Dear Adam, I changed my machine & install Samba & Ldap in other machine with new configuration.
Even getent paaswd & getent shadow is work well.Ldap doesn't has problem. Even i invoke :smbldap-useradd -w mylove then i run net rpc join mylove -u root Enter root's password: Creation of workstation account failed Unable to join domain MYLOVE. debian:/usr/local/etc/samba_3# I confused.... My smb.conf: ///////////////////////////////////////////// [global] dos charset = UTF-8 display charset = UTF-8 workgroup = MYLOVE realm = MYLOVE netbios name = MYLOVE server string = %h server map to guest = Bad User passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = logon.bat logon path = \\%N\profiles\%U logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=mylove ldap delete dn = Yes ldap group suffix = ou=group ldap idmap suffix = ou=idmap ldap machine suffix = ou=computer ldap suffix = dc=example,dc=com ldap ssl = no ldap user suffix = ou=people panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0600 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [netlogon] path = /var/lib/samba/netlogon browseable = No [profiles] path = /var/lib/samba/profiles force user = %U read only = No create mask = 0600 directory mask = 0700 guest ok = Yes profile acls = Yes browseable = No csc policy = disable [public] path = /tmp read only = No guest ok = Yes On Tue, 2009-07-07 at 10:33 -0500, Adam Williams wrote: > sounds like your computer doesn't have a machine account. > > Mohsen Pahlevanzadeh wrote: > > Dear all, > > I ran PDC on smbpasswd auth. > > When i use following the command, i receive : > > ////////////////////////////////////////// > > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > > Enter root's password: > > Creation of workstation account failed > > Unable to join domain MYLOVE. > > debian:/usr/local/etc/samba_3# > > /////////////////////////////////////////////////////// > > > > > > my smb.conf is : > > > > > > > > //////////////////////////////////////////////////////////// > > [global] > > netbios name = mylove > > server string = Axjooon > > workgroup = mylove > > os level = 65 > > prefered master = yes > > domain master = yes > > local master = yes > > domain logons = yes > > ;misc options > > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > > RCVBUF=8192 > > time server = yes > > hide dot files = yes > > #client code page = 852 > > #character set = ISO8859-2 > > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > > > security = user > > guest ok = no > > invalid users = bin sys ftp man mail > > admin users = @admin > > wins support = yes > > # passdb backend = ldapsam:"ldap://ldap1.company.com > > ldap://ldap2.company.com" > > # passdb backend = ldapsam:ldap://127.0.0.1/ > > # ldap admin dn = cn=Manager,dc=mylove,dc=com > > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > > # ldap suffix = dc=mylove,dc=com > > # ldap group suffix = ou=Groups > > # ldap user suffix = ou=Users > > # ldap machine suffix = ou=Computers > > #ldap idmap suffix = ou=Idmap > > #add user script = /usr/sbin/smbldap-useradd -m "%u" > > #ldap delete dn = Yes > > #delete user script = /usr/sbin/smbldap-userdel "%u" > > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > > # add group script = /usr/sbin/smbldap-groupadd -p "%g" > > #delete group script = /usr/sbin/smbldap-groupdel "%g" > > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > > "%g" > > # delete user from group script = /usr/sbin/smbldap-groupmod -x > > "%u" "%g" > > # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% > > u' > > > > > > > > #domain admin group = @admin > > #domain admin users = root > > > > #encrypt password = yes > > > > > > ;logging > > log level = 2 > > log file = /usr/local/etc/samba_3/var/log.%L > > max log size = 10000 > > debug timestamp = yes > > syslog = 1 > > > > ;user roaming profiles path > > logon path = \\%N\profiles\%u > > ;general logon script > > logon script = logon.bat > > > > [netlogon] > > path = /home/samba/netlogon > > public = no > > writeable = no > > browseable = no > > valid users = r...@debian > > > > [profiles] > > path = /home/samba/profiles > > writeable = yes > > create mask = 0700 > > directory mask = 0700 > > browseable = no > > valid users = r...@debian > > ////////////////////////////////////////////////////////////// > > > > my login.bat is : > > > > > > /////////////////////////////////////////////////////////// > > @echo off > > rem by robowarp.deletet...@gmx.de leave to public as it is , dont think > > of asking me > > rem created for samba 3 login, the bat files were creted on the fly by > > genlogin.pl > > rem this script is only valid for win2000/NT/XP > > rem exec bat for logged in machine ( maybe software status or machine > > data ) > > echo %COMPUTERNAME% > > call %COMPUTERNAME%.bat > > rem exec bat for login user > > echo %USERNAME% > > call %USERNAME%.bat > > rem exec bat for different groups > > rem ifmember.exe must be in the netlogon share download it at > > microschrott > > ifmember Administrators > > if errorlevel 1 call Administrators.bat > > ifmember users > > if errorlevel 1 call users.bat > > ////////////////////////////////////////////////////////////// > > > > > > Please help me................ > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba