Domain login problem...
Gerald (Jerry) Carter
jerry at samba.org
Wed Oct 23 13:58:20 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please post general use questions to the samba at samba.org
list (see http://lists.samba.org/listinfo/samba for details).
The samba-technical mailing is for discussions of Samba
internals and development issues. Thanks.
jerry
On Wed, 23 Oct 2002, Vesa Jääskeläinen wrote:
> Hi.
>
> I am using Samba 2.2.6 with LDAP-support compiled in under RH7.3. (same
> happened with 2.2.5)
>
> I can logon from Win9x clients nicely to domain. I can usually
> join domain under Win2k-sp3. But I can't logon to domain.
>
> If I make local login to computer and then try to access shares,
> it works correctly.
>
> I can do logon to Linux with any user in LDAP. So nss_ldap & pam settings
> should be correct. I do have two LDAP servers here. One is master LDAP server
> and then another is at samba server. Master LDAP-server replicates all changes
> to samba server.
>
> I can find computer from LDAP (<comp name>$). If I delete it from LDAP and try
> to join again then it appears again there. So creating works (atleast somehow).
> There could be problem in this procedure.
>
> I am unsing smbldap-tools from samba package. And have configure master ldap
> server for write operations and samba server's ldap server for read operations.
>
> Also requiresingorseal has value 0.
>
> I am running out of clues here... So does anyone known how this problem could
> be fixed? I can provide samba/tcpdump logs on request.
>
> Thanks,
> Vesa Jääskeläinen
>
> -------- smb.conf -------
>
> [global]
> log level = 5
> workgroup = TECHDOME
> netbios name = NORNOR
> server string = just testing
> log file = /var/log/samba/log.%m
> max log size = 50
> security = user
> encrypt passwords = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = yes
> os level = 64
> domain master = yes
> domain logons = yes
> wins server = 1.2.3.4
> dns proxy = no
> domain admin group = @"Domain Admins" root
>
> ldap suffix = dc=somedomain,dc=com
> ldap admin dn = cn=manager,dc=somedomain,dc=com
> ldap port = 389
> ldap server = 2.3.4.5
> ldap ssl = no
>
> add user script = /usr/local/sbin/smbldap-useradd.pl -w %u
>
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> guest ok = yes
> writable = no
> share modes = no
>
> [tmp]
> comment = Temporary file space
> path = /tmp
> read only = no
> public = yes
>
- --
---------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours" 2ed
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE9tqQEIR7qMdg1EfYRAoguAKDVdvjCK/MundWkEckxgg+paoI9IgCgqhk2
xgGaOEk7cIr6pQEYXk1lG8c=
=pDiD
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list