I have samba with ldap setup and seems to be running, just I am having trouble having pc's join the domain.
The samba/ldap server is running debian sarge (when it was testing, haven't updated since) so samba 3.0.14a-13 and slapd 2.2.23-5. Client pc is windows 2000, and various linux's. smbldap-tools 0.9.1 If I try to join the domain with no entry in the Computers group, windows says there is a bad username and the log file looks like this. [2005/06/14 19:01:12, 2] smbd/server.c:exit_server(609) Closing connections [2005/06/14 19:01:12, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2005/06/14 19:01:12, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: root [2005/06/14 19:01:12, 2] passdb/pdb_ldap.c:init_group_from_ldap(2000) init_group_from_ldap: Entry found for group: 512 [2005/06/14 19:01:12, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2005/06/14 19:01:12, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2580) Returning domain sid for domain LDAPDOMAIN -> S-1-5-21-3007768992-1764342258-1846594437 [2005/06/14 19:01:13, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) _samr_create_user: Running the command `/usr/local/sbin/smbldap-useradd -w "ldap-test$"' gave 9 [2005/06/14 19:01:13, 2] smbd/server.c:exit_server(609) Closing connections I'm not sure what the "gave 9" error means or where to look it up. But the ldap-test$ entry gets created without a sambaSAMAccount objectclass. If I run "smbldap-adduser -w ldap-test$" (after removing the existing ldap-test$ entry) it will create the entry but it doesn't have a sambaSAMAcount objectclass. And it won't join the domain. If I create a local user in /etc/passwd and then user smbpasswd -m -a it will create the ldap entry in Computers but it has no posix objectclass. BUT it will allow me to join the pc to the domain. The only problem then (not sure if it's related or not), is that the only user that can login is the root user used to join the pc to the domain, any other users created with smbldap-adduser -a won't authenticate. Any users created with the smbldap scripts can authenticate against any of the linux boxes setup to authenticate against ldap. [2005/06/14 21:36:27, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2005/06/14 21:36:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: ldap-test$ [2005/06/14 21:37:07, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: windowsguy [2005/06/14 21:37:08, 1] auth/auth_util.c:make_server_info_sam(840) User windowsguy in passdb, but getpwnam() fails! [2005/06/14 21:37:08, 0] auth/auth_sam.c:check_sam_security(324) check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER' [2005/06/14 21:37:08, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [windowsguy] -> [windowsguy] FAILED with error NT_STATUS_NO_SUCH_USER then as root [2005/06/14 21:38:21, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: root [2005/06/14 21:38:22, 2] passdb/pdb_ldap.c:init_group_from_ldap(2000) init_group_from_ldap: Entry found for group: 512 [2005/06/14 21:38:22, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2005/06/14 21:38:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: root [2005/06/14 21:38:25, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2005/06/14 21:38:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(499) init_sam_from_ldap: Entry found for user: root [2005/06/14 21:38:25, 1] smbd/service.c:make_connection_snum(642) ldap-test (192.16.240.141) connect to service profiles initially as user root (uid=0, gid=0) (pid 14108) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
