[Samba] SAMBA3 + LDAP = PDC => ROUND 4 ;o)
benjamin.dupuis at armorarena-fr.com
benjamin.dupuis at armorarena-fr.com
Mon Mar 21 17:21:18 GMT 2005
smbpasswd -w is set, I've try to write a wrong password for see the
error, the error is not the same (Invalid credential)
I've add root user for seeing if it's working .. but it's the same error
than with Administrator.
When joining with Administrator (Access Deny) :
###
[2005/03/21 18:14:23, 2] lib/smbldap.c:smbldap_open_connection(692)
smbldap_open_connection: connection opened
[2005/03/21 18:14:23, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
init_sam_from_ldap: Entry found for user: Administrator
[2005/03/21 18:14:23, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
init_group_from_ldap: Entry found for group: 512
[2005/03/21 18:14:23, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [administrator] ->
[administrator] -> [Administrator] succeeded
[2005/03/21 18:14:24, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
Returning domain sid for domain ARZUR-NT ->
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/21 18:14:24, 2]
rpc_server/srv_samr_nt.c:access_check_samr_object(93)
_samr_open_domain: ACCESS DENIED (requested: 0x00000211)
[2005/03/21 18:14:24, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
Returning domain sid for domain ARZUR-NT ->
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/21 18:14:24, 2]
rpc_server/srv_samr_nt.c:access_check_samr_function(115)
_samr_create_user: ACCESS DENIED (granted: 0x00000201; required:
0x00000010)
[2005/03/21 18:14:24, 2] smbd/server.c:exit_server(575)
Closing connections
Bruno Guerreiro a écrit :
>Hi,
>Did you execute smbpasswd -w <ldap bind password> ?
>Another thing you're trying to add your Computer with the user root?
>This user, by default, doesn't belong to the Domain Admins groups. At least
>not with the scripts provided by smbldap-tools.
>If so, try adding the machine using the Administrator account.
>
>Best Regards,
>Bruno Guerreiro
>
>-----Original Message-----
>From: benjamin.dupuis at armorarena-fr.com
>[mailto:benjamin.dupuis at armorarena-fr.com]
>Sent: segunda-feira, 21 de Março de 2005 16:46
>To: samba at lists.samba.org
>Subject: [Samba] SAMBA3 + LDAP = PDC => ROUND 4 ;o)
>
>
>Okay
>
>I try this thing :
>mastok:/etc/samba # smbldap-useradd root
>mastok:/etc/samba # smbldap-usermod -u 0 -g 0 root
>mastok:/etc/samba # smbldap-usermod -a root
>mastok:/etc/samba # smbldap-passwd root
>#####
>Administrator:x:998:512:Netbios Domain
>Administrator:/home/data1/samba/Administrator:/sbin/nologin
>nobody:x:999:514:nobody:/dev/null:/sbin/nologin
>root:x:0:0:System User:/home/data1/samba/root:/sbin/nologin
>#####
>Connecting to the domain with account root.
>Computer Accout created :
>poil-barebone$:x:1005:515:Computer:/dev/null:/sbin/nologin
>But Access Deny on my Windows computer :(
>
> check_ntlm_password: authentication for user [root] -> [root] ->
>[root] succeeded
>[2005/03/21 17:38:14, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
> Returning domain sid for domain ARZUR-NT ->
>S-1-5-21-1874299889-3982645529-2160850509
>[2005/03/21 17:38:14, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
> init_group_from_ldap: Entry found for group: 515
>[2005/03/21 17:38:14, 2] passdb/pdb_ldap.c:init_ldap_from_sam(929)
> init_ldap_from_sam: Setting entry for user: poil-barebone$
>[2005/03/21 17:38:14, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1552)
> ldapsam_modify_entry: Failed to modify user dn=
>uid=poil-barebone$,ou=Computers,dc=arzur,dc=local with: Insufficient access
>
>[2005/03/21 17:38:14, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1994)
> ldapsam_add_sam_account: failed to modify/add user with uid =
>poil-barebone$ (dn = uid=poil-barebone$,ou=Computers,dc=arzur,dc=local)
>[2005/03/21 17:38:14, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2272)
> could not add user/computer poil-barebone$ to passdb. Check permissions?
>[2005/03/21 17:38:15, 2] smbd/server.c:exit_server(575)
>
>
>
More information about the samba
mailing list