On Wed, May 29, 2002 at 02:14:13PM +1000, Gonzalo Servat wrote: > On Tue, 2002-05-28 at 18:10, [EMAIL PROTECTED] wrote: > > On Tue, May 28, 2002 at 10:09:12AM +1000, Gonzalo Servat wrote: > > > Hi All > > > > > > I've compiled Samba 3.0 alpha 17 using --with-ldapsam. In smb.conf I've > > > got: > > > > > > passdb backend = ldapsam > > > ldap admin dn = "cn=Manager,o=Sambatest,c=AU" > > > ldap suffix = c=AU > > > ldap ssl = off > > > > > > ... and the admin dn password is in the secrets.tdb file. > > > > > > Other than missing an "n" in "backend", :), is there anything clearly > > > wrong with my setup? Am I missing a configuration directive in smb.conf? > > > > You need to set that to 'passdb backend= ldapsam:ladp://ldap.server:port > > Ah ha! Thanks. That did it... > > Another question. I've mapped the group 'domadm' (using smbgroupedit) to > 'Domain Admins'. In my /etc/group, I have: > > domadm: smbadmin > > ... and smbadmin is a user in the LDAP tree. I've confirmed that I can > successfully map a share on the samba server using smbadmin. > > I tried to join my samba domain (it's a Win2k box) and I get prompted > for a login/password of a user that has enough privileges to join the > domain. I entered 'smbadmin' and the password and I get 'Access is > denied'. I noticed in the logs that it tries various combinations of the > name 'smbadmin' before giving up with this error:
You can only join with ROOT. The user being a 'domain admin' is only for the benifit of the windows clients. In Samba 3.0, you can use set admin users = @domadm to get a similar effect - but remeber that all actions of those uses will be as root, not just joins etc. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
