[Samba] XP Join Samba 3 ; cannot find user name

L.P.H. van Belle belle at bazuin.nl
Tue Jul 5 14:03:03 GMT 2005 

Hi, 
 
Im having a problem while joining my domain.
i use samba 3.014a, ldap , samba as PDC.
 
When my XP is joinin the domain, i say's
 
cannot find user name
 
BUT !! when i look in my ldap database, 
the new computer is created in the OU=Computers
 
i use the idealx setup and tools.
 
It was working, but i changed something and i don't know anymore what i 
changed.  
 
i must be a nss / ldap problem.
 
here are some configs
-------------------------------------------------
/etc/ldap/ldap.conf  ( client ) 
HOST  127.0.0.1
BASE  dc=rotterdam,dc=bazuin,dc=nl
TLS_CACERT /etc/ldap/ssl/ldap-cacert.pem
TLS_REQCERT try
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF  never
-------------------------------------------------
/etc/ldap/slapd.conf
allow bind_v2
# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/misc.schema
 
include         /etc/ldap/schema/samba.schema
include  /etc/ldap/schema/autofs.schema
include  /etc/ldap/schema/rolodap.schema
include  /etc/ldap/schema/postfix.schema
schemacheck     on
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd.args
 
#The <hash> to use for userPassword generation.  One
#of   {SSHA},   {SHA},   {SMD5},   {MD5},   {CRYPT},
#KERBEROS}, {SASL}, and  {UNIX}.   The  default  is {SSHA}.
password-hash   {MD5}
 
loglevel 0
#
# loglevel Logging description 
# -1 enable all debugging 
# 0 no debugging 
# 1 trace function calls 
# 2 debug packet handling 
# 4 heavy trace debugging 
# 8 connection management 
# 16 print out packets sent and received 
# 32 search filter processing 
# 64 configuration file processing 
# 128 access control list processing 
# 256 stats log connections/operations/results 
# 512 stats log entries sent 
# 1024 print communication with shell backends 
# 2048 print entry parsing debugging 
#
 
modulepath /usr/lib/ldap
moduleload back_bdb
 
#Server and CA Certificates
TLSCipherSuite          HIGH:MEDIUM:+SSLv3
TLSCertificateFile      /etc/ldap/ssl/ldap-servercrt.pem
TLSCertificateKeyFile   /etc/ldap/ssl/ldap-serverkey.pem
TLSCACertificateFile    /etc/ldap/ssl/ldap-cacert.pem
 
sasl-realm rotterdam.bazuin.nl
sasl-host ldap.rotterdam.bazuin.nl
 
#######################################################################
# Specific Backend Directives for bdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend  bdb
 
#######################################################################
# Set the entry cache size to 5000.
#
# This value is separate from the set_cachesize value set in
# the DB_CONFIG  file  under  the bdb directory.  That value
# should be set as well to optimize database caching for the
# Berkeley DB subsystem.
#
#cachesize       5000
        
 
#######################################################################
# Set transactional checkpoint  (writing of changed  data to
# to disk) to occur when either
#
# 512 Kilobytes of data have been written to the bdb sub-
# system.
# 720 Minutes have passed since the last checkpoint.
## the default
checkpoint 512 720
 
#######################################################################
# Specific Directives for database #1, of type bdb:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
database        bdb
 
suffix    "dc=rotterdam,dc=bazuin,dc=nl"
rootdn  "cn=admin,dc=rotterdam,dc=bazuin,dc=nl"
rootpw  #### CHANGED ####
 
directory       "/var/lib/ldap"
checkpoint 128 30
 
### !!!!! Always run slapindex(8) after changing indices!!!!!!
### and first STOP the LDAP SERVER  ( /etc/init.d/slapd stop )
index   objectClass,uidNumber,gidNumber eq
index  cn,sn,uid,displayName  pres,eq,sub
index  memberUid,mail,givenname eq,subinitial
index  sambaSID,sambaPrimaryGroupSID,sambaDomainName, eq
index  mailLocalAddress eq
### Addressbook entries
index memberof eq
index active,userscode eq,sub,pres
index companyname eq,sub,pres
## default index
index  default pres,eq
lastmod         on
#cachesize 1000
#dbcachesize 10000
replogfile /var/lib/ldap/replog
# Access list for samba
# uses user admin (the rootdn) at the moment.
# 
include /etc/ldap/samba-access.conf
# Access list for the ou=addressbook and user addressbook
# use user addressguest for outlook
#
include /etc/ldap/address-access.conf
## GLOBAL ACCESS
access to dn.base="dc=rotterdam,dc=bazuin,dc=nl"
        by dn="cn=admin,dc=rotterdam,dc=bazuin,dc=nl" write
 by * read
# The admin dn has full write access, everyone else
# can read everything.
access to *
        by dn="cn=admin,dc=rotterdam,dc=bazuin,dc=nl" write
        by * read
-------------------------------------------------
#/etc/ldap.conf  ( and libnss-ldap.conf ) these are the same.
host 127.0.0.1
base dc=rotterdam,dc=bazuin,dc=nl
ldap_version 3
rootbinddn cn=admin,dc=rotterdam,dc=bazuin,dc=nl
timelimit 30
bind_timelimit 30
idle_timelimit 3600
pam_password md5
nss_base_passwd  ou=Users,dc=rotterdam,dc=bazuin,dc=nl?one
nss_base_shadow  ou=Users,dc=rotterdam,dc=bazuin,dc=nl?one
nss_base_group  ou=Groups,dc=rotterdam,dc=bazuin,dc=nl?one
nss_base_hosts  ou=Computers,dc=rotterdam,dc=bazuin,dc=nl?one

-------------------------------------------------
# /etc/nsswitch.conf
passwd:         compat ldap
group:          compat ldap
shadow:         compat ldap
hosts:          files dns ldap
networks:       files ldap
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis


--
*** Bazuin & Partners Managed E-mail Filter scanned this email for viruses ***

More information about the samba mailing list