[Samba] OpenLDAP domain registering

Daniel Müller mueller at tropenklinik.de
Thu Jan 31 00:33:30 MST 2013


If your fileserver is part of a domain it is:

Security=domain --> all your authentication will be transmited to the PDC

Did you join your fileserver to the domain ?

EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von arun.sasi1 at wipro.com
Gesendet: Donnerstag, 31. Januar 2013 07:06
An: samba at lists.samba.org
Betreff: [Samba] OpenLDAP domain registering

Hello Team,

I am using samba 3.6.3 in ubuntu as file server and also I have a domain
controller in my organization both are different servers.

I am able to register SAMBA as domain controller successfully, and I could
see SAMBA Domain with SID populated in my OpenLDAP. But my problem is when I
configure samba as file server. SAMBA is pulling the host name and
registering to OpenLDAP as domain.

Example My Domain name is test.

My file server host name is fileserver01

I could see test and fileserver01 in my openldap with SID. why this is
happening, since this is just configured as file server. and also I do not
have winbind configured in my file server. below are my configuration


workgroup = test

server string = %h server (Samba, Ubuntu)

wins server =

dns proxy = no

name resolve order = lmhosts host wins bcast

disable spoolss = no
spoolss : architecture = Windows x64

log file = /var/log/samba/log.%m

max log size = 1000

syslog = 0

panic action = /usr/share/samba/panic-action %d

security = user

encrypt passwords = true

passdb backend = ldapsam:ldap://servername ldap suffix = dc=aa,dc=bb,dc=com
ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine
suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap admin dn =
cn=admin,dc=aa,dc=bb,dc=com ldap ssl = no

map to guest = bad user

domain logons = yes

load printers = yes

printing = cups
printcap name = cups

socket options = TCP_NODELAY

domain master = no

usershare allow guests = yes

create mask = 0700
directory mask = 0700
browseable = no
comment = Home Directories
valid users = %S
writable = yes
available = no

comment = All Printers
public = yes
printable = yes
path = /var/spool/samba

# Windows clients look for this share name as a source of downloadable #
printer drivers [print$] comment = Printer Drivers writeable = yes public =
yes path = /var/lib/samba/printers write list = root, at Onsite-Admins

        force create mode = 770
        valid users = @Onsite-Admins
        create mode = 770
        path = /data/imigrate
        write list = @Onsite-Admins
        force directory mode = 770
        directory mode = 770

The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list