[Samba] Domain member server on AIX 5.3

[Carsten Sander]

Hi,

I'm trying to setup samba 3.0.14a as domain member on AIX 5.3.

My test environment is:
- PDC and ldap master on RH8.0 (samba 3.0.14a, openldap 2.1.29)
- Ldap slave on FC3 (openldap 2.2.13)
- Samba domain member on FC4 (samba 3.0.14a)
- XP clients
- and Samba domain member on AIX 5.3 (samba 3.0.14a)

This is what I did:
- Compiled samba
   ./configure --with-fhs --with-quotas --with-syslog --with-utmp \
   --with-libsmbclient --with-acl-support \
   --with-shared-modules=idmap_rid --enable-cups=yes \
   --with-libiconv=/usr/local --with-ads=no
   successfully with gcc (gcc-3.3.2-5) or vac (7.0) against openldap
   2.2.27 and libiconv 1.9.2
   (see: http://lists.samba.org/archive/samba/2005-May/105333.html)
- Client ldap setup on AIX with secldapclntd or nss_ldap-239
   (nss_ldap see: http://bugzilla.padl.com/show_bug.cgi?id=202)

This is what works on the aix domain member:
- smbpasswd -w <secret>
- net rpc join
- net rpc info
- net groupmap list
- id <user>
- lsuser <user>
- lsgroup <group>
- wbinfo -g
- wbinfo -u
- wbinfo -t
- passwd <user> (only with secldapclntd)
- smbpasswd <user>
- ssh, telnet, rlogin from clients to aix domain member server
- anonymous connects via smbbclient -Llocalhost -U%

My samba configuration is:
[global]
         workgroup = DOMAIN
         password server = *
         socket options = SO_RCVBUF=8192 SO_SNDBUF=8192
         enable privileges = yes
         wins server = 192.168.xx.xx
         create mask = 0644
         unix charset = ISO-8859-15
         display charset = ISO-8859-15
         username map = /usr/local/samba/etc/samba/username.map
         security = domain
         passdb backend = ldapsam:"ldap://ldap2 ldap://ldap1"
         ldap admin dn = uid=admin,dc=example,dc=com
         ldap suffix = dc=example,dc=com
         ldap user suffix = ou=people
         ldap group suffix = ou=groups
         ldap machine suffix = ou=systems
         ldap idmap suffix = ou=Idmap
         idmap backend = ldap:ldap://ldap1
         idmap uid = 16777216-33554431
         idmap gid = 16777216-33554431
         winbind trusted domains only = Yes
         log file = /var/log/samba/log.%m.%a
         log level = 3
         syslog = 0
         max log size = 500
         utmp = no

This is what not works on aix domain member from Unix:
- first try:
   smbbclient -Llocalhost -U<username>
   Password:
   Domain=[DOMAIN] OS=[Unix] Server=[Samba 3.0.14a]

         Sharename       Type      Comment
         ---------       ----      -------
         local           Disk      /usr/local with ACLs
         IPC$            IPC       IPC Service (Samba 3.0.14a)
         ADMIN$          IPC       IPC Service (Samba 3.0.14a)
   session setup failed: Call returned zero bytes (EOF)
   NetBIOS over TCP disabled -- no workgroup available
- second, third ... try:
   smbbclient -Llocalhost -U<username>
   Password:
   session setup failed: Call returned zero bytes (EOF)
- restart samba (goto: first try)

This is what works on aix domain member from XP (after restarting
samba (only first connect)):
- open, save and rename files
- changing acl's

After disconnecting from aix member server, there are no further
connections available (Error message: the networkname is not available).

My samba domain member setup works perfectly with FC3 and FC4.

I had the same problems (NetBIOS over TCP disabled --
no workgroup available) after updating from 3.0.10 to 3.0.11
on the rh8.0 pdc. Updating from nss_ldap-198 to nss_ldap-207
(rebuild from SRPM) solved the problem.

Any ideas?

Regards
   Carsten

-- 
.