[Samba] Samba and WinXP + PDC

[John H Terpstra]

On Monday 14 March 2005 07:23, John Zakhar wrote:
> Good Morning Folks.
>
> I have a reoccurring error here when trying to join a Windows XP SP2
> workstation to a Samba domain (accounts stored in LDAP) The error is
> "The user name cannot be found"
>
> Our LDAP directory looks like this
>
> dc=na
> ~       o=ourdomain
> ~             ou=Groups
> ~             ou=Staff
> ~             ou=Computers

With this directory configuration the /etc/ldap.conf file needs to have:

nss_base_passwd: o=ourdomain,dc=na?sub

- John T.

>
> My problem at the moment is all the windows clients are using pGina to
> login to the windows workstations,
> and modifying the LDAP directories is really less than desirable as we
> have several fail over servers (replication etc..)
> Mail and all user SSH logins depend on that structure. It would be a
> VERY large task on my part to change the structure,
> however I need a solution as pGina is no longer something we can
> continue to use. pam_ldap along with nsswitch is in place and working
> just fine for ldap
>
> The user accounts are all stored in ou=Staff, and during the joining
> process the machine account is created in ou=Computers via the IDEALX
> smbldap scripts.
> According to the trace I am sending with this email the root user is
> round and authorized so what gives ? This Winblows machine was patched
> to current yesterday.
>
> Samba versions:
>
> [root at vnpdc01 root]# rpm -qa |grep samba
> samba-common-3.0.10-1.fc2
> samba-3.0.10-1.fc2
> samba-client-3.0.10-1.fc2
>
> Any advice or thoughts would be much appreciated.

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.