What is your guest user in smb.conf ? check if is not nobody, the guest acoutn is used by samba for first connection.
----------------------------------- St�phane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a �crit sur 10/06/2005 16:20:56 : > I have tried to create a samba domain with a ldap backend. > > This is how my ldap structure looks like. > > # example.com > dn: dc=example,dc=com > objectClass: dcObject > objectClass: organization > o: example > dc: example > > # groups, example.com > dn: ou=groups,dc=example,dc=com > objectClass: organizationalUnit > ou: groups > > # Domain Admins, groups, example.com > dn: cn=Domain Admins,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 512 > cn: Domain Admins > memberUid: root > description: Netbios Domain Administrators > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-512 > sambaGroupType: 2 > displayName: Domain Admins > > # Domain Users, groups, example.com > dn: cn=Domain Users,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 513 > cn: Domain Users > description: Netbios Domain Users > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-513 > sambaGroupType: 2 > displayName: Domain Users > > # Domain Guests, groups, example.com > dn: cn=Domain Guests,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 514 > cn: Domain Guests > description: Netbios Domain Guests Users > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-514 > sambaGroupType: 2 > displayName: Domain Guests > > # computers, example.com > dn: ou=computers,dc=example,dc=com > objectClass: organizationalUnit > ou: computers > > # PDC, example.com > dn: sambaDomainName=PDC,dc=example,dc=com > objectClass: sambaDomain > sambaDomainName: PDC > sambaNextGroupRid: 90000 > sambaNextUserRid: 90000 > sambaSID: S-1-5-21-3527759599-3696857034-3584459987 > sambaNextRid: 90000 > > # people, example.com > dn: ou=people,dc=example,dc=com > objectClass: organizationalUnit > ou: people > > # root, people, example.com > dn: uid=root,ou=people,dc=example,dc=com > uid: root > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-500 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-512 > displayName: root > sambaAcctFlags: [U ] > objectClass: account > objectClass: sambaSamAccount > sambaPwdMustChange: 2147483647 > sambaLMPassword: 63D2114DE42F744B30A84C4AFE5AFFFF > sambaNTPassword: 5460FB29D247C383F63E1E3A417FC39B > sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 > 00000000 > sambaPwdCanChange: 1118395221 > sambaPwdLastSet: 1118395221 > > # win2k$, Computers, example.com > dn: uid=win2k$,ou=Computers,dc=example,dc=com > uid: win2k$ > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-3022 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-1201 > objectClass: sambaSamAccount > objectClass: account > displayName: win2k$ > sambaPwdMustChange: 2147483647 > sambaAcctFlags: [W ] > sambaPwdCanChange: 1118395893 > sambaNTPassword: 5C70F10A2EAD0B4FE5588114C98ED1ED > sambaPwdLastSet: 1118395893 > > # Martin Hallgren, people, example.com > dn: cn=Martin Hallgren,ou=people,dc=example,dc=com > objectClass: inetOrgPerson > objectClass: organizationalPerson > objectClass: person > objectClass: posixAccount > objectClass: top > objectClass: krb5Principal > objectClass: krb5KDCEntry > objectClass: sambaSamAccount > krb5PrincipalName: [EMAIL PROTECTED] > krb5KeyVersionNumber: 1 > krb5MaxLife: 86400 > krb5MaxRenew: 604800 > krb5KDCFlags: 126 > cn: Martin Hallgren > givenName: Martin > mail: [EMAIL PROTECTED] > sn: Hallgren > uid: martin > uidNumber: 1050 > gidNumber: 100 > homeDirectory: /home/martin > loginShell: /bin/bash > sambaAcctFlags: [U ] > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-3250 > sambaPwdCanChange: 1118395383 > sambaPwdMustChange: 2147483647 > sambaLMPassword: 01FC5A6BE7BC6929AAD3B435B51404EE > sambaNTPassword: 0CB6948805F797BF2A82807973B89537 > sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 > 00000000 > sambaPwdLastSet: 1118395383 > > # nobody, people, example.com > dn: uid=nobody,ou=people,dc=example,dc=com > objectClass: account > objectClass: sambaSamAccount > objectClass: posixAccount > uid:: bm9ib2R5ICAgICAgICAgICAgICAgICA= > sambaPwdLastSet: 0 > sambaLogonTime: 2147483647 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaPwdCanChange: 2147483647 > sambaPwdMustChange: 2147483648 > displayName: Nobody > cn: Nobody > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-501 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-514 > gecos:: Tm9ib2R5IG9yIEd1ZXN0ICAgICAgIA== > homeDirectory:: L2Rldi9udWxsICAgICAgICAgICAgIA== > loginShell:: L2Rldi9udWxsICAgICA= > uidNumber: 65534 > gidNumber: 65534 > sambaAcctFlags: [UX ] > > # Morgan Hallgren, people, example.com > dn: cn=Morgan Hallgren,ou=people,dc=example,dc=com > objectClass: inetOrgPerson > objectClass: organizationalPerson > objectClass: person > objectClass: posixAccount > objectClass: top > objectClass: krb5Principal > objectClass: krb5KDCEntry > objectClass: sambaSamAccount > krb5PrincipalName: [EMAIL PROTECTED] > krb5KeyVersionNumber: 1 > krb5MaxLife: 86400 > krb5MaxRenew: 604800 > krb5KDCFlags: 126 > cn: Morgan Hallgren > givenName: Morgan > mail: [EMAIL PROTECTED] > sn: Hallgren > uid: moja > uidNumber: 1000 > gidNumber: 100 > homeDirectory: /home/morgan > loginShell: /bin/bash > sambaAcctFlags: [U ] > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-3000 > sambaPwdMustChange: 2147483647 > sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 > 00000000 > sambaPwdCanChange: 1118412748 > sambaLMPassword: 44EFCE164AB921CAAAD3B435B51404EE > sambaNTPassword: 32ED87BDB5FDC5E9CBA88547376818D4 > sambaPwdLastSet: 1118412748 > > # nobody, groups, example.com > dn: cn=nobody,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 501 > cn: nobody > memberUid: nobody > description: Netbios Domain nobody > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-501 > sambaGroupType: 2 > displayName: Domain nobody > > > And smb.conf > > netbios name = samba > workgroup = PDC > server string = PDC [on Gentoo :: Samba server %v] > > hosts allow = 192.168.0.0/24 127.0.0.0/8 > security = user > encrypt passwords = yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > interfaces = lo eth0 > bind interfaces only = yes > > local master = yes > #os level = 65 > os level = 99 > domain master = yes > preferred master = yes > enable privileges = yes > null passwords = no > hide unreadable = yes > hide dot files = yes > > domain logons = yes > logon script = login.bat OR %U.bat > logon path = \\%L\%U\profile > logon drive = H: > logon home = \\%L\%U\.9xprofile > #logon home = \\%L\%u\.win_profile\%m > > #logon path = > #logon home = > > wins support = yes > name resolve order = wins lmhosts hosts bcast > dns proxy = no > > time server = yes > log file = /var/log/samba/log.%m > max log size = 50 > > #smb passwd file = /var/lib/samba/private/smbpasswd > > passdb backend = ldapsam:ldap://kerberos.example.com > ldap ssl = start tls > ldap suffix = dc=example,dc=com > ldap user suffix = ou=people,dc=example,dc=com > ldap group suffix = ou=groups,dc=example,dc=com > ldap machine suffix = ou=computers,dc=example,dc=com > # FYI, the password for this user is stored in > # /etc/samba/secrets.tdb. It is created by running > # 'smbpasswd -w passwd' > ldap admin dn = cn=manager,dc=example,dc=com > > #add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > > > #syncningen med kerberos l�senorden > passwd chat debug = yes > debug level = 100 > #ldap password sync = yes > #obey pam restrictions = no > #unix password sync = yes > #passwd program = /usr/sbin/kadmin -l passwd [EMAIL PROTECTED] > #passwd chat = "*" %n\r "*" %n\r "*" > > unix charset = ISO8859-1 > > [netlogon] > path = /var/lib/samba/netlogon > public = no > writeable = no > browseable = no > > [profiles] > path = /home/%u/profile > browseable = no > writeable = yes > default case = lower > preserve case = no > short preserve case = no > case sensitive = no > hide files = /desktop.ini/ntuser.ini/NTUSER.*/ > create mode = 0600 > directory mode = 0700 > > [homes] > path = /home/%U > browseable = no > valid users = %S > writable = yes > guest ok = no > inherit permissions = yes > > [public] > comment = Public Stuff > path = /var/lib/samba/profiles > public = yes > writeable = yes > browseable = yes > write list = @users > > I have joined the computer win2k to the domain and I can log in as the > user moja. But then I try to open his home dir slapd is searching for > the nobody user. > > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=1 BIND > dn="cn=manager,dc=example,dc=com" mech=SIMPLE ssf=0 > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=1 RESULT tag=97 err=0 > text= > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=2 SRCH > base="ou=people,dc=example,dc=com" scope=1 > filter="(&(objectClass=posixAccount)(uid=nobody))" > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=2 SRCH attr=uid > userPassword uidNumber gidNumber cn homeDirectory loginShell gecos > description objectClass > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=2 SEARCH RESULT tag=101 > err=0 nentries=1 text= > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=3 SRCH > base="ou=people,dc=example,dc=com" scope=1 > filter="(&(objectClass=posixAccount)(uid=nobody))" > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=3 SEARCH RESULT tag=101 > err=0 nentries=1 text= > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=4 SRCH > base="ou=Groups,dc=example,dc=com" scope=1 > filter="(&(objectClass=posixGroup)(|(memberUid=nobody) > (uniqueMember=uid=nobody,ou=people,dc=example,dc=com)))" > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=4 SRCH attr=gidNumber > Jun 10 15:49:39 st_olof slapd[7003]: <= bdb_equality_candidates: > (uniqueMember) index_param failed (18) > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=5 SRCH > base="ou=Groups,dc=example,dc=com" scope=1 > filter="(&(objectClass=posixGroup)(uniqueMember=cn=nobody,ou=groups, > dc=example,dc=com))" > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=5 SRCH attr=gidNumber > Jun 10 15:49:39 st_olof slapd[7004]: <= bdb_equality_candidates: > (uniqueMember) index_param failed (18) > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=4 SEARCH RESULT tag=101 > err=0 nentries=1 text= > Jun 10 15:49:39 st_olof slapd[7004]: conn=93 op=5 SEARCH RESULT tag=101 > err=0 nentries=0 text= > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=6 SRCH > base="ou=group,dc=example,dc=com" scope=2 > filter="(&(objectClass=posixGroup)(uniqueMember=cn=nobody,ou=groups, > dc=example,dc=com))" > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=6 SRCH attr=gidNumber > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=6 RESULT tag=101 err=32 > text= > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=7 SRCH > base="ou=group,dc=example,dc=com" scope=2 > filter="(&(objectClass=posixGroup)(|(memberUid=nobody) > (uniqueMember=uid=nobody,ou=people,dc=example,dc=com)))" > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=7 SRCH attr=gidNumber > Jun 10 15:49:39 st_olof slapd[7003]: conn=93 op=7 RESULT tag=101 err=32 > text= > Jun 10 15:49:39 st_olof slapd[7003]: conn=92 op=4 SRCH > base="ou=groups,dc=example,dc=com,dc=example,dc=com" scope=2 > filter="(&(objectClass=sambaGroupMapping)(gidNumber=501))" > > This hangs the system for som secunds. Does anyone know way this > happends and how to get around it? > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
