I don't see any of the add ... script in your smb.conf (especially the
add machine script in your case). I don't know if it's the problem but i
think it would be usefull to tell smbd how to add machine if its name
don't exist in the LDAP...
Mariano Absatz a écrit :
Can anyone help me on this? I'm really stuck...
On Thu, Oct 15, 2009 at 16:58, Mariano Absatz <[email protected]> wrote:
Hi,
I'm trying to make a "pure ldap" setup, whereas users, groups, id mappings
and everything that is supported with LDAP be in the LDAP tree and managed
directly by samba.
That is, I'm using:
ldapsam:trusted = yes
ldapsam:editposix = yes
And NOT using smbldap-*.
My smb.conf is here: http://wiki.clueless.com.ar/SambaLdap/smb.conf-PDC
I created the LDAP tree root (o=midominio) and all its branches (ou=people;
ou=groups; ou= hosts and ou=idmap).
I ran "net sam provision" to fill in the basic values.
I stored the secrets in secrets.tdb:
# smbpasswd -w ldap_admin_password
# net idmap secret midominio ldap_admin_password
# net idmap secret alloc ldap_admin_password
I was able to join a samba server to the domain (net rpc join -S miserver
-UAdministrator).
However, when I try to join an XP host to the domain, I get an error (IIRC
it's "An attached device is not functionning") in the workstation and the
samba logs show the following:
[2009/10/15 11:17:47, 0] passdb/pdb_ldap.c:ldapsam_create_user(5119)
ldapsam_create_user: Unable to allocate a new user id: bailing out!
The user I'm using to bind to the LDAP server is the LDAP administrator and
it does have permissions on all the tree (in particular, within
"ou=idmap,o=midominio")...
I manually added an entry for the workstation's account posix data, then
issued "smbpasswd -a workstation$"
THEN I could join the domain...
Clearly, I have something misconfigured regarding ldap/idmap/alloc, but I
can't find enough information to do it right.
Any help REALLY appreciated...
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
