[Samba] Can not add machine to the domain
Chris Boyd
chris.boyd at usit.ie
Wed May 23 15:22:14 GMT 2007
Running samba-3.0.24 with ldap on debian etch.
Whenever I try to add an xp pro machine to the domain I get (on the pc) "the
username can not be found". I'm loggin in as admin. In the samba log I get
(for this pc)
" passdb/pdb_interface.c:pdb_default_create_user(368)
_samr_create_user: Running the command
`/usr/local/smbldap-tools/smbldap-useradd -w "gal_script$"' gave 127"
I changed disabled the digital encryption for domain on the xp box in
security policy.
I can add the machine from the debian command line with no problems.
Here is the smb.conf
[global]
workgroup = usit
server string = %h server
dns proxy = no
interfaces = 127.0.0.0/8 eth0
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = ldapsam:ldap://10.133.1.21
ldap suffix = dc=usit,dc=ie
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = cn=admin,dc=usit,dc=ie
ldap delete dn = no
obey pam restrictions = yes
ldap password sync = yes
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
domain logons = yes
enable privileges = yes
logon path = \\%N\profiles\%U
logon path = \\%N\%U\profile
logon drive = H:
logon home = \\%N\%U
logon script = logon.cmd
add user script = /usr/sbin/adduser --quiet --disabled-password --gecos ""
%u
add machine script = /usr/local/smbldap-tools/smbldap-useradd -w "%u"
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain master = yes
preferred master = yes
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0700
directory mask = 0700
valid users = %S
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
writable = no
share modes = no
smbldap_bind.conf:
slaveDN="cn=admin,dc=usit,dc=ie"
slavePw="********"
masterDN="cn=admin,dc=usit,dc=ie"
masterPw="********"
nsswitch.conf:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
-----------------------------------------------------------------
This email message is intended only for the addressee(s)
and contains information that may be confidential and/or
copyrighted. If you are not the intended recipient please
notify the sender by reply email and immediately delete
this email. Use, disclosure or reproduction of this email
by anyone other than the intended recipient(s) is strictly
prohibited. USIT has scanned this email for viruses and
dangerous content and believes it to be clean. However,
virus scanning is ultimately the responsibility of the recipient.
-----------------------------------------------------------------
USIT Ireland Ltd. Company No. 377526. Registered Office 19/21 Aston Quay Dublin 2.
More information about the samba
mailing list