[Samba] MS SQL Server 2005 with Windows Authentication via Samba+LDAP PDC

Kris Lou klou at themusiclink.net
Fri May 1 21:44:38 GMT 2009


I'm relatively new to Samba, and now I'm trying to migrate our PDC
from tdbsam to ldap.  On my test systems, users can authenticate
and log in to their XP machines, but logging into our ERP system (MS
SQL 2005 backend) fails with

"not associated with a trusted sql server connection"

Has anybody else seen this?  Here's my smb.conf - its pretty textbooks.

     unix charset = LOCALE
     workgroup = mydomain
     netbios name = server
     server string = PDC

     passdb backend = ldapsam:ldap://mydomain
     enable privileges = yes
     username map = /etc/samba/smbusers
     security = user

     # Password options (testing)
     passwd program = /usr/sbin/smbldap-passwd %u
     passwd chat = *New*password* %n/n *retype*new*password* %n/n 
     obey pam restrictions = no

     log level = 1
     syslog = 0
     log file = /var/log/samba/%m

     smb ports = 139 445
     name resolve order = wins bcast hosts

     printcap name = CUPS
     show add printer wizard = no

     add user script = /usr/sbin/smbldap-useradd -m "%u"
     delete user script = /usr/sbin/smbldap-userdel "%u"
     add group script = /usr/sbin/smbldap-groupadd -p "%g"
     delete group script = /usr/sbin/smbldap-groupdel "%g"
     add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
     delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
     set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
     add machine script = /usr/sbin/smbldap-useradd -w "%u"

     logon script =
     logon path =

     domain logons = yes
     preferred master = yes
     wins support = yes
     domain master = yes
     local master = yes
     os level = 99

     ldap suffix = dc=mydomain,dc=net
     ldap machine suffix = ou=People
     ldap user suffix = ou=People
     ldap group suffix = ou=Group
     ldap idmap suffix = ou=Idmap
     ldap admin dn = cn=Manager,dc=mydomain,dc=net
     idmap backend = ldap:ldap://server.mydomain.net
     idmap uid = 10000-20000
     idmap gid = 10000-20000
     map acl inherit = yes

     printing = cups

CentOS 5.3
Samba 3.2.8


More information about the samba mailing list