[Samba] openbsd and domain controller NOT WORKING

Tautvydas tautvydasg at gmail.com
Wed May 31 06:45:50 GMT 2006 

Good day list,

I hope, you will pay attention to my small problem (big problem for me).
I'm totally new to samba, so I don't know exactly, where the problem
is. Situation - I need to setup samba as a domain controller (and
fast!). Server - openbsd 3.9, samba 3.0.21.

There are my configs:

smb.conf
-------------------------------------------------------------------------------------------
cat /etc/samba/smb.conf
[global]
workgroup = mydomain
passwd chat = *New*Password* %n\n*Re-enter*new*password* %n\n *Password*changed*
username map = /etc/samba/smbusers
syslog = 2
name resolve order = wins bcast hosts
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'
logon script = scripts\login.bat
logon path =
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
printing = CUPS

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba/data/%U
valid users = %S
read only = No
[stuff]
comment = All Stuff
path = /home/samba/data/stuff
;valid users = %G
read only = No

-------------------------------------------------------------------------------------------
cat /etc/samba/smbusers
root = Administrator
muchacha = Administrator
aur = aurk1
jus = jusk2
dal = dalk3
rom = romd1
mon = mond2
ant = antnb

-------------------------------------------------------------------------------------------
cat /etc/samba/smbpasswd
root:0:3EB2601FBF81B43923B0A8F6F116C5B1:89A8C23F1100C5D0483335155A6F3D6A:[U
         ]:LCT-447CCFDF:
aur:1002:49881D6221BF97DCAAD3B435B51404EE:7626426E298A56ED35661E77DA3B2FE9:[U
         ]:LCT-447CC8C1:
jus:1003:DE8890B4A1C7DDECAAD3B435B51404EE:51C7DE2EE1A936E86E56764F54E47C74:[U
         ]:LCT-447CC8C8:
dal:1004:E4C95B3CABC1DFF2AAD3B435B51404EE:C36BA0ADEC8116F037B1C5098D06C869:[U
         ]:LCT-447CC8CF:
rom:1005:4403416CEA8AEB15AAD3B435B51404EE:A263BBF7D9D8311DD09F43947A4A3032:[U
         ]:LCT-447CC8D7:
mon:1006:EFABEA5881F25971AAD3B435B51404EE:392E82C1805FAB45F933D66F7EEF6081:[U
         ]:LCT-447CC8DF:

So I think users are added. System users also exists. Looks like
everything is working, I mean every user can have their home
directories \\server\aur accessible with their password.
Common share is also available by those users passwords.

In the server I also can acces some dirs with the users:
smbclient -U aur //local/host/aur
Password:

Domain=[MYDOMAIN] OS=[UNIX] Server=[Samba 3.0.21b]
smb:\> ls
	.
	..
	.cshrc
	.login
	........

smbstatus show me:

Samba version 3.0.21b
PID     Username      Group         Machine
-------------------------------------------------------------------
15436   jus           users         arch1        (192.168.1.35)
18667   rom           users         arch3        (192.168.1.34)

Service      pid     machine       Connected at
-------------------------------------------------------
stuff        15436   arch1         Wed May 31 05:42:45 2006
jus          15436   arch1         Wed May 31 05:42:51 2006
stuff        18667   arch3         Wed May 31 06:10:31 2006

No locked files

I need the domain controller, that users would be able to login. For
now, I can't log on to domain. I know, I missed understood something,
but I was trying to log into domain with all possible users, for
example aur, aurk1. Also, is it important windows computer name?

Also I've script

#!/bin/ksh
# Map Windows Domain Groups to UNIX groups
net groupmap modify ntgroup="Domain Admins"  unixgroup=wheel
net groupmap modify ntgroup="Domain Users"   unixgroup=users
net groupmap modify ntgroup="Domain Guests"  unixgroup=nobody

# Add Functional Domain Groups
net groupmap add ntgroup="Architektai"  unixgroup=users type=d


Please, give any advice, or just say what I'm missing here. I know, I
don't understand domain setup correctly, but I have no time for
reading all manual in samba.org.

I've also tried to as in example here:
http://us5.samba.org/samba/docs/man/Samba-Guide/small.html

But the result was the same:

Every time I try to log on to domain, I have this error:

"The user name could not be found."

testparm says, that role is ok:

testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[stuff]"
Loaded services file OK.
WARNING: passdb expand explicit = yes is deprecated
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

Please, give any advice.

Thank you for you time.
-- 
Tautvydas
P.S. Sorry for my English.

More information about the samba mailing list