[Samba] Samba3+LDAP: Can't join domain.

David Szanto davidszanto at grupo-iberica.com
Tue Jul 5 17:00:59 GMT 2005 

Louis,
YOU'RE A GENIUS!!!  I read you posting and followed your instructions and it 
qorked GREAT!!
I'll take another look on some options I saw which I'm not very familiar with 
in smb.conf to learn a bit more.

THANKS A LOT!!!
David

El Martes, 5 de Julio de 2005 18:10, David Szanto escribió:
> Thanks Louis,
> I'm checking it out.
> I'll undo my setting and try again with your reciepe.
>
> Thanks for the tip.
>
> David
>
> El Martes, 5 de Julio de 2005 13:33, Louis van Belle escribió:
> > I run this setup, my config is posted lastweek.
> >
> > >-----Oorspronkelijk bericht-----
> > >Van: samba-bounces+louis=van-belle.nl at lists.samba.org
> > >[mailto:samba-bounces+louis=van-belle.nl at lists.samba.org]
> > >Namens David Szanto
> > >Verzonden: maandag 4 juli 2005 18:04
> > >Aan: samba at lists.samba.org
> > >Onderwerp: [Samba] Samba3+LDAP: Can't join domain.
> > >
> > >Hi everyone!!
> > >I'm having a bit of trouble join a Samba 3 PDC with LDAP
> > >authentication.
> > >First some tips on what system I'm using:
> > >- Debian Sarge
> > >- Samba 3.0.14a-Debian
> > >- OpenLDAP 2.2.24 : Protocol v.3
> > >
> > >
> > >Well, Now I'll explain the problem and show you some log output.
> > >
> > >When ever I try to join the domain I get the following error:
> > >--begin---------------------
> > ># net rpc join GICOMMNET
> > >Creation of workstation account failed
> > >Unable to join domain GICOMMNET.
> > >--end---------------------
> > >
> > >So, I check my logs to see what's wrong and I see this in the
> > >Samba log:
> > >--begin---------------------
> > >[2005/07/04 17:29:36, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244)
> > >  get_md4pw: Workstation DAVIDSZANTO$: no account in domain
> > >Error: modifications require authentication
> > >at /usr/share/perl5/smbldap_tools.pm line 1005, <DATA> line 283.
> > >[2005/07/04 17:29:39, 0]
> > >rpc_server/srv_samr_nt.c:_samr_create_user(2324)
> > >  _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
> > >"davidszanto$"' gave 1
> > >--end--------------------
> > >
> > >So I check if everything alright with my smbldap-useradd
> > >command, and I try
> > >creating the account manually using exactly the same command.
> > >Everything
> > >works fine.  The account is created and machine davidszanto$
> > >is created.
> > >
> > >So then I scratch my head a bit, and while I'm loosing most of
> > >my hair I try
> > >something a bit easier.  Let's see if I can recover the user
> > >list or the
> > >group list.  I use the "net user -I 192.168.xxx.xxx" and it
> > >works fine.  I
> > >get the whole list and smae with groups.  So, if everything
> > >looks fine,
> > >where's the mistake?
> > >
> > >I try joining again and this time I check the slapd log as
> > >well and I get the
> > >biggest transaction log record in history!! :
> > >--begin------------------
> > >Jul  4 17:38:49 localhost slapd[8515]: connection_get(10): got
> > >connid=35
> > >Jul  4 17:38:49 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=35
> > >Jul  4 17:38:49 localhost slapd[8515]: do_bind
> > >Jul  4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp>
> > >Jul  4 17:38:49 localhost slapd[8515]: do_bind: version=3
> > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
> > >Jul  4 17:38:49 localhost slapd[8515]: do_bind: v3 bind:
> > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp"
> > >Jul  4 17:38:49 localhost slapd[8515]: send_ldap_result:
> > >conn=35 op=0 p=3
> > >Jul  4 17:38:49 localhost slapd[8515]: send_ldap_response:
> > >msgid=1 tag=97
> > >err=0
> > >Jul  4 17:38:49 localhost slapd[8515]: connection_get(10): got
> > >connid=35
> > >Jul  4 17:38:49 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=35
> > >Jul  4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:49 localhost slapd[8515]: do_search
> > >Jul  4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal: <>
> > >Jul  4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal: <>, <>
> > >Jul  4 17:38:49 localhost slapd[8515]: => send_search_entry: dn=""
> > >Jul  4 17:38:49 localhost slapd[8515]: <= send_search_entry
> > >Jul  4 17:38:49 localhost slapd[8515]: send_ldap_result:
> > >conn=35 op=1 p=3
> > >Jul  4 17:38:49 localhost slapd[8515]: send_ldap_response:
> > >msgid=2 tag=101
> > >err=0
> > >Jul  4 17:38:49 localhost slapd[8515]: connection_get(10): got
> > >connid=35
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=35
> > >Jul  4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:50 localhost slapd[8515]: do_search
> > >Jul  4 17:38:50 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:50 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:50 localhost slapd[8515]: => bdb_search
> > >Jul  4 17:38:50 localhost slapd[8515]:
> > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
> > >Jul  4 17:38:50 localhost slapd[8515]: search_candidates:
> > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
> > >Jul  4 17:38:50 localhost slapd[8515]: =>
> > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
> > >Jul  4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:50 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:50 localhost slapd[8515]: <= bdb_index_read:
> > >failed (-30990)
> > >Jul  4 17:38:50 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=0,
> > >first=0, last=0
> > >Jul  4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates (uid)
> > >Jul  4 17:38:50 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:50 localhost slapd[8515]: <= bdb_index_read:
> > >failed (-30990)
> > >Jul  4 17:38:50 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=0,
> > >first=0, last=0
> > >Jul  4 17:38:50 localhost slapd[8515]: bdb_search_candidates:
> > >id=0 first=1
> > >last=0
> > >Jul  4 17:38:50 localhost slapd[8515]: bdb_search: no candidates
> > >Jul  4 17:38:50 localhost slapd[8515]: send_ldap_result:
> > >conn=35 op=2 p=3
> > >Jul  4 17:38:50 localhost slapd[8515]: send_ldap_response:
> > >msgid=3 tag=101
> > >err=0
> > >Jul  4 17:38:50 localhost smbd[8612]: [2005/07/04 17:38:50, 0]
> > >rpc_server/srv_netlog_nt.c:get_md4pw(244)
> > >Jul  4 17:38:50 localhost smbd[8612]:   get_md4pw: Workstation
> > >DAVIDSZANTO$:
> > >no account in domain
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_get(10): got
> > >connid=35
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=35
> > >Jul  4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=0
> > >(Success)
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_read(10):
> > >input error=-2
> > >id=35, closing.
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_closing:
> > >readying conn=35
> > >sd=10 for close
> > >Jul  4 17:38:50 localhost slapd[8515]: connection_close: conn=35 sd=10
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_get(10): got
> > >connid=36
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=36
> > >Jul  4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind
> > >Jul  4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind: version=3
> > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind: v3 bind:
> > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp"
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_result:
> > >conn=36 op=0 p=3
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_response:
> > >msgid=1 tag=97
> > >err=0
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_get(10): got
> > >connid=36
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=36
> > >Jul  4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:51 localhost slapd[8515]: do_search
> > >Jul  4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: <>
> > >Jul  4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: <>, <>
> > >Jul  4 17:38:51 localhost slapd[8515]: => send_search_entry: dn=""
> > >Jul  4 17:38:51 localhost slapd[8515]: <= send_search_entry
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_result:
> > >conn=36 op=1 p=3
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_response:
> > >msgid=2 tag=101
> > >err=0
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_get(10): got
> > >connid=36
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_read(10):
> > >checking for input
> > >on id=36
> > >Jul  4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:51 localhost slapd[8515]: do_search
> > >Jul  4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_search
> > >Jul  4 17:38:51 localhost slapd[8515]:
> > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
> > >Jul  4 17:38:51 localhost slapd[8515]: search_candidates:
> > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
> > >Jul  4 17:38:51 localhost slapd[8515]: =>
> > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read:
> > >failed (-30990)
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=0,
> > >first=0, last=0
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=1,
> > >first=243, last=243
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=97,
> > >first=144, last=256
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=97,
> > >first=144, last=256
> > >Jul  4 17:38:51 localhost slapd[8515]: bdb_search_candidates:
> > >id=1 first=243
> > >last=243
> > >Jul  4 17:38:51 localhost slapd[8515]: => send_search_entry:
> > >dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp"
> > >Jul  4 17:38:51 localhost slapd[8515]: <= send_search_entry
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_result:
> > >conn=36 op=2 p=3
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_response:
> > >msgid=3 tag=101
> > >err=0
> > >Jul  4 17:38:51 localhost smbd[8613]: nss_ldap: reconnecting
> > >to LDAP server...
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_get(14): got
> > >connid=37
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_read(14):
> > >checking for input
> > >on id=37
> > >Jul  4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind
> > >Jul  4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind: version=3
> > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
> > >Jul  4 17:38:51 localhost slapd[8515]: do_bind: v3 bind:
> > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i
> > >berica,dc=esp"
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_result:
> > >conn=37 op=0 p=3
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_response:
> > >msgid=1 tag=97
> > >err=0
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_get(14): got
> > >connid=37
> > >Jul  4 17:38:51 localhost slapd[8515]: connection_read(14):
> > >checking for input
> > >on id=37
> > >Jul  4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14
> > >failed errno=11
> > >(Resource temporarily unavailable)
> > >Jul  4 17:38:51 localhost slapd[8515]: do_search
> > >Jul  4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
> > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_search
> > >Jul  4 17:38:51 localhost slapd[8515]:
> > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
> > >Jul  4 17:38:51 localhost slapd[8515]: search_candidates:
> > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
> > >Jul  4 17:38:51 localhost slapd[8515]: =>
> > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read:
> > >failed (-30990)
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=0,
> > >first=0, last=0
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
> > >(objectClass)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=97,
> > >first=144, last=256
> > >Jul  4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid)
> > >Jul  4 17:38:51 localhost slapd[8515]: => key_read
> > >Jul  4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates
> > >Jul  4 17:38:51 localhost slapd[8515]: <=
> > >bdb_equality_candidates: id=1,
> > >first=243, last=243
> > >Jul  4 17:38:51 localhost slapd[8515]: bdb_search_candidates:
> > >id=1 first=243
> > >last=243
> > >Jul  4 17:38:51 localhost slapd[8515]: => send_search_entry:
> > >dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp"
> > >Jul  4 17:38:51 localhost slapd[8515]: <= send_search_entry
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_result:
> > >conn=37 op=1 p=3
> > >Jul  4 17:38:51 localhost slapd[8515]: send_ldap_response:
> > >msgid=2 tag=101
> > >err=0
> > >
> > >.... and on and on repeating it self 2 more seconds ...
> > >--end------------------
> > >
> > >I'm not much of an expert on LDAP, actually quite the
> > >opposite.  I can't
> > >really tell if there's something really wrong here or not.
> > > My configuration files are the following:
> > >
> > >-- smb.conf -----------------
> > >[global]
> > >
> > >netbios name = GICOMM
> > >workgroup = GICOMMNET
> > >server string = GICOMM (Servidor de Comunicaciones)
> > >
> > >passdb backend = ldapsam:ldap://127.0.0.1
> > >username map = /et/samba/smbusers
> > >log file = /var/log/samba/%m.log
> > >max log size = 50
> > >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > >smb ports = 139
> > >
> > >preferred master = yes
> > >domain master = yes
> > >local master = yes
> > >domain logons = yes
> > >os level = 255
> > >dns proxy = yes
> > >;wins support = Yes
> > >security = user
> > >encrypt passwords = yes
> > >
> > >ldap suffix = dc=gicomm,dc=iberica,dc=esp
> > >ldap machine suffix = ou=Computers
> > >ldap user suffix = ou=Users
> > >ldap group suffix = ou=Groups
> > >ldap idmap suffix = ou=Idmap
> > >ldap admin dn = cn=admin,dc=gicomm,dc=iberica,dc=esp
> > >ldap ssl = no
> > >ldap delete dn = no
> > >ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
> > >ldap passwd sync = Yes
> > >
> > >add user script = /usr/sbin/smbldap-useradd  -a -m -A 1 -D \"H:\" -E
> > >\"%u.bat\" "%u"
> > >delete user script = /usr/sbin/smbldap-userdel "%u"
> > >add machine script = /usr/sbin/smbldap-useradd -w "%u"
> > >add group script = /usr/sbin/smbldap-groupadd -p "%g"
> > >delete group script = /usr/sbin/smbldap-groupdel "%g"
> > >add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> > >delete user from group script = /usr/sbin/smbldap-usermod -x "%u" "%g"
> > >set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
> > >template home dir = /etc/skel
> > >template shell = /bin/sh
> > >username map = /etc/samba/users.map
> > >
> > >logon script = logon.bat
> > >logon drive = H:
> > >hide dot files = yes
> > >
> > >[homes]
> > >...
> > >--end----------------------
> > >
> > >And my slapd.conf file:
> > >--slapd.conf---------------------------
> > >allow bind_v2
> > >
> > >include         /etc/ldap/schema/core.schema
> > >include         /etc/ldap/schema/cosine.schema
> > >include         /etc/ldap/schema/nis.schema
> > >include         /etc/ldap/schema/inetorgperson.schema
> > >include         /etc/ldap/schema/samba.schema
> > >
> > >schemacheck     on
> > >pidfile         /var/run/slapd/slapd.pid
> > >argsfile        /var/run/slapd.args
> > >loglevel       1
> > >
> > >modulepath      /usr/lib/ldap
> > >moduleload      back_bdb
> > >
> > >backend         bdb
> > >checkpoint 512 30
> > >
> > >database        bdb
> > >
> > >suffix          "dc=gicomm,dc=iberica,dc=esp"
> > >rootdn          "cn=admin,dc=gicomm,dc=iberica,dc=esp"
> > >rootpw          im_not_telling :-D
> > >
> > >directory       "/var/lib/ldap"
> > >
> > >index           objectClass eq
> > >index           uid,cn,sn,givenname,mail eq,sub
> > >index           uidNumber eq
> > >index           gidNumber eq
> > >index           memberUid eq
> > >index           sambaSID eq
> > >index           sambaPrimaryGroupSID eq
> > >index           sambaDomainName eq
> > >index           default sub
> > >
> > >lastmod         on
> > >
> > >access to *
> > >        by dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" write
> > >        by dn="uid=root,ou=Users,dc=gicomm,dc=iberica,dc=esp" write
> > >        by self write
> > >        by * read
> > >
> > >--end----------------
> > >
> > >As you can see, my slapd.conf ACL is not very restrictive.
> > >
> > >I've checked other posts and tested accordinglly, but I stil
> > >can't join nor
> > >from a linux workstation nor a W2K workstation.
> > >
> > >Well, that's basicly it.
> > >I'd appreciate any help.
> > >Thanx!!
> > >David
> > >--
> > >To unsubscribe from this list go to the following URL and read the
> > >instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list