Re: [Samba] cannot add new machines to domain

Thu, 29 May 2008 06:23:54 -0700 


Rubin Bennett schrieb:

On Thu, 2008-05-29 at 10:21 +0200, David Böhm wrote:

Hi,


i have running samba with ldap as a PDC. The PDC works fine, except 
adding new computer to the domain. The Computer how was added 2-3 Years 
ago works fine, but i cannot add new PCs to the domain.



The samba log says to remove the paramtere 'algorithmic rid base' and 
use 'net groupmap add' and 'net setmaxrid'. The command "net setmaxrid" 
is not existent.



For me it is important to add the new PCs to the Domain. So is there any 
way to add the PCs on Server side? Or any other workaround - it does not 
matter how.


I hope you can help me! :)


log.smb:
[2008/05/28 09:57:15, 0] passdb/pdb_interface.c:pdb_new_rid(1072)

   'algorithmic rid base' is set but a passdb backend without 
algorithmic RIDs is chosen.
   Please map all used groups using 'net groupmap add', set the maximum 
used RID using

   'net setmaxrid' and remove the parameter


smb.conf:
[global]
         workgroup = FAB
         server string = zeus

         interfaces = 195.72.98.12/255.255.255.240, 
10.14.45.12/255.255.255.0

         map to guest = Bad User
         passdb backend = ldapsam
         algorithmic rid base = 5000
         log level = 1
         log file = /var/log/log.smb
         smb ports = 139
         name resolve order = wins hosts bcast lmhosts
         time server = Yes
         deadtime = 15
         socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
         printcap name = cups
         add user script = ldapsmb -a -u "%u"
         delete user script = ldapsmb -d -u "%u"
         add group script = ldapsmb -a -g "%g"
         delete group script = ldapsmb -d -g "%g"
         add user to group script = ldapsmb -j -u "%u" -g "%g"
         delete user from group script = ldapsmb -r -u "%u" -g "%g"
         set primary group script = ldapsmb -m -u "%u" -gid "%g"
         add machine script = ldapsmb -a -w "%u" -gid 515
         logon script = kix32 fab_login.scr
         logon path = \\%L\profiles\%U
         logon drive = h:
         domain logons = Yes
         os level = 65
         preferred master = Yes
         domain master = Yes
         wins support = Yes
         ldap admin dn = cn=Manager,dc=fab,dc=fh-wiesbaden,dc=de
         ldap group suffix = ou=Groups
         ldap machine suffix = ou=People
         ldap passwd sync = Yes
         ldap suffix = dc=fab,dc=fh-wiesbaden,dc=de
         ldap ssl = no
         ldap user suffix = ou=People
         admin users = @ntadmin, root

         hosts allow = 10.14.40., 10.14.41., 10.14.42., 10.14.45., 
10.14.43., 10.14.44., 10.10.57.

         printing = cups
         print command =
         lpq command = %p
         lprm command = /usr/bin/lprm -P%p %j
         veto files = /*.eml/*.nws/riched20.dll/*.{*}/


SW:
Opensuse 10.3 64bit
Samba 3.0.26a
Openldap: 2.3.37




Best regards,

  -  David Böhm


I'm guessing that somewhere along the line you upgraded your server and
moved your Samba install to the new box?

This has happened to me several times and there are a few items in the
config that need to be added for later versions of Samba to work as
expected.

In the global section, add
enable privileges = yes

And see if that works.

HTH, Rubin



Hi,

your supposition is right. There was a upgrade to a new box.


The option you describe is already set. I don't know why it is not 
listed above. Maybe testparam doesn't dump the complete config?


Here is the config with cat! :)


Thx for supporting me!

best regards,

David

smb.conf:
# smb.conf is the main samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SuSE
# Date: 2002-09-12
#
#
[global]
        workgroup = FAB
        netbios name = zeus
        server string = zeus
        map to guest = Bad User
        encrypt passwords = yes
        enable privileges = yes

        passdb backend = ldapsam
      ldap admin dn = cn=Manager,dc=fab,dc=fh-wiesbaden,dc=de
      ldap suffix = dc=fab,dc=fh-wiesbaden,dc=de
      ldap group suffix = ou=Groups
      ldap user suffix = ou=People
      ldap machine suffix = ou=People

      ldap ssl = no
      ldap passwd sync = yes

              add user script = ldapsmb -a -u "%u"
           delete user script = ldapsmb -d -u "%u"
           add machine script = ldapsmb -a -w "%u" -gid 515
             add group script = ldapsmb -a -g "%g"
          delete group script = ldapsmb -d -g "%g"
     add user to group script = ldapsmb -j -u "%u" -g "%g"
delete user from group script = ldapsmb -r -u "%u" -g "%g"
     set primary group script = ldapsmb -m -u "%u" -gid "%g"

        algorithmic rid base = 5000

        local master = yes
        preferred master = yes
        os level = 65
        time server = Yes
        unix extensions = Yes
        admin users = @ntadmin root
      log level = 1
        log file = /var/log/log.smb
        load printers = yes
        printing = cups
        printcap name = cups
      lprm command = /usr/bin/lprm -P%p %j
      default devmode = yes
        socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
        wins support = yes
      dns proxy = yes
        name resolve order = wins hosts bcast lmhosts
        veto files = /*.eml/*.nws/riched20.dll/*.{*}/

        domain master = yes
        domain logons = yes
        logon script = kix32 fab_login.scr
        logon path = \\%L\profiles\%U
        logon drive = h:


  hosts allow = 
10.14.40.,10.14.41.,10.14.42.,10.14.45.,10.14.43.,10.14.44.,10.10.57.

        interfaces = 195.72.98.12/255.255.255.240 10.14.45.12/255.255.255.0

        deadtime = 15
      dos charset = CP850
      unix charset = UTF-8
      display charset = LOCALE
      smb ports = 139



# smb.conf is the main samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SuSE
# Date: 2002-09-12
#
#
[global]
        workgroup = FAB
        netbios name = zeus
        server string = zeus
        map to guest = Bad User
        encrypt passwords = yes
        enable privileges = yes

        passdb backend = ldapsam
      ldap admin dn = cn=Manager,dc=fab,dc=fh-wiesbaden,dc=de
      ldap suffix = dc=fab,dc=fh-wiesbaden,dc=de
      ldap group suffix = ou=Groups
      ldap user suffix = ou=People
      ldap machine suffix = ou=People

      ldap ssl = no
      ldap passwd sync = yes

              add user script = ldapsmb -a -u "%u"
           delete user script = ldapsmb -d -u "%u"
           add machine script = ldapsmb -a -w "%u" -gid 515
             add group script = ldapsmb -a -g "%g"
          delete group script = ldapsmb -d -g "%g"
     add user to group script = ldapsmb -j -u "%u" -g "%g"
delete user from group script = ldapsmb -r -u "%u" -g "%g"
     set primary group script = ldapsmb -m -u "%u" -gid "%g"

        algorithmic rid base = 5000

        local master = yes
        preferred master = yes
        os level = 65
        time server = Yes
        unix extensions = Yes
        admin users = @ntadmin root
      log level = 1
        log file = /var/log/log.smb
        load printers = yes
        printing = cups
        printcap name = cups
      lprm command = /usr/bin/lprm -P%p %j
      default devmode = yes
        socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
        wins support = yes
      dns proxy = yes
        name resolve order = wins hosts bcast lmhosts
        veto files = /*.eml/*.nws/riched20.dll/*.{*}/

        domain master = yes
        domain logons = yes
        logon script = kix32 fab_login.scr
        logon path = \\%L\profiles\%U
        logon drive = h:

  hosts allow = 
10.14.40.,10.14.41.,10.14.42.,10.14.45.,10.14.43.,10.14.44.,10.10.57.
        interfaces = 195.72.98.12/255.255.255.240 10.14.45.12/255.255.255.0

        deadtime = 15
      dos charset = CP850
      unix charset = UTF-8
      display charset = LOCALE
      smb ports = 139


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba





















					Reply via email to