[Samba] Problems setting up Samba+LDAP PDC in Debian Sarge
Gerald (Jerry) Carter
jerry at samba.org
Wed Oct 26 12:07:17 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chema wrote:
...
| From Samba 3.0.12, it is now possible for admin users
| to join computers to the domain without using
| the "root" account."
| ...
| In fact, the 'root' account is needed in the first place
| so that the SeXXX privileges can be set.>>
Actually, any members of the domain admins group (rid=512)
can assign and revoke privileges.
| Anyway, after fiddling around looking for clues, I
| found that I no longer can get my local sid:
|
| [2005/10/25 11:20:25, 0] utils/net.c:net_getlocalsid(494)
| Can't fetch domain SID for name: SERVIDOR1-PDC
That would be a pretty big issue, but smbd should regenerate
a random SID on startup.
| chema at dellj81:~$ ldappasswd
| SASL/DIGEST-MD5 authentication started
| Please enter your password:
| ldap_sasl_interactive_bind_s: Internal (implementation
| specific) error (80)
| additional info: SASL(-13): user not found: no
| secret in database
|
| This produces the following sldap output:
....
| I have yet to enable TLS, so slapd shoulnd't be
| using SASL, right?
The StartTLS extended op and and SASL are independent things.
cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"There's an anonymous coward in all of us." --anonymous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDX3F1IR7qMdg1EfYRAjt6AJ9sIdpo+soLfgq5avrpLmh1uEqGWgCfeXHX
SuLmVP8Ef113COsZL5SrMic=
=w2N4
-----END PGP SIGNATURE-----
More information about the samba
mailing list