[Samba] SAMBA3 + LDAP = Round 5 :(((

Poil poil at own-you.com
Tue Mar 22 08:55:00 GMT 2005 

Okay, if anyone can help me, I put all my config and log on 
http://www.arzurproduction.com/temp/

I cannot join the domain on my Windows XP (Access Deny)

So I try :
1- An Administrator user create by smbldap-populate, I have root = 
Administrator on my /etc/samba/smbusers
Error :
[2005/03/21 10:09:03, 2] auth/auth.c:check_ntlm_password(312)
  check_ntlm_password:  Authentication for user [administrator] -> 
[root] FAILED with error NT_STATUS_NO_SUCH_USER


2- The same Administrator but I comment root = Administrator
Error :
[2005/03/22 09:47:04, 2] lib/smbldap.c:smbldap_open_connection(692)
  smbldap_open_connection: connection opened
[2005/03/22 09:47:04, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
  init_sam_from_ldap: Entry found for user: Administrator
[2005/03/22 09:47:04, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
  init_group_from_ldap: Entry found for group: 512
[2005/03/22 09:47:04, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [administrator] -> 
[administrator] -> [Administrator] succeeded
[2005/03/22 09:47:05, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain ARZUR-NT -> 
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/22 09:47:05, 2] 
rpc_server/srv_samr_nt.c:access_check_samr_object(93)
  _samr_open_domain: ACCESS DENIED  (requested: 0x00000211)
[2005/03/22 09:47:05, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain ARZUR-NT -> 
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/22 09:47:05, 2] 
rpc_server/srv_samr_nt.c:access_check_samr_function(115)
  _samr_create_user: ACCESS DENIED (granted: 0x00000201;  required: 
0x00000010)
[2005/03/22 09:47:05, 2] smbd/server.c:exit_server(575)
  Closing connections


3- The same Administrator, I create a root ldap user (same as the old 
smbldap-tools)
[2005/03/22 09:49:42, 2] lib/smbldap.c:smbldap_open_connection(692)
  smbldap_open_connection: connection opened
[2005/03/22 09:49:42, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
  init_sam_from_ldap: Entry found for user: root
[2005/03/22 09:49:42, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
  init_group_from_ldap: Entry found for group: 513
[2005/03/22 09:49:42, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [administrator] -> 
[root] -> [root] succeeded
[2005/03/22 09:49:43, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain ARZUR-NT -> 
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/22 09:49:43, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
  init_group_from_ldap: Entry found for group: 515
[2005/03/22 09:49:43, 2] passdb/pdb_ldap.c:init_ldap_from_sam(929)
  init_ldap_from_sam: Setting entry for user: poil-barebone$
[2005/03/22 09:49:43, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1552)
  ldapsam_modify_entry: Failed to modify user dn= 
uid=poil-barebone$,ou=Computers,dc=arzur,dc=local with: Insufficient access
 
[2005/03/22 09:49:43, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1994)
  ldapsam_add_sam_account: failed to modify/add user with uid = 
poil-barebone$ (dn = uid=poil-barebone$,ou=Computers,dc=arzur,dc=local)
[2005/03/22 09:49:43, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2272)
  could not add user/computer poil-barebone$ to passdb.  Check permissions?
[2005/03/22 09:49:43, 2] smbd/server.c:exit_server(575)
  Closing connections


4- In root (ldap root)
[2005/03/22 09:50:21, 2] lib/smbldap.c:smbldap_open_connection(692)
  smbldap_open_connection: connection opened
[2005/03/22 09:50:21, 2] passdb/pdb_ldap.c:init_sam_from_ldap(518)
  init_sam_from_ldap: Entry found for user: root
[2005/03/22 09:50:21, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
  init_group_from_ldap: Entry found for group: 513
[2005/03/22 09:50:21, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [root] -> [root] -> 
[root] succeeded
[2005/03/22 09:50:22, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain ARZUR-NT -> 
S-1-5-21-1874299889-3982645529-2160850509
[2005/03/22 09:50:22, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
  init_group_from_ldap: Entry found for group: 515
[2005/03/22 09:50:22, 2] passdb/pdb_ldap.c:init_ldap_from_sam(929)
  init_ldap_from_sam: Setting entry for user: poil-barebone$
[2005/03/22 09:50:22, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1552)
  ldapsam_modify_entry: Failed to modify user dn= 
uid=poil-barebone$,ou=Computers,dc=arzur,dc=local with: Insufficient access
 
[2005/03/22 09:50:22, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1994)
  ldapsam_add_sam_account: failed to modify/add user with uid = 
poil-barebone$ (dn = uid=poil-barebone$,ou=Computers,dc=arzur,dc=local)
[2005/03/22 09:50:22, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2272)
  could not add user/computer poil-barebone$ to passdb.  Check permissions?
[2005/03/22 09:50:22, 2] smbd/server.c:exit_server(575)
  Closing connections


Thanks all for helping me!

More information about the samba mailing list