[Samba] NT_STATUS_LOGON_FAILURE with ldap backend
Luca Ferrari
fluca1978 at infinito.it
Mon Feb 25 08:55:04 GMT 2008
Hi all,
I've configured my samba server to work with my ldap backend, the
configuration of ldap is correct and in fact my users can interactively
login. The problem is with samba, that is always returning a
NT_STATUS_LOGON_FAILURE when a user tries to access a share. I'm in doubt if
I have to add ldap accounts through the ldap-tools of samba or not, at the
moment I did not add any account to samba (thinking it should read them from
the ldap server directly). In the logs I'm not able to find anything useful,
does anyone have any clue?
The following is an excerpt of my configuration file:
[global]
netbios name = SEDELDAP
workgroup = LDAP
security = user
passdb backend = ldapsam:ldap://localhost/
obey pam restrictions = no
ldap admin dn = cn=admin,dc=myDomain,dc=com
ldap suffix = dc=myDomain, dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
domain logons = yes
[coge]
browsable = no
available = no
guest ok = no
valid users = luca
writable = yes
printable = no
Any idea about that?
Thanks,
Luca
More information about the samba
mailing list