[Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles
monyo at monyo.com
Wed Aug 3 10:43:32 MDT 2011
From: "J. Echter" <j.echter at elektro-mayer-echter.de>
Date: Tue, 02 Aug 2011 14:12:05 +0200
> I thought im done setting domain to WORKGROUP, as its set in smbldap.conf.
> I don't get why smbldap tools thinks im on a domain called BDC.
> Would it help if i post some output from pdbedit or stuff like that? I
> really don't get where this error comes from.
Have you set the SID same as PDC on BDC? For example
bdc# net rpc getsid
Storing SID S-1-5-21-2535719703-1779805756-2758924810 for Domain DomanName in secrets.tdb
Remembet that before running the command, you have to set smb.conf
correctly as BDC.
> here's the conf of my testing smb machine:
> domain master = no
> domain logons = no
> passdb backend = ldapsam:ldap://mule
> idmap backend = ldap:ldap://mule
> idmap uid = 10000-15000
> idmap gid = 10000-15000
You have to set "domain logons = yes" to make this machine act as BDC.
And are you running Winbind? If not, idmap backend/uid/gid does not mean
> there's something wrong with my config... the successful logins are only
> able because the users are already there as local unix accounts.
> i created a new user 'test' and this one can't even login.
Have you correctly set nss-ldap on BDC? For example /etc/nss_ldap.conf
"getent passwd <a-user-created-on-PDC>" on BDC shows his entry?
TAKAHASHI Motonobu <monyo at samba.gr.jp>
More information about the samba