[Samba] samba3 PDC+ldap domain logon problem

David Caplan Tue, 22 Jun 2004 10:42:26 -0700

Hi,

I've got an issue with a samba 3 PDC with an ldap backend. I get a logon
failure (unknown username or bad password) when trying to add a win2k
box to the domain. I'm using Mandrake with Samba 3.0.2a and openldap 2.1.22. 
I am able to set up the workgroup on the w2k box, and access folders for
users registered in the ldap database, however I am not able to join the
domain with the user Administrator.


Any ideas on where I can look to find errors or test another way? (I cant find anything
in the ldap logs or the samba logs).

Please CC me any response, as I'm not subscribed to the list.

Thanks.
- David

---Some relevant smb.conf

[global]

    ...
        username map = /etc/samba3/smbusers
        obey pam restrictions = No
        ldap passwd sync = yes
        passdb backend = ldapsam:ldap://127.0.0.1/
        unix password sync = yes
        pam password change = yes
        passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n 
*LDAP*password*information*changed*for*dcaplan*\n 
*passwd:*all*authentication*tokens*updated*successfully* 
        ldap admin dn = cn=root,dc=cloudraker,dc=com
    ldap suffix = dc=cloudraker,dc=com
    ldap group suffix = ou=Group
    ldap user suffix = ou=People
    ldap machine suffix = ou=Hosts
    ldap idmap suffix = ou=People
    ldap ssl = off 
    #ldap ssl = start tls
    add user script = /usr/bin/smbldap-useradd3 -m "%u"
    ldap delete dn = Yes
    delete user script = /usr/bin/smbldap-userdel3 "%u"
    add machine script = /usr/bin/smbldap-useradd3 -w "%u"
    add group script = /usr/bin/smbldap-groupadd3 -p "%g" 
    #delete group script = /usr/bin/smbldap-groupdel3 "%g"
    add user to group script = /usr/bin/smbldap-groupmod3 -m "%u" "%g"
    delete user from group script = /usr/bin/smbldap-groupmod3 -x "%u" "%g"
    set primary group script = /usr/bin/smbldap-usermod3 -g "%g" "%u"
        os level = 65
        security = user
        logon path = \\%L\profiles\%U
        logon drive = U:
        update encrypted = Yes
        encrypt passwords = yes
        domain master = yes
        domain logons = yes
        local master = yes
        preferred master = yes
        guest ok = no
        admin users = root Administrator
        
        #wins support = yes
        #wins proxy = yes
----


--
David Caplan <david at david.ath.cx>
Key fingerprint: AADC 53B6 D5FB 31FE E191  4E9A 8D5D 2952 9358  

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] samba3 PDC+ldap domain logon problem

Reply via email to