[Samba] samba with ldap PDC cannot join my windows to domain?
Alberto Moreno
portsbsd at gmail.com
Tue Aug 11 18:05:35 MDT 2009
Hi people.
I have been working with samba+ldap = PDC in my test netwwork. I had
follow the good tutorial: Samba By Example, chapter 5, I had done all
the test the book say and no issues.
I have 2 issues:
1; I cannot see my domain at my windows browser.
2; I cannot add my windows xp pro to my domain.
I have been trying to see if I could find the solution but nothing
yet, there is the reason I send this email.
My server is Centos 5.3 latest one all the packages are the current
from centos.
Ldap looks that is working, because all my test from the book pass,
and the same with samba.
Went I try to add one Winbox to the domain I receive this:
"The following error occurred attempting to join the domain "MyDomain"
"The network path as not found"
My smb.conf is this:
[global]
dos charset = 850
unix charset = ISO8859-1
display charset = ISO8859-1
workgroup = RMAI
netbios name = RMAIPDC
server string = Samba Server on %L
os level = 33
remote announce = 192.168.50.255
interfaces = eth0,lo
bind interfaces only = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
allow hosts = 192.168.50.0/24 127.0.0.1
admin users = Manager @"Domain Admins"
passdb backend = ldapsam:ldap://127.0.0.1
enable privileges = Yes
username map = /etc/samba/smbusers
log level = 6
syslog = 1
log file = /var/log/samba/%m.log
max log size = 100
smb ports = 139 445
name resolve order = wins bcast hosts
time server = No
#printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
#logon script = scripts\logon.bat
#logon path = \\%L\profiles\%U
#logon drive = X:
domain logons = Yes
domain master = Yes
preferred master = Yes
wins support = Yes
##########LDAP###################
ldap suffix = dc=rmai,dc=local
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=rmai,dc=local
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
#################################
map acl inherit = Yes
cups options = ""
[homes]
comment = RMAI Home Directories
browseable = No
writeable = Yes
read only = No
create mask = 0664
browseable = No
valid users = %U
[profiles]
path = /home/samba/profiles
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
browseable = No
writeable = Yes
guest ok = No
The stuff I can see at the log files is this:
windows-box.log
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
004c uni_max_len: 0000000c
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
0050 offset : 00000000
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint32(710)
0054 uni_str_len: 0000000c
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:dbg_rw_punival(942)
0058 buffer : F.A.M.-.C.H.O.R.I.Z.O...
[2009/08/11 16:40:49, 6] rpc_parse/parse_prs.c:prs_debug(84)
000070 smb_io_chal
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint8s(857)
0070 data: 03 a3 f4 30 4b c7 3c 90
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 net_io_r_auth
[2009/08/11 16:40:49, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_chal
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_uint8s(857)
0000 data: 00 00 00 00 00 00 00 00
[2009/08/11 16:40:49, 5] rpc_parse/parse_prs.c:prs_ntstatus(769)
0008 status: NT_STATUS_ACCESS_DENIED
[2009/08/11 16:40:49, 5] rpc_server/srv_pipe.c:api_rpcTNP(2305)
api_rpcTNP: called NETLOGON successfully
[2009/08/11 16:40:49, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(529)
free_pipe_context: destroying talloc pool of size 70
I will increase the debug level and give u more info.
Thanks for your time!!!
--
LIving the dream...
More information about the samba
mailing list