[Samba] Can No Longer Join to Domain

Jason Baker jbaker at glastender.com
Fri Mar 23 18:15:26 GMT 2007


I have Samba 3.0.24 running on CentOS 4 as a PDC with an LDAP backend. 
When I first set everything up, I could join workstations to the domain 
automatically with the  Windows Network ID Wizard. Now when I try to 
join a workstation I get:

    Your computer could not be joined to the domain because the
    following error has occurred:
    The user name could not be found.

If I add the computer name to the domain manually from the command line 
or with LDAP Account Manager, then go back and join it, it works. But it 
sure would be nice not to have to set up each machine manually. Any 
thoughts?

[global]
        unix charset = LOCALE
        workgroup = glastendernet
        netbios name = aster
        server string = Glastender Domain Controller running %v
        interfaces = eth1, lo
        bind interfaces only = yes
        os level = 255
        preferred master = yes
        local master = yes
        domain master = yes
        security = user
        time server = yes
        username map = /etc/samba/smbusers
        wins support = yes
        encrypt passwords = yes
        pam password change = yes
        name resolve order = wins bcast hosts
        winbind nested groups = no
        passdb backend = ldapsam:ldap://127.0.0.1/
        ldap passwd sync = Yes
        ldap suffix = dc=glastender,dc=com
        ldap admin dn = cn=Manager,dc=glastender,dc=com
        ldap ssl = no
        ldap group suffix = ou=Groups
        ldap user suffix = ou=People
        ldap machine suffix = ou=People
        ldap idmap suffix = ou=Idmap
        idmap backend = ldap:ldap://127.0.0.1/
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        map acl inherit = yes
        add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
        #delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
        add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
        add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
        #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
        add user to group script = /etc/smbldap-tools/smbldap-groupmod 
-m "%u" "%g"
        delete user from group script = 
/etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
        set primary group script = /etc/smbldap-tools/smbldap-usermod -g 
"%g" "%u"
        domain logons = yes
        log file = /var/log/samba/log.%m
        log level = 1
        syslog = 0
        max log size = 50
        #smb ports = 139 445
        smb ports = 139
        hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
        # User profiles and home directories
        logon drive = U:
        logon path = \\%L\profiles\%U
        logon script = %U.bat
        large readwrite = no
        read raw = no
        write raw = no
        printcap name = /etc/printcap
        load printers = no
        printing =

#=========Shares=======
   template shell = /bin/false
   winbind use default domain = no

[homes]
        comment = Home Directories
        browseable = no

-- 

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>

-----BEGIN GEEK CODE BLOCK----- 
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++
------END GEEK CODE BLOCK------



More information about the samba mailing list