[Samba] Can someone verify my checklist?

[PHELPS, SCOTT]

Hi guys,

Here's what I'm doing:
Upgrading fro Samba 2.2.8a to Samba 3.0.2a
Simultaneously migrating to a new server.

My checklist:(*)=done , (-) = remaining 
* Download and install Samba 3.0.2a on the new server
* Clone (by hand) hostname, sldapd, nssswitch
* Hand edit new smb.conf to match the old config.
* Export ldif file from old LDAP db
* Dump old Domain SID using smbpassword -X
* Convert ldif using ConvertSambaAccount --sid 
* Start new LDAP server and import new ldif file.
- Stop old server and copy all home directories to new server.
- Start new Samba Server and test..

I am hoping that cloning the SID and keeping the same server name that
my 65 Windows clients will not know the difference and everything will
be transparent.  I definitely want to avoid new profile creation, you
know?  Can anyone confirm that I have not forgotten anything? 

Thanks in advance..

-- 
Scott Phelps

Linux: $ su - root  --  Windows: (reboot)


-- 
Scott Phelps
Regional IT Manager
Ridgway's, LTD.
5001 Cleveland Street
Virginia Beach, VA  23462
757-490-2305
 
---
Linux: $ su - root  --  Windows: (reboot)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: Re[2]: [Samba] Samba problem

[PHELPS, SCOTT]

 -Original Message-
 From: [EMAIL PROTECTED]
[mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Àíäðåé
Åäóíîâ
 Sent: Tuesday, August 19, 2003 3:55 AM
 To: [EMAIL PROTECTED]
 Subject: Re[2]: [Samba] Samba problem
 
  I know this is stating the obvious, but it appears that the server
is
  unreachable.  A few questions:
 
  - Can you ping Samba Server and 'password server'?
  - Are you using hostname or IP as 'password server='
 
 
  We need more info to help you..  ;-)
 
 
  --
  Scott
  --
 
 Thanks for replay Scott!
 
 Sure I can ping both of this servers (but they in the different
 subnetworks)
 I'm using hostname as 'password server=', but after your advice i
replace
 this string to IP, the same problem.
 
 and one more thing, in Event Log if 'password server' i got the
following
 message:
 
 Can't determinate username or hostname. Returned code 1326.
 
 Any ideas?

You'll have to crank up debugging to like 3 or 4 and watch the output.
Also if it works for a while and then stops then you may have other
issues.  You'll have to isolate it via normal IT detective work.  :)

Then you can submit an effective bug report if necessary.

--
Scott
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] XP Local Group add prblem - Object Picker Incomplete

[PHELPS, SCOTT]

Hey troops!

Well, it seems that I'm the one that needs some helps this time.

Here's the situation.

I've got a suXP Pro box with SP1 on it that whenever I try to add any
'domain_user' to any 'local_group' it gives me the following error
message:

Information returned from the object picker for object username was
incomplete.  The object will not be processed.

A couple notes:
1. This is not a problem on Windoze 2K or NT

2. I have fixed the three relevant Registry keys:
(HKEY_LOCAL_MACHINE\SYSTEM\ControlSetXXX\Services\Netlogon\Parameters\re
quiresignorseal = 0)
(HKEY_LOCAL_MACHINE\SYSTEM\ControlSetXXX\Services\Netlogon\Parameters\re
quirestrongkey = 0)

3. I changed the following Group policy to 'enabled':
Computer Configuration\Administrative Templates\System\User Profiles\Do
not check for user ownership of Roaming Profile Folders

4. The XP box is a domain member with a machine$ account.  It has Domain
Admins in the Local Admins Group, as well as Domain Users in the Local
Users Group.  If I add the user to the 'domain admin group' on Samba she
does inherit Local Admin rights.  So every thing is working fine
**except** the ability to add a user specifically from the Domain to the
Local Group!

4. I have Googled for days, and nobody has come up with an answer in
previous postings.
FYI: An example search
http://www.mail-archive.com/cgi-bin/htsearch?method=andformat=shortcon
fig=samba_lists_samba_orgrestrict=exclude=words=object+picker+


Thank's!

--
Scott
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba problem

[PHELPS, SCOTT]

 -Original Message-
 From: [EMAIL PROTECTED]
[mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Àíäðåé
Åäóíîâ
 Sent: Monday, August 18, 2003 11:32 AM
 To: [EMAIL PROTECTED]
 Subject: [Samba] Samba problem
 
 Hi list!
 
 I have some problem with my Samba samba-2.2.5-178
 I'm using the following config:
 
 
 security = SERVER
 password server = some_server.com
 
 
 All work fine some time (about 30 minutes). After that I receive the
 message in Samba log:
 
 [2003/08/18 14:11:27, 0] lib/util_sock.c:write_socket_data(499)
 write_socket_data: write failure. Error = Connection reset by peer
 
 After this message when I try to map some shared resource using net
use
 command on Windows box, I receive the next message:
 
 [2003/08/18 14:21:28, 1] smbd/password.c:server_validate(1099)
 password server is not connected
 [2003/08/18 14:21:28, 1] smbd/password.c:pass_check_smb(545)
 Couldn't find user 'and' in passdb.
 
 What does it mean? And how can I close this problem?

I know this is stating the obvious, but it appears that the server is
unreachable.  A few questions:

- Can you ping Samba Server and 'password server'?
- Are you using hostname or IP as 'password server='


We need more info to help you..  ;-)


-- 
Scott
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Adding Windows servers to a Samba PDC network

[PHELPS, SCOTT]

 -Original Message-
 From: [EMAIL PROTECTED]
[mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Jason
Williams
 Sent: Monday, August 18, 2003 4:27 PM
 To: [EMAIL PROTECTED]
 Subject: [Samba] Adding Windows servers to a Samba PDC network
 
 Hi everyone.
 
 Just wanted to ask a question here.
 
 We are running RH 7.3 as our samba PDC. Everything is working great
and im
 really enjoying the setup.
 
 However, we need to add two Windows 2000 Adv. Servers to our Domain
 because
 of software that we run on this.
 
 I probably already know the answer, but I figured I would ask this
anyway.
 
 The default account on the Windows servers is administrator. I've
added an
 account to our Samba PDC called administrator.
 
 If i'm correct, all I should have to do is log into the Windows box,
and
 join the computer to my domain using the 'root' account, correct?

Correct.  You will then have access to the Domain Administrator object
of your Samba Domain.

Watch out for XP Pro though!  (see the last post this morning by me!)

 Only reason im asking this is because im trying to figure out how to
use
 the default Windows 'administrator' account correctly on our network.
 For instance, im not sure if anyone is familiar with the 'Run As'
feature
 in Windows 2000, but that is something I would like to be able to use
when
 I join my Windows 2000 client machines to the domain and the 'Run As'
 feature relies on the Windows 'administrator account.
 
 I appreciate everyone.

Correct me if I am wrong, but I don't believe you can run an executable
as a Domain Administrator, you can only run it as the Local Admin.

-- Scott


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] DID IT! - Samba 2.2.8a+LDAP+PDC

[PHELPS, SCOTT]

I am so stoked I just had to share this with y'all.

I just SEAMLESSLY migrated all of my machines and users over to my new
Gentoo Linux Server.

I even kept the same: domain name and old PDC NetBios name.
The trickiest part was getting all of the users to keep their same
profile, but I managed that by cloning the RID and Lanman/NT hashes for
the user accounts.

Free at last!

# include much_backpatting.h

-- Scott 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] SWAT Issue

[PHELPS, SCOTT]

AUTH is uttering the following error when I try to log into SWAT as root

[from log file]
PAM_smbpass[639]: Failed to find entry for user root.

I never recalled swat wanting a root account in secrets.tdb to do this

PS
/etc/xinetd.d/swat is configured properly (i.e. turned on for user
root)

Thanks!
--
Scott
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Need help taking over my Windoze Domain

[PHELPS, SCOTT]

Hi again,

My goal here is to 'fdisk' my Windoze PDC, and I think I just need a little more 
help

OK, I've susccessfully set up Samba 2.2.8a and OpenLDAP 2.0.27.  I was able to join a 
XP,NT, and 2000 box to a new test domain, and log into it.

Now I want to shut down my WindowsPDC, change my NetBios and workgroup name on my 
Samba server, and have it take over without anybody knowing it.

I tried this last night, but it didn't work as planned.  I know I need to run 
'smbpasswd -S' to get the Domain SID from the WinPDC.  But what else do I need to 
do... (see Question 3)

Question 1)  Are the smbldap-tools (smbldap-migrate-accounts.pl) capable of importing 
machine$ SIDs proprely.  Also, why do I have to run smbpasswd username even though I 
have an entry in objectClass=SambaAccount?  Is it a correct conclusion that secrets.tb 
is needed although you are using LDAP?  I can't fit those pieces together in my 
brain..   For some reason I have not had good results from these tools.  I always have 
to create users/machines manually from an self-created LDIF file for Samba to play 
nice with it LDAP.

Question 2)  Is Samba 3 stable enough to run in a critical production environment.  In 
reading the posts here I seems that it is more suited to run as a PDC w/LDAP with alot 
more features.  What are the real-world advantages/problems you have discovered by 
upgrading.  Opinions welcome!

Question 3) What is the proper way to take over a Windows Domain with Samba?

Again, thanks for the input and help!

-- Scott Phelps
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba-2.2.8a /LDAP can't join domain

[PHELPS, SCOTT]

On Sat, 2003-07-12 at 01:43, Chee Wai Yeung wrote:
Hi,
 
 have you checked your smb logs? Is the smbd talking to
 your ldap server as a start? Also try to check your
 ldap logs to see if any searches were made to your
 ldap server when the join took place. smbd should be
 searching for something in the line of
 
 ((uid=MYMACHINE$)(objectclass=sambaAccount))
 
 Hope this can help your troubleshooting.
 
 (PS: your LDIF entries looked ok)
 
 Chee Wai
 
Hora!  I got it working!  Although with one bug which I will list at the 
bottom of this email.  

I am posting how I fixed this for everyone in the future who runs into this problem.

First I recompiled OpenLDAP with the --include-debug option (It won't log jack unless 
you do!)  And set up slapd.conf to loglevel = -1.
It's also a good idea to configure syslog to dump this to it's own file because it 
uses /var/log/messages by default.

Second I started Samba and Slapd up and tried to join my new domain from a Windows XP 
laptop.

Here's the (pertinent) output from my slapd.log sorry it's so long.
I'll continue at the bottom..



Jul 12 16:43:29 localhost slapd[11546]:  cache_find_entry_id( 8 ) 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net (found) (1 tries)
Jul 12 16:43:29 localhost slapd[11546]: = id2entry_r( 8 ) 0x80e96f8 (cache)
Jul 12 16:43:29 localhost slapd[11546]: = test_filter
Jul 12 16:43:29 localhost slapd[11546]: AND
Jul 12 16:43:29 localhost slapd[11546]: = test_filter_and
Jul 12 16:43:29 localhost slapd[11546]: = test_filter
Jul 12 16:43:29 localhost slapd[11546]: EQUALITY
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: search access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net uid requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = test_filter 6
Jul 12 16:43:29 localhost slapd[11546]: = test_filter
Jul 12 16:43:29 localhost slapd[11546]: EQUALITY
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: search access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net objectClass requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = test_filter 6
Jul 12 16:43:29 localhost slapd[11546]: = test_filter_and 6
Jul 12 16:43:29 localhost slapd[11546]: = test_filter 6
Jul 12 16:43:29 localhost slapd[11546]: = send_search_entry: 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net entry requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net uid requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net uid requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net pwdLastSet requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net pwdLastSet requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net logonTime requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net logonTime requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net logoffTime requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net logoffTime requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net kickoffTime requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: = access_allowed: read access to 
uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net cn requested
Jul 12 16:43:29 localhost slapd[11546]: = root access granted
Jul 12 16:43:29 localhost slapd[11546]: conn=10 op=1 ENTRY 
dn=uid=MY_COMPUTER$,ou=Machine,dc=MY_DOMAIN,dc=net
Jul 12 16:43:29 localhost slapd[11546]: = send_search_entry
Jul 12 16:43:29 localhost slapd[11546]:  cache_return_entry_r( 8 ): returned (0)
Jul 12 16:43:29 localhost slapd[11500]: daemon: select: listen=6 

RE: [Samba] Samba-2.2.8a /LDAP can't join domain

[PHELPS, SCOTT]

On Sun, 2003-07-13 at 19:42, [EMAIL PROTECTED] wrote:
Hi Scott,
 
 I've had the same message and wasn't getting any further with it for some time,
 until someone pointed me to my resolution of groups and id's which is done
 through nss, check your nsswitch.conf and libnss-ldap.conf or your
 /etc/ldap/ldap.conf (depends on your distro, I use debian). With both of us it
 was that ldap didn't look in the group tree from the ldap directory
 You can fix this here(this is mine):
 nss_base_passwd dc=blah,dc=com?sub
 nss_base_shadow ou=Users,dc=blah,dc=com?one
 nss_base_group  ou=Groups,dc=blah,dc=com?one
 
 Hope to be of help and good luck (when it works, it works like a charm)
 Regards,
 
 Bas
 

AND...
On Sun, 2003-07-13 at 18:08, _Chris McKeever_ wrote: 
make sure your ldap.conf is set like this, or it wont go searching the tree:
 
 nss_base_passwd dc=domin,dc=com?sub
 
 



Thanks guys!  You both are right.  I really appreciate the help!
BTW.  I am so stoked to have this working.  It is going to feel so
rightious to 'format C:' my hard drive on my Windoze PDC next weekend!

Samba/OpenLDAP/GQ rock!

Regards,

Scott
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba-2.2.8a LDAP - Can't join Domain - SID mapping error

[PHELPS, SCOTT]

Hi everyone,
I am at my wits end and am hoping one of you can help me out.
 
I am getting the following error when attempting to join Windows XP/2000 machine to 
the domain:
 
The following error occurred attempting to join the domain MY_DOMAIN
No mapping between account names and security IDs was done.
 
Running Gentoo Linux
Samba 2.2.8a
OpenLDAP 2.0.27
 
I performed the following registry hacks:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
 
I am attempting to join the domain as root.
root was added via smbpasswd -a root
domain admin group = rootWas placed in my smb.conf
I set up a fake root user this way in LDAP:
dn: uid=root,ou=People,dc=virginiabeach,dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uidNumber: 0
gidNumber: 0
homeDirectory: /home/root
loginShell: /bin/bash
gecos: root
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
userPassword: {SSHA}GN3hrCs7c8Kgd93df23838hHH
uid: root
pwdLastSet: 1057974221
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 2147483647
pwdMustChange: 2147483647
displayName: root
cn: root
smbHome: \\MY_PDC\homes
homeDrive: Z:
scriptPath: logon.cmd
profilePath: \\MT-PDC\profiles\root
rid: 1000
primaryGroupID: 1001
lmPassword: 639C041927C79D99AAEJKHRJFHKRJKL
ntPassword: 6E1766AB79DDFHGJDHFJJHBJFHBJRHR
acctFlags: [UX ]
 
The machine name is also in LDAP like this:
dn: uid=MYMACHINE$,ou=Machine,dc=virginiabeach,dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uid: MYMACHINE$
uidNumber: 11014
gidNumber: 11014
homeDirectory: /dev/null
loginShell: /bin/false
gecos: rid96itlaptop windows machine,,,
userPassword: {crypt}x
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
pwdLastSet: 0
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 2147483647
pwdMustChange: 2147483647
displayName: MYMACHINE$
acctFlags: [W]
rid: 23028
primaryGroupID: 23029
homeDrive: U:
smbHome: 
profilePath: 
scriptPath: logon.cmd
lmPassword: xxx
ntPassword: xxx
cn: MYMACHINE$
 
Everything else works, and I am able to log into Linux and a Samba share using a test 
user authenticating strictly via LDAP.
 
Any help is greatly appreciated.  Otherwise I will have no hair left!
 
Thanks,
 
-- Scott Phelps
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba-2.2.8a /LDAP can't join domain

[PHELPS, SCOTT]

 
 
-Original Message-
From: Scott Phelps [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 11, 2003 9:19 PM
To: '[EMAIL PROTECTED]'
Subject: Samba-2.2.8a  LDAP - Can't join Domain - SID mapping error
 
Hi everyone,
I am at my wits end and am hoping one of you can help me out.
 
I am getting the following error when attempting to join Windows XP/2000 machine to 
the domain:
 
The following error occurred attempting to join the domain MY_DOMAIN
No mapping between account names and security IDs was done.
 
Running Gentoo Linux
Samba 2.2.8a
OpenLDAP 2.0.27
 
I performed the following registry hacks:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
requirestrongkey=dword:requiresignorseal=dword:
 
I am attempting to join the domain as root.
root was added via smbpasswd -a root
domain admin group = rootWas placed in my smb.conf
I set up a fake root user this way in LDAP:
dn: uid=root,ou=People,dc=virginiabeach,dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uidNumber: 0
gidNumber: 0
homeDirectory: /home/root
loginShell: /bin/bash
gecos: root
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
userPassword: {SSHA}GN3hrCs7c8Kgd93df23838hHH
uid: root
pwdLastSet: 1057974221
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 2147483647
pwdMustChange: 2147483647
displayName: root
cn: root
smbHome: \\MY_PDC\homes
homeDrive: Z:
scriptPath: logon.cmd
profilePath: \\MT-PDC\profiles\root
rid: 1000
primaryGroupID: 1001
lmPassword: 639C041927C79D99AAEJKHRJFHKRJKL
ntPassword: 6E1766AB79DDFHGJDHFJJHBJFHBJRHR
acctFlags: [UX ]
 
The machine name is also in LDAP like this:
dn: uid=MYMACHINE$,ou=Machine,dc=virginiabeach,dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaAccount
uid: MYMACHINE$
uidNumber: 11014
gidNumber: 11014
homeDirectory: /dev/null
loginShell: /bin/false
gecos: rid96itlaptop windows machine,,,
userPassword: {crypt}x
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0
pwdLastSet: 0
logonTime: 0
logoffTime: 2147483647
kickoffTime: 2147483647
pwdCanChange: 2147483647
pwdMustChange: 2147483647
displayName: MYMACHINE$
acctFlags: [W]
rid: 23028
primaryGroupID: 23029
homeDrive: U:
smbHome: 
profilePath: 
scriptPath: logon.cmd
lmPassword: xxx
ntPassword: xxx
cn: MYMACHINE$
 
Everything else works, and I am able to log into Linux and a Samba share using a test 
user authenticating strictly via LDAP.
 
Any help is greatly appreciated.  Otherwise I will have no hair left!
 
Thanks,
 
-- Scott Phelps
 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba