a Windows envirionment, not
> >>>> a Unix PDC. In the Windows world, root has no meaning or privilege.
> >>>>
> >>>>Jim
> >>>>-----Original Message-----
> >>>>From: samba-bounces+jdsmith=iprocorp.com at lists.samba.org
> >>>>[mailto:samba-bounces+jdsmith=iprocorp.com at lists.samba.org] On Behalf
> >>>> Of Mike
> >>>>Sent: Wednesday, December 14, 2005 3:30 PM
> >>>>To: samba-list
> >>>>Subject: Re: [Samba] Joining a Samba 3 domain repost
> >>>>
> >>>>Hi I have now been through the documentation by-example guide
> >>>>
> >>>>http://www.samba.org/samba/docs/
> >>>>There are two books:
> >>>> Samba3-HOWTO.pdf
> >>>> Samba3-ByExample.pdf
> >>>>
> >>>>
> >>>>But I get the message "....error while joining domain xyz user not
> >>>>found"
> >>>>when trying to join the domain with the root & rootpassword
> >>>>
> >>>>Many thanks
> >>>>
> >>>>Mike
> >>>>
> >>>>Matt Lung wrote:
> >>>>>have you tried this documentation yet??
> >>>>>
> >>>>>http://www.idealx.org/prj/samba/smbldap-howto.en.html
> >>>>>
> >>>>>Mike wrote:
> >>>>>>Thanks Chris I tried that to
> >>>>>>
> >>>>>>User is there But I get the message "....error while joining domain
> >>>>>>xyz user not found"
> >>>>>>---------------
> >>>>>>Unix username: root
> >>>>>>NT username: Account Flags: [U ]
> >>>>>>User SID: S-1-5-21-2865329454-1566569267-2544077890-1000
> >>>>>>Primary Group SID: S-1-5-21-2865329454-1566569267-2544077890-1001
> >>>>>>Full Name: root
> >>>>>>Home Directory: \\server\root
> >>>>>>HomeDir Drive: H:
> >>>>>>Logon Script: logon.bat
> >>>>>>Profile Path: \\server\Profiles\root
> >>>>>>Domain: xyz
> >>>>>>Account desc: Workstations: Munged dial:
> >>>>>>Logon time: 0
> >>>>>>Logoff time: Sat, 14 Dec 1901 09:45:51 GMT
> >>>>>>Kickoff time: Sat, 14 Dec 1901 09:45:51 GMT
> >>>>>>Password last set: Wed, 14 Dec 2005 17:16:39 GMT
> >>>>>>Password can change: Wed, 14 Dec 2005 17:16:39 GMT Password must
> >>>>>>change: Sat, 14 Dec 1901 09:45:51 GMT
> >>>>>>Last bad password : 0
> >>>>>>Bad password count : 0
> >>>>>>Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> >>>>>>
> >>>>>>Chris Lounsbury wrote:
> >>>>>>>Mike
> >>>>>>>You need to make sure your root account exists in your tbsam
> >>>>>>>backend and then use root and its password when joining your
> >>>>>>>windows workstations. At least that's how I did it Chris
> >>>>>>>
> >>>>>>>>>>Mike <mikevl at paradise.net.nz> 12/14/05 12:50 PM >>>
> >>>>>>>
> >>>>>>>Sorry still unable to find documentation Hello
> >>>>>>>
> >>>>>>>I have set up a Samba 3 PDC on RHEL4 using the tdbsam backed. I
> >>>>>>>can log in as a user who has been added to the tdbsam database
> >>>>>>>from a workstation. When I try to add the workstation to the
> >>>>>>>domain (after breaking user connections to the server) I get "The
> >>>>>>>following error occurred while trying to joining the domain
> >>>>>>>xyz.com. Access denied.
> >>>>>>>
> >>>>>>>I havent seen any instructions in the how-tos on how to create the
> >>>>>>>Administrative account on the server to accept workstations to
> >>>>>>>join the domain?
> >>>>>>>
> >>>>>>>How do I create security groups and join them to users ie Joe is a
> >>>>>>>member of managers, accounts, engineers etc?
> >>>>>>>
> >>>>>>>Many thanks
> >>>>>>>
> >>>>>>>Mike
> >>>>
> >>>>--
> >>>>To unsubscribe from this list go to the following URL and read the
> >>>>instructions: https://lists.samba.org/mailman/listinfo/samba
> >>
> >>--
> >>To unsubscribe from this list go to the following URL and read the
> >>instructions: https://lists.samba.org/mailman/listinfo/samba
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
Samba-3 by Example, 2 Ed., ISBN: 0131882221X
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba
mailing list