I am running Samba 3.0.2 as a PDC on a Fedora Core 1 machine using openldap as the password backend. I think I've got all the openldap stuff working. I can log in, ssh, etc. using ldap accounts.
When I try to join an XP machine to the domain, I get an error on the XP machine that reads: The following error occurred attempting to join the domain "TIMBERLINE": The user name could not be found. When I check the logs, it is clear that the authentication succeeded and the script to add a machine account completed successfully. So I can't figure out what is causing the error. Any help would be much appreciated! Dan Meigs -------- My smb.conf file is as follows: #======================= Global Settings ========= [global] log level = 3 workgroup = TIMBERLINE netbios name = RAINIER security = user encrypt passwords = yes username map = /etc/samba/smbusers add user script = /usr/local/sbin/smbldap-useradd.pl -a -m '%u' delete user script = /usr/local/sbin/smbldap-userdel.pl '%u' add group script = /usr/local/sbin/smbldap-groupadd.pl -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel.pl '%g' add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m '%g' '%u' delete user from group script = /usr/local/sbin/smbldap-groupmod.pl -x '%g' '%u' set primary group script = /usr/local/sbin/smbldap-usermod.pl -g '%g' '%u' add machine script = /usr/local/sbin/smbldap-useradd.pl -w '%m' ldap admin dn = "cn=Manager,dc=tlinenm,dc=com" ldap ssl = start tls passdb backend = ldapsam:ldap://rainier.tlinenm.com ldap delete dn = no ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap suffix = dc=tlinenm,dc=com ldap filter = (&(uid=%u)(objectclass=sambaSamAccount)) server string = Samba Server on Rainier hosts allow = 192.168.0. 127. printcap name = cups printing = cups log file = /var/log/samba/%m.log max log size = 500 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 35 domain master = yes preferred master = yes domain logons = yes wins support = yes dns proxy = yes #============================ Share Definitions ============== [homes] comment = Home Directories browseable = no writable = yes [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writable = no share modes = no [Profiles] path = /home/profiles browseable = no guest ok = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes --------- The smb log file is as follows (log level 2): [2004/06/29 12:35:07, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462) init_sam_from_ldap: Entry found for user: root [2004/06/29 12:35:07, 2] passdb/pdb_ldap.c:init_group_from_ldap(1697) init_group_from_ldap: Entry found for group: 512 [2004/06/29 12:35:07, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [Administrator] -> [root] -> [root] succeeded [2004/06/29 12:35:07, 2] lib/access.c:check_access(324) Allowed connection from (192.168.0.98) [2004/06/29 12:35:08, 2] smbd/server.c:exit_server(558) Closing connections [2004/06/29 12:35:09, 2] passdb/pdb_ldap.c:init_sam_from_ldap(462) init_sam_from_ldap: Entry found for user: root [2004/06/29 12:35:09, 2] passdb/pdb_ldap.c:init_group_from_ldap(1697) init_group_from_ldap: Entry found for group: 512 [2004/06/29 12:35:09, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [Administrator] -> [root] -> [root] succeeded [2004/06/29 12:35:09, 2] lib/access.c:check_access(324) Allowed connection from (192.168.0.98) [2004/06/29 12:35:09, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain TIMBERLINE -> S-1-5-21-1936347354-1918943746-3536452940 [2004/06/29 12:35:10, 2] smbd/server.c:exit_server(558) Closing connections -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
