[Samba] new problem: PDC is not member of own domain? (was: 'ldap machine suffix' is ignored?)

Thu, 10 Aug 2006 07:13:58 -0700 

Hi, all!

There is a share on PDC (Samba 3.0.23):

[Soft]
      comment = Software
      path = /st2/soft
      valid users = "@Domain Users"
      read only = No
      share modes = No

I do:

# cd /st2/soft
# touch testfile
# chown testuser:"Domain Users" testfile
# chmod a+rwx testfile
After logon on windows workstation (domain member) as testuser, I going to \\PDC\SOFT and try to read, write (all ok) and change permissions on testfile.
If I try to save new permissions (without extended acl's, but they are supported) I see error (in russian in original, translate not equal): "We havn't know about machine PDC - does it member of domain DOMAIN?" 


How can I resolve this problem? There is my [globals]:

[global]
      dos charset = CP1251
      unix charset = KOI8-R
      workgroup = DOMAIN
      server string = Server
      password server =
      passdb backend = ldapsam
      passwd program = /usr/local/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* 
      log level = 2
      log file = /var/log/samba/%m.log
      time server = Yes
      max smbd processes = 30
      add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
      delete user script = /usr/local/sbin/smbldap-userdel "%u"
      add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
      delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" 
      add machine script = /usr/local/sbin/smbldap-useradd -w %u
      logon script = logon.bat %U
      logon path =
      logon home =
      domain logons = Yes
      os level = 256
      domain master = Yes
      dns proxy = No
      wins support = Yes
      ldap admin dn = cn=root,dc=mydomain,dc=ru
      ldap delete dn = Yes
      ldap group suffix = ou=groups
      ldap idmap suffix = ou=idmap
      ldap machine suffix = ou=users
      ldap passwd sync = Yes
      ldap suffix = dc=mydomain,dc=ru
      ldap ssl = no
      ldap user suffix = ou=users
      idmap backend = ldap:ldap://localhost
      idmap uid = 10000-20000
      idmap gid = 10000-20000
      winbind use default domain = Yes
      admin users = "@Domain Admins"
      hosts allow = 85.114.8.128/255.255.255.128
      hosts deny = ALL
      map acl inherit = Yes

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to