[Samba] PDC Samba 3+LDAP

[Prakash Velayutham]

Hi,

Are you sure about this? Here is my pdbedit -Lv output. Looks like 
Windows does accept '-' in the domain name. My windows clients join the 
domain just fine, and the users do login to the PDC without any hitches.

Unix username:        xxxx
NT username:         xxxx
Account Flags:        [U          ]
User SID:             S-1-5-21-709429014-924526411-3950163471-15102
Primary Group SID:    S-1-5-21-709429014-924526411-3950163471-513
Full Name:            X X - Network User
Home Directory:       \\MCPILDAP1\homes\winprofile
HomeDir Drive:        Z:
Logon Script:         scripts\logon.bat
Profile Path:         \\MCPILDAP1\homes\winprofile
Domain:               CMC-NT
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Mon, 18 Jan 2038 22:14:07 GMT
Kickoff time:         Mon, 18 Jan 2038 22:14:07 GMT
Password last set:    Tue, 08 Mar 2005 17:05:12 GMT
Password can change:  Tue, 08 Mar 2005 17:05:12 GMT
Password must change: Mon, 18 Jan 2038 22:14:07 GMT
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Prakash

Mccrory, Kevin B wrote:

>Domain:               ARZUR-NT 
>                           ^
>                           | 
>There's your problem. Get rid of the - in the domain name. Windows
>machines can't handle anything other than alpha-numerics in the Domain
>name. 
>
>
>Kevin B. McCrory
>Network Engineer - COPS
>US Government Solutions
>13600 EDS Drive
>Mail stop:  A4S-B21
>Herndon, VA 20171
>* phone: +01-703-733-3255
>* mailto:kevin.mccrory at eds.com
>* AKO mailto:kevin.mccrory at us.army.mil
>
>
>
>-----Original Message-----
>From: samba-bounces+kevin.mccrory=eds.com at lists.samba.org
>[mailto:samba-bounces+kevin.mccrory=eds.com at lists.samba.org] On Behalf
>Of benjamin.dupuis at armorarena-fr.com
>Sent: Friday, March 18, 2005 11:14 AM
>To: samba at lists.samba.org
>Subject: [Samba] PDC Samba 3+LDAP
>
>
>Hello all,
>
>I've some problem with my new Samba / Ldap PDC :
>I cannot join the Domain from Windows (XP) computers
>
>Okay, all configuration seem to be okay on the serveur, I can create 
>Users,Computers for samba (and unix)
>I put here some config file, if someone can help me, I'm on since 5 
>days, it's my first PDC so I use the tutorial from Idealx
>(smbldap-howto)
>
>getent passwd give me local and ldap account (here are the LDAP account)
>... Administrateur:x:0:512:Netbios Domain
>Administrator:/root:/sbin/nologin
>nobody:x:999:514:nobody:/dev/null:/sbin/nologin
>bdupuis:x:1005:512:Benjamin
>Dupuis:/home/data1/samba/bdupuis:/sbin/nologin
>POIL-BAREBONE$:x:1008:515:Computer:/dev/null:/sbin/nologin
>
>POIL-BAREBONE is a computer is it normal smbldap-tools add me a $ to 
>computer's name?
>
>pdbedit -Lv give me samba accout (here is just the Administrator):
>
>Unix username:        Administrateur
>NT username:          Administrateur
>Account Flags:        [U          ]
>User SID:             S-1-5-21-3150904180-1303617548-1471141863-1000
>Primary Group SID:    S-1-5-21-1911238739-97561441-2706018148-512
>Full Name:            Administrateur
>Home Directory:       \\PDC-SMB3\homes\Administrator
>HomeDir Drive:        X:
>Logon Script:         logon.bat
>Profile Path:         \\PDC-SMB3\profiles\Administrator\
>Domain:               ARZUR-NT
>Account desc:        
>Workstations:        
>Munged dial:         
>Logon time:           0
>Logoff time:          Tue, 19 Jan 2038 04:14:07 GMT
>Kickoff time:         Tue, 19 Jan 2038 04:14:07 GMT
>Password last set:    Fri, 18 Mar 2005 16:15:41 GMT
>Password can change:  0
>Password must change: Sat, 25 Jun 2005 17:15:41 GMT
>Last bad password   : 0
>Bad password count  : 0
>Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>init_sam_from_ldap: Entry found for user: nobody
>
>Now when I try to join the domain From windows XP,
>I enter username : bdupuis
>password: toto
>domain name : ARZUR-NT
>
>computer name : POIL-BAREBONE (I try POIL-BAREBONE$ also)
>
>User name: Administrateur
>password: toto
>domain name : ARZUR-NT
>
>and I have an error
>
>Log on Samba :
>[2005/03/18 17:08:34, 2] lib/smbldap.c:smbldap_open_connection(692)
>  smbldap_open_connection: connection opened
>[2005/03/18 17:08:34, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
>  init_sam_from_ldap: Entry found for user: Administrateur [2005/03/18
>17:08:34, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
>  init_group_from_ldap: Entry found for group: 512
>[2005/03/18 17:08:34, 2] auth/auth.c:check_ntlm_password(305)
>  check_ntlm_password:  authentication for user [Administrateur] -> 
>[Administrateur] -> [Administrateur] succeeded
>[2005/03/18 17:08:34, 2] smbd/server.c:exit_server(575)
>  Closing connections
>
>Log on LDAP :
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 fd=8 ACCEPT from 
>IP=127.0.0.1:33002 (IP=0.0.0.0:389)
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 BIND 
>dn="cn=samba,ou=DSA,dc=arzur,dc=local" method=128
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 BIND 
>dn="cn=samba,ou=DSA,dc=ARZUR,dc=LOCAL" mech=SIMPLE ssf=0
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 RESULT tag=97 err=0
>text= Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SRCH 
>base="dc=arzur,dc=local" scope=2 deref=0 
>filter="(&(uid=arzur)(objectClass=sambaSamAccount))"
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SRCH attr=uid 
>uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
>sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
>displayName sambaHomeDrive sambaHomePath sambaLogonScript 
>sambaProfilePath description sambaUserWorkstations sambaSID 
>sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
>objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
>sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
>sambaLogonHours modifyTimestamp
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SEARCH RESULT tag=101 
>err=0 nentries=0 text=
>Mar 18 17:09:00 mastok slapd[5569]: conn=131 fd=8 closed
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 fd=8 ACCEPT from 
>IP=127.0.0.1:33004 (IP=0.0.0.0:389)
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 BIND 
>dn="cn=samba,ou=DSA,dc=arzur,dc=local" method=128
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 BIND 
>dn="cn=samba,ou=DSA,dc=ARZUR,dc=LOCAL" mech=SIMPLE ssf=0
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 RESULT tag=97 err=0
>text= Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SRCH 
>base="dc=arzur,dc=local" scope=2 deref=0 
>filter="(&(uid=arzur)(objectClass=sambaSamAccount))"
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SRCH attr=uid 
>uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange 
>sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn 
>displayName sambaHomeDrive sambaHomePath sambaLogonScript 
>sambaProfilePath description sambaUserWorkstations sambaSID 
>sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName 
>objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount 
>sambaBadPasswordTime sambaPasswordHistory modifyTimestamp 
>sambaLogonHours modifyTimestamp
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SEARCH RESULT tag=101 
>err=0 nentries=0 text=
>Mar 18 17:09:11 mastok slapd[5569]: conn=132 fd=8 closed
>