Hi.
I think you are having a lot of trouble.
Take a look at:
http://samba.idealx.org/smbldap-howto.fr.html (it is in english).
And:
http://us1.samba.org/samba/docs/Samba-Guide.pdf (This is samba-3 by
example, use the pdf, the html is missing some images).
Look at chapter 6 and 7 (very good, but complement it with the url from
idealx).
There are only a couple of minor details in samba-3 by example,
otherwise it is an EXCELENT book (I would buy it, if I had the money :( ).
If you have any more questions, just ask.
c-ya!
Ildefonso Camargo
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Craig White wrote:
On Fri, 2004-07-16 at 13:39, abebe lsslp wrote:
Hey Craig,
Here is what's happening. I've got nothing, but
headache from looking at log level 10, but finally I
finished going over it. For those of you who have not
been following, check
http://150.208.105.24/smbldap-pdc.html
----
smbd/process.c:timeout_processing(1332)
timeout_processing: End of file from client
(client
has disconnected).
You are attempting to join WinXP to domain, are
asked for the
name/password/domain of a user who has sufficient
privileges to add a
machine to the domain and it fails to finish? The
machine is indeed
added to LDAP - that's all I can figure out from
your email.
First off - my understanding is that Machine
accounts should still be
located in the People subtree and not in the
Computers subtree because
subsequent searches will not locate it there. If
this has been fixed,
I'm sure someone will correct me.
I have tried it your way as well.
# 1
Changeed the Entry in '/etc/ldap.conf' to
nss_base_passwd ou=People,dc=wbcoll,dc=edu?one
nss_base_shadow ou=People,dc=wbcoll,dc=edu?one
nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
#2
changed the entry in '/etc/samba/smb.conf' file, I
changed
ldap machine suffix = ou=People
#3
and finally, the entry in
'/etc/smbldap-tools/smbldap.conf'
# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG"
computersdn="ou=People,dc=wbcoll,dc=edu"
However, I am sure the "ou =Computers" entry works. A
lot of documentations, including idealx.org would have
corrected their documentations if it wasn't so.
Secondly - ldap log?
I couldn't find any hint that leads me to believe the
ldap doesn't work, but you might see something I
don't. you will find the whole 'slapd.log' file here:
http://150.208.105.24/smbldap-pdc/. (there are also
log files for the xp machine. ('winxp.log.html' is log
level 10 and 'winxp_log.html' is log level 3). Log
level 10 doesn't really tell me anything log level 3
doesn't.
----
SID's don't match...
dn: uid=Administrator,ou=Users,dc=wbcoll,dc=edu
<snip>
sambaPrimaryGroupSID: S-1-5-21-952094410-1508517273-1204454084-512
sambaSID: S-1-5-21-952094410-1508517273-1204454084-2996
pdbedit -Lv testuser1
<snip>
User SID: S-1-5-21-1414736517-1990894286-2385622597-3000
Primary Group SID: S-1-5-21-1414736517-1990894286-2385622597-513
Who knows which SID is in smbldap_conf and which SID is in
dn=SambaDomainName,dc=wbcoll,dc=edu
This should be one of the first things you check.
Also - just for a point of reference (not that what I do is at all correct or even
recommended by the many people that know way more than I do), I set the primary posix
gid for all users to a posix labeled group and my /etc/samba/smbusers looks like this:
# cat /etc/samba/smbusers
# Unix_name = SMB_name1 SMB_name2 ...
root = Administrator administrator admin
nobody = guest pcguest smbguest
I hope this helps.
Craig
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
