So after another day of investigation I have discovered it may be a LAM issue. If I create a new user using smbldap-useradd the new user can login to my win7 workstations. However, if I create the new user in LAM the new user receives the errorĀ "group policy client service failed the logon. Access denied"
Any one have an idea what LAM is doing to the user accounts? Here is a quick comparison. yo.littledog (GOOD ACCOUNT) I know the home dir and profile path are wrong. SAMBA1:/var/log/samba # pdbedit -Lv yo.littledog smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=NEVSD))] StartTLS issued: using a TLS connection smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server init_sam_from_ldap: Entry found for user: yo.littledog init_group_from_ldap: Entry found for group: 513 Unix username: yo.littledog NT username: yo.littledog Account Flags: [U ] User SID: S-1-5-21-1545272169-3882205488-3325164475-1328 Primary Group SID: S-1-5-21-1545272169-3882205488-3325164475-513 Full Name: yo.littledog Home Directory: \\PDC-SRV\yo.littledog HomeDir Drive: H: Logon Script: logon.bat Profile Path: \\PDC-SRV\profiles\yo.littledog Domain: NEVSD Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 22:14:07 EST Kickoff time: Mon, 18 Jan 2038 22:14:07 EST Password last set: Wed, 06 Jun 2012 14:52:39 EDT Password can change: Wed, 06 Jun 2012 14:52:39 EDT Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF yo.dog (BAD ACCOUNT) SAMBA1:/var/log/samba # pdbedit -Lv yo.dog smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=NEVSD))] StartTLS issued: using a TLS connection smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server init_sam_from_ldap: Entry found for user: yo.dog init_group_from_ldap: Entry found for group: 513 Unix username: yo.dog NT username: yo.dog Account Flags: [UX ] User SID: S-1-5-21-1545272169-3882205488-3325164475-21006 Primary Group SID: S-1-5-21-1545272169-3882205488-3325164475-513 Full Name: Yo Dog Home Directory: \\SAMBA1\yo.dog HomeDir Drive: H: Logon Script: Profile Path: \\samba1\profiles\yo.dog Domain: NEVSD Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: Mon, 31 Dec 2029 19:00:00 EST Password last set: Wed, 06 Jun 2012 15:19:40 EDT Password can change: Wed, 06 Jun 2012 15:19:40 EDT Password must change: Mon, 18 Jan 2038 22:14:07 EST Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba