[Samba] Samba PDC with LDAP, can't join Domain
Ernest Aigner
ernest.aigner at gmx.at
Fri Dec 29 09:59:01 GMT 2006
I've installed a samba PDC with ldap database, but I can't join the
domain with my windows XP machines.
I populated the Database with smbldap-tools.
When I try to log in as Root in the log file is written:
log.0.0.0.0
1 [2006/12/29 11:49:24, 0] lib/util_sock.c:get_peer_addr(1229)
2 getpeername failed. Error was Der Socket ist nicht verbunden
3 [2006/12/29 11:49:24, 0] lib/access.c:check_access(327)
4 [2006/12/29 11:49:24, 0] lib/util_sock.c:get_peer_addr(1229)
5 getpeername failed. Error was Der Socket ist nicht verbunden
6 Denied connection from (0.0.0.0)
7 [2006/12/29 11:49:24, 1] smbd/process.c:process_smb(1103)
8 [2006/12/29 11:49:24, 0] lib/util_sock.c:get_peer_addr(1229)
9 getpeername failed. Error was Der Socket ist nicht verbunden
10 Connection denied from 0.0.0.0
11 [2006/12/29 11:49:24, 0] lib/util_sock.c:write_data(562)
12 write_data: write failure in writing to client 192.168.0.2. Error
Die Verb indung wurde vom Kommunikationspartner zurückgesetzt
13 [2006/12/29 11:49:24, 0] lib/util_sock.c:send_smb(769)
14 Error writing 5 bytes to client. -1. (Die Verbindung wurde vom
Kommunikati onspartner zurückgesetzt)
When I try to join with a users i added with smbldap-useradd, in the log
files is written:
log.ernest
1 [2006/12/29 11:51:31, 0] lib/smbldap.c:smbldap_open(1009)
2 smbldap_open: cannot access LDAP when not root..
When i do testparm i don't get any failure here a dump:
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = AIGNER
netbios name = SERVER
server string = Windows %v
interfaces = eth0
passdb backend = ldapsam:ldap://127.0.0.1
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
add user script = /usr/sbin/smbldap-useradd -m "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = logon.cmd
logon path = \\%N\profiles\%U
logon drive = H:
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=admin,dc=aigner,dc=local
ldap delete dn = Yes
ldap group suffix = ou=Group
ldap machine suffix = ou=Computer
ldap passwd sync = Yes
ldap suffix = dc=aigner,dc=local
ldap user suffix = ou=People
panic action = /usr/share/samba/panic-action %d
hosts allow = 192.
hide unreadable = Yes
[homes]
comment = Eigene Dateien
path = /home/%U
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
inherit permissions = Yes
browseable = No
[Arbeitszettel]
comment = Arbeitszettel
path = /home/samba/azettel
read only = No
guest ok = Yes
[Sekretariat]
comment = Sekretariat
path = /home/samba/segret
read only = No
guest ok = Yes
[Verkauf]
comment = Verkauf
path = /home/samba/verkauf
read only = No
guest ok = Yes
[Leitung]
comment = Leitung
path = /home/samba/leitung
read only = No
[Allgemein]
comment = Allgemeine Freigabe
path = /home/samba/allg
read only = No
guest ok = Yes
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
share modes = No
[profiles]
comment = Users profiles
path = /home/samba/profiles
write list = "@Domain Users", "@Domain Admins"
read only = No
create mask = 0600
directory mask = 0700
case sensitive = No
preserve case = No
hide files = /desktop.ini/ntuser.ini/NTUSER.*/
If you need any further information please just tell me! (nsswitch, pam,
slapd.conf, ...)
thx Ernest Aigner
More information about the samba
mailing list