Hi Nico Kadel-Garcia, thanks for reply. Path for smbldap is correct. Other log file have
2013/01/25 17:20:13.974204, 1] auth/server_info.c:386(samu_to_SamInfo3) The primary group domain sid(S-1-5-21-3564791867-1010203101-2143723903-513) does not match the domain sid(S-1-5-21-2427793829-1009842549-3523806979) for Manager(S-1-5-21-2427793829-1009842549-3523806979-500) [2013/01/25 17:20:13.974250, 4] smbd/sec_ctx.c:422(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2013/01/25 17:20:13.974286, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL' [2013/01/25 17:20:13.974506, 3] auth/auth_winbind.c:60(check_winbind_security) check_winbind_security: Not using winbind, requested domain [gis] was for this SAM. [2013/01/25 17:20:13.974542, 2] auth/auth.c:319(check_ntlm_password) check_ntlm_password: Authentication for user [Manager] -> [Manager] FAILED with error NT_STATUS_UNSUCCESSFUL [2013/01/25 17:20:13.974610, 3] smbd/error.c:81(error_packet_set) error packet at smbd/sesssetup.c(124) cmd=115 (SMBsesssetupX) NT_STATUS_UNSUCCESSFUL [2013/01/25 17:20:24.885770, 1] smbd/process.c:457(receive_smb_talloc) receive_smb_raw_talloc failed for client 192.0.200.149 read error = NT_STATUS_CONNECTION_RESET. [2013/01/25 17:20:24.885923, 4] smbd/sec_ctx.c:314(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2013/01/25 17:20:24.886102, 3] smbd/server_exit.c:181(exit_server_common) Server exit (failed to receive smb request) Then the problem is sid, samba-3.3 probabily do not check sid. Ldap is workin so it is possible disable sid check in samba-3.6? Fabrizio. Well, for one thing, if you updated to samba3x your binaries for > > things like "smbldap-usermod" are all going to be in /usr/bin, not > /usr/local/bin. path is correct, files smbldap are in /usr/local/bin. > > Did you have an old hand-built Samba lying around? If > you did, you need to clear it. > > > > Jan 24 17:53:03 VmPDC smbd[15115]: [2013/01/24 17:53:03.371837, 0] > > auth/check_samsec.c:491(check_sam_security) > > Jan 24 17:53:03 VmPDC smbd[15115]: check_sam_security: > > make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL' > > Jan 24 17:53:04 VmPDC smbd[15115]: [2013/01/24 17:53:04.413597, 0] > > auth/check_samsec.c:491(check_sam_security) > > Jan 24 17:53:04 VmPDC smbd[15115]: check_sam_security: > > make_server_info_sam() failed with 'NT_STATUS_UNSUCCESSFUL' > > > > This configuration of samba > > > > [root@VmPDC ~]# testparm > > Load smb config files from /etc/samba/smb.conf > > Processing section "[netlogon]" > > Processing section "[profiles]" > > Loaded services file OK. > > Server role: ROLE_DOMAIN_PDC > > Press enter to see a dump of your service definitions > > > > [global] > > workgroup = GIS > > passdb backend = ldapsam:ldap://192.0.200.2/ > > log file = /var/log/samba/log.%U > > time server = Yes > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > SO_KEEPALIVE > > add user script = /usr/local/bin/smbldap-useradd -a -m -P "%u" > > delete user script = /usr/local/bin/smbldap-userdel -r "%u" > > add group script = /usr/local/bin/smbldap-groupadd -p "%g" > > delete group script = /usr/local/bin/smbldap-groupdel "%g" > > add user to group script = /usr/local/bin/smbldap-groupmod -m "%u" > > "%g" > > delete user from group script = /usr/local/bin/smbldap-groupmod -x > > "%u" "%g" > > set primary group script = /usr/local/bin/smbldap-usermod -g "%g" > > "%u" > > add machine script = /usr/local/bin/smbldap-useradd -w "%u" > > logon path = > > logon home = > > domain logons = Yes > > os level = 33 > > preferred master = Auto > > domain master = Yes > > ldap admin dn = cn=Manager,dc=sigesgroup,dc=intra > > ldap delete dn = Yes > > ldap group suffix = ou=group > > ldap machine suffix = ou=machines > > ldap passwd sync = yes > > ldap suffix = dc=sigesgroup,dc=intra > > ldap ssl = no > > ldap user suffix = ou=People > > idmap config * :range = 5000 - 50000 > > ldapsam:editposix = yes > > ldapsam:trusted = yes > > idmap config * : backend = ldap:ldap://192.0.200.2/ > > > > [netlogon] > > comment = Network Logon Service > > path = /home/netlogon > > guest ok = Yes > > > > [profiles] > > path = /home/profiles > > read only = No > > create mask = 0600 > > directory mask = 0700 > > > > why is not it working? > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
