[Samba] PDC Ldap adding computers to domain
Eric Druid
eric.druid at gmail.com
Fri Nov 30 02:55:33 GMT 2007
I have a problem setting up samba using ldap as a domain server.
When I try to configure a windows 2000 machine to join the domain I
first get an authentication request where I enter root and roots
password. The dialog disapears for a while (20-30 seconds) and then
displays an error dialog with something like "The user name could not
be found" (but in swedish).
The computer name shows up in the ldap database after this.
I'm using:
Debian etch
samba 3.0.24-6etch5
smbldap-tools 0.9.2-3
OpenLDAP (slapd) 2.3.30-5
I set the debugging to level 2 and get this for each attempt at
configuring the computer in /var/log/samba/log.troll
[2007/11/30 01:45:51, 0] lib/util_sock.c:write_data(562)
write_data: write failure in writing to client 10.0.0.203. Error
Connection reset by peer
[2007/11/30 01:45:51, 0] lib/util_sock.c:send_smb(769)
Error writing 4 bytes to client. -1. (Connection reset by peer)
[2007/11/30 01:45:51, 2] lib/smbldap.c:smbldap_open_connection(788)
smbldap_open_connection: connection opened
[2007/11/30 01:45:51, 2] passdb/pdb_ldap.c:init_sam_from_ldap(541)
init_sam_from_ldap: Entry found for user: root
[2007/11/30 01:45:51, 2] passdb/pdb_ldap.c:init_group_from_ldap(2140)
init_group_from_ldap: Entry found for group: 513
[2007/11/30 01:45:51, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [root] -> [root] ->
[root] succeeded
[2007/11/30 01:45:51, 2] smbd/reply.c:reply_tcon_and_X(711)
Serving IPC$ as a Dfs root
[2007/11/30 01:45:52, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2797)
Returning domain sid for domain CHAMPIS ->
S-1-5-21-3235403273-773503436-3870180080
my smb.conf
[global]
workgroup = CHAMPIS
server string = %h server
passdb backend = ldapsam:ldap://localhost:389
passwd program = /sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password %n\n
*all*authentication*tokens*updated*
log level = 2
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = lmhosts host wins bcast
add user script = /usr/sbin/smbldap-useradd -m %u
add group script = /usr/sbin/smbldap-groupadd -p %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
set primary group script = /usr/sbin/smbldap-usermod -g %g %u
add machine script = /usr/sbin/smbldap-useradd -w %u
logon path = \\%N\profiles\%U
logon drive = H:
domain logons = Yes
os level = 42
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = cn=admin,dc=proxxi,dc=org
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap replication sleep = 5000
ldap suffix = dc=proxxi,dc=org
ldap user suffix = ou=Users
panic action = /usr/share/samba/panic-action %d
[homes]
comment = Home Directories
valid users = %U
create mask = 0700
directory mask = 0700
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
share modes = No
[profiles]
comment = Users profiles
path = /home/samba/profiles
create mask = 0600
directory mask = 0700
browseable = No
More information about the samba
mailing list