[Samba] PDC Samba 3+LDAP
Prakash Velayutham
prakash.velayutham at cchmc.org
Fri Mar 18 21:10:40 GMT 2005
Hi,
Are you sure about this? Here is my pdbedit -Lv output. Looks like
Windows does accept '-' in the domain name. My windows clients join the
domain just fine, and the users do login to the PDC without any hitches.
Unix username: xxxx
NT username: xxxx
Account Flags: [U ]
User SID: S-1-5-21-709429014-924526411-3950163471-15102
Primary Group SID: S-1-5-21-709429014-924526411-3950163471-513
Full Name: X X - Network User
Home Directory: \\MCPILDAP1\homes\winprofile
HomeDir Drive: Z:
Logon Script: scripts\logon.bat
Profile Path: \\MCPILDAP1\homes\winprofile
Domain: CMC-NT
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Mon, 18 Jan 2038 22:14:07 GMT
Kickoff time: Mon, 18 Jan 2038 22:14:07 GMT
Password last set: Tue, 08 Mar 2005 17:05:12 GMT
Password can change: Tue, 08 Mar 2005 17:05:12 GMT
Password must change: Mon, 18 Jan 2038 22:14:07 GMT
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Prakash
Mccrory, Kevin B wrote:
>Domain: ARZUR-NT
> ^
> |
>There's your problem. Get rid of the - in the domain name. Windows
>machines can't handle anything other than alpha-numerics in the Domain
>name.
>
>
>Kevin B. McCrory
>Network Engineer - COPS
>US Government Solutions
>13600 EDS Drive
>Mail stop: A4S-B21
>Herndon, VA 20171
>* phone: +01-703-733-3255
>* mailto:kevin.mccrory at eds.com
>* AKO mailto:kevin.mccrory at us.army.mil
>
>
>
>-----Original Message-----
>From: samba-bounces+kevin.mccrory=eds.com at lists.samba.org
>[mailto:samba-bounces+kevin.mccrory=eds.com at lists.samba.org] On Behalf
>Of benjamin.dupuis at armorarena-fr.com
>Sent: Friday, March 18, 2005 11:14 AM
>To: samba at lists.samba.org
>Subject: [Samba] PDC Samba 3+LDAP
>
>
>Hello all,
>
>I've some problem with my new Samba / Ldap PDC :
>I cannot join the Domain from Windows (XP) computers
>
>Okay, all configuration seem to be okay on the serveur, I can create
>Users,Computers for samba (and unix)
>I put here some config file, if someone can help me, I'm on since 5
>days, it's my first PDC so I use the tutorial from Idealx
>(smbldap-howto)
>
>getent passwd give me local and ldap account (here are the LDAP account)
>... Administrateur:x:0:512:Netbios Domain
>Administrator:/root:/sbin/nologin
>nobody:x:999:514:nobody:/dev/null:/sbin/nologin
>bdupuis:x:1005:512:Benjamin
>Dupuis:/home/data1/samba/bdupuis:/sbin/nologin
>POIL-BAREBONE$:x:1008:515:Computer:/dev/null:/sbin/nologin
>
>POIL-BAREBONE is a computer is it normal smbldap-tools add me a $ to
>computer's name?
>
>pdbedit -Lv give me samba accout (here is just the Administrator):
>
>Unix username: Administrateur
>NT username: Administrateur
>Account Flags: [U ]
>User SID: S-1-5-21-3150904180-1303617548-1471141863-1000
>Primary Group SID: S-1-5-21-1911238739-97561441-2706018148-512
>Full Name: Administrateur
>Home Directory: \\PDC-SMB3\homes\Administrator
>HomeDir Drive: X:
>Logon Script: logon.bat
>Profile Path: \\PDC-SMB3\profiles\Administrator\
>Domain: ARZUR-NT
>Account desc:
>Workstations:
>Munged dial:
>Logon time: 0
>Logoff time: Tue, 19 Jan 2038 04:14:07 GMT
>Kickoff time: Tue, 19 Jan 2038 04:14:07 GMT
>Password last set: Fri, 18 Mar 2005 16:15:41 GMT
>Password can change: 0
>Password must change: Sat, 25 Jun 2005 17:15:41 GMT
>Last bad password : 0
>Bad password count : 0
>Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>init_sam_from_ldap: Entry found for user: nobody
>
>Now when I try to join the domain From windows XP,
>I enter username : bdupuis
>password: toto
>domain name : ARZUR-NT
>
>computer name : POIL-BAREBONE (I try POIL-BAREBONE$ also)
>
>User name: Administrateur
>password: toto
>domain name : ARZUR-NT
>
>and I have an error
>
>Log on Samba :
>[2005/03/18 17:08:34, 2] lib/smbldap.c:smbldap_open_connection(692)
> smbldap_open_connection: connection opened
>[2005/03/18 17:08:34, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
> init_sam_from_ldap: Entry found for user: Administrateur [2005/03/18
>17:08:34, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
> init_group_from_ldap: Entry found for group: 512
>[2005/03/18 17:08:34, 2] auth/auth.c:check_ntlm_password(305)
> check_ntlm_password: authentication for user [Administrateur] ->
>[Administrateur] -> [Administrateur] succeeded
>[2005/03/18 17:08:34, 2] smbd/server.c:exit_server(575)
> Closing connections
>
>Log on LDAP :
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 fd=8 ACCEPT from
>IP=127.0.0.1:33002 (IP=0.0.0.0:389)
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 BIND
>dn="cn=samba,ou=DSA,dc=arzur,dc=local" method=128
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 BIND
>dn="cn=samba,ou=DSA,dc=ARZUR,dc=LOCAL" mech=SIMPLE ssf=0
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=0 RESULT tag=97 err=0
>text= Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SRCH
>base="dc=arzur,dc=local" scope=2 deref=0
>filter="(&(uid=arzur)(objectClass=sambaSamAccount))"
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SRCH attr=uid
>uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
>sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
>displayName sambaHomeDrive sambaHomePath sambaLogonScript
>sambaProfilePath description sambaUserWorkstations sambaSID
>sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
>objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount
>sambaBadPasswordTime sambaPasswordHistory modifyTimestamp
>sambaLogonHours modifyTimestamp
>Mar 18 17:08:50 mastok slapd[5569]: conn=131 op=1 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Mar 18 17:09:00 mastok slapd[5569]: conn=131 fd=8 closed
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 fd=8 ACCEPT from
>IP=127.0.0.1:33004 (IP=0.0.0.0:389)
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 BIND
>dn="cn=samba,ou=DSA,dc=arzur,dc=local" method=128
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 BIND
>dn="cn=samba,ou=DSA,dc=ARZUR,dc=LOCAL" mech=SIMPLE ssf=0
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=0 RESULT tag=97 err=0
>text= Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SRCH
>base="dc=arzur,dc=local" scope=2 deref=0
>filter="(&(uid=arzur)(objectClass=sambaSamAccount))"
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SRCH attr=uid
>uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
>sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
>displayName sambaHomeDrive sambaHomePath sambaLogonScript
>sambaProfilePath description sambaUserWorkstations sambaSID
>sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
>objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount
>sambaBadPasswordTime sambaPasswordHistory modifyTimestamp
>sambaLogonHours modifyTimestamp
>Mar 18 17:09:01 mastok slapd[5569]: conn=132 op=1 SEARCH RESULT tag=101
>err=0 nentries=0 text=
>Mar 18 17:09:11 mastok slapd[5569]: conn=132 fd=8 closed
>
More information about the samba
mailing list