[Samba] Cannot join Win XP SP2 client to domain

Wed May 16 12:47:55 GMT 2007

>
> Are you really using that LDAP servers? The error is mostly related to LDAP 
> more than Samba... perhaps ACL problems.
Yes I am. I have an LDAP server on the PDC (which is localhost) and a 
slave on the BDC (which is "myserver").  It all works fine.
As far as the issue I was having regarding adding a machine to the 
domain, I have solved it. Here's what I did:

I create an LDIF file with the following content:

    dn: cn=NextFreeUnixId,dc=mydomain,dc=com
    objectClass: inetOrgPerson
    objectClass: sambaUnixIdPool
    uidNumber: 1160   #(/set these numbers above your highest user and
    group ID's/)
    gidNumber: 1160
    cn: NextFreeUnixId
    sn: NextFreeUnixId

Now run:

    /ldapadd -x -D "cn=Manager,dc=mydomain,dc=com" -w <LDAP password> -f
    filename.ldif/

Then go into smbldap-tools/smbldap.conf and add the following:

    /sambaUnixIdPooldn="cn=NextFreeUnixId,${suffix}"/

After that I am able to add a machine to the domain from within the 
windows client. See 
http://sourceforge.net/docman/display_doc.php?docid=33543&group_id=166108 
<http://sourceforge.net/docman/display_doc.php?docid=33543&group_id=166108>
for more information on using and configuring the IdealX scripts.

*Jason Baker
*/IT Coordinator/

*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>

-----BEGIN GEEK CODE BLOCK----- 
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++
------END GEEK CODE BLOCK------

Asier Baranguán wrote:
> El Martes, 15 de Mayo de 2007 21:42, Jason Baker escribió:
>
>   
>>     [global]
>>             unix charset = LOCALE
>>             workgroup = mydomain
>>             netbios name = myserver
>>             server string = Domain Controller running %v
>>             interfaces = eth1, lo
>>             bind interfaces only = yes
>>             os level = 255
>>             preferred master = yes
>>             local master = yes
>>             domain master = yes
>>             security = user
>>             time server = yes
>>             username map = /etc/samba/smbusers
>>             wins support = yes
>>             encrypt passwords = yes
>>             pam password change = yes
>>             name resolve order = wins bcast hosts
>>             winbind nested groups = no
>>             passdb backend = ldapsam:"ldap://127.0.0.1 ldap://myserver"
>>     
>
> Are you really using that LDAP servers? The error is mostly related to LDAP 
> more than Samba... perhaps ACL problems.
>
>   
>>             add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
>>     
>
> It's not related to this error, but if your users are going to be Windows 
> users you shuld add an '-a' here
>
>   
>>             add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
>>     
>
> And perhaps here, to make the group mappings automatically
>   