[Samba] problems xp joining samba pdc
Felipe Augusto van de Wiel
felipe at paranacidade.org.br
Tue Sep 19 13:20:09 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/18/2006 09:23 AM, Mike escreveu:
> Morning,
>
> I have three machines, two xp and one win2k, that join the
> samba pdc fine. I have tried to join others to this same
> samba pdc using the same accounts for authentication without
> success. The xp machine first says the user does not exist,
> I click ok and go back to the screen for the domain account
> authorized to join the domain and press ok (or next) again
> and this time the xp box says the user already exists.
>
> I think something is having an issue with the machine$
> accounts in ldap. I added a '-t 5' in smb.conf to the
> smbadd-useradd command for adding a machine. I could
> tell a longer time before the first messages (missing user)
> is returned, but I still have the same final situation with
> the xp box not being a part of the samba pdc.
Any chances that the "Sign or Seal" problem still exists?
> Any ideas?
> Mike
[...]
> ------------------------------------ /etc/samba/smb.conf
>
> # Samba config file created using SWAT
> # from 10.1.2.43 (10.1.2.43)
> # Date: 2006/08/03 15:11:35
>
> [global]
> security = USER
> client plaintext auth = Yes
> client lanman auth = Yes
> encrypt passwords = Yes
> lanman auth = No
> ntlm auth = Yes
> password level = 0
> guest account = nobody
> #admin users = manager, root, mikee, jrc, bdhein
> admin users =
> hosts allow = 10.1.2., 10.1.3.
> cups options = raw
> wins support = yes
> usershare allow guests = yes
>
> workgroup = PWI
> netbios aliases = loghost, mailhost, backuphost, ldaphost
> server string = Samba Server (%h)
> logon drive = P:
> logon home = \\%N\%U
> logon path = \\%N\%U\profile
> logon script = /etc/samba/login.bat
> ldap suffix = dc=company,dc=com
> ldap admin dn = cn=manager,dc=company,dc=com
> ldap user suffix = ou=people
> ldap group suffix = ou=groups
> ldap machine suffix = ou=machines
> ldap ssl = off
> ldapsam:trusted = Yes
> ldap timeout = 15
> utmp directory = /var/run
> wtmp directory = /var/log
> utmp = Yes
>
> password server = ldaphost.company.com
> passdb backend = ldapsam:ldap://ldaphost.company.com
> ldap passwd sync = Yes
> #unix password sync = Yes
> #passwd program = /usr/sbin/smbldap-passwd %u
> #passwd chat = "Changing * password*for*\nNew password*" %n\n "*Retype new password*" %n\n"
> #passwd chat debug = Yes
>
> os level = 66
> preferred master = Yes
> local master = Yes
> domain master = Yes
> domain logons = Yes
> allow trusted domains = Yes
> dns proxy = No
>
> # log level = 255
> # log level = 4
> # log level = 3 ldap:10 passdb:10 auth:10 winbind:10
> log level = 3
> log file = /var/log/samba/%m.log
> max log size = 500
>
> socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
>
> #add user script = /usr/sbin/smbldap-useradd -m '%u'
> add user script = /usr/sbin/smbldap-useradd -a -A 1 -B 1 -s /bin/bash -c "%u" -d /home/%u -C "\\\\%h\\%u" -D 'H:' -M "%u at company.com" %u
> delete user script = /usr/sbin/smbldap-userdel %u
> add group script = /usr/sbin/smbldap-groupadd -p '%g'
> delete group script = /usr/sbin/smbldap-groupdel '%g'
> add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
> delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
> set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
> #add machine script = /usr/sbin/smbldap-useradd -w '%u'
> #add machine script = /usr/sbin/smbldap-useradd -w -A 0 -B 0 -s /bin/false -c "%u machine account" -d /dev/null %u
> add machine script = /usr/sbin/smbldap-useradd -w -i '%u' -t 5
>
> [netlogon]
> path = /etc/samba/netlogon
> browseable = No
> writable = Yes
>
> [homes]
> comment = Home Directories
> read only = No
> guest ok = No
> browseable = No
>
> [printers]
> comment = All Printers
> path = /usr/spool/samba
> printable = Yes
> browseable = No
>
> [company]
> comment = Company Corporate Files
> path = /opt/company
> create mask = 0765
> browseable = Yes
> printable = No
>
> [Backups]
> comment = Backup files are stored here
> path = /opt/backups
> browseable = Yes
> printable = No
>
> [Data]
> comment = Storage for support and other data.
> path = /opt/data
> browseable = Yes
> printable = No
>
> [Cygwin]
> comment = Company Cygwin Repositiory
> path = /opt/cygwin
> browseable = Yes
> printable = No
> guest ok = Yes
> guest only = No
> writeable = No
> read only = Yes
> ------------------------------------ /etc/samba/smb.conf
>
- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFFD+6JCj65ZxU4gPQRAtFGAJ41tQuXbHjubugQ8f4p/U30A7l+dQCgwo8W
hCqQWgEaJ/puJ/9qFje2T0k=
=YM5+
-----END PGP SIGNATURE-----
More information about the samba
mailing list