Re: [Samba] Samba 3 + LDAP as PDC join domain problem
Jacky C.K Tsoi [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 30.07.2004 06:45 To: [EMAIL PROTECTED] cc: Subject:[Samba] Samba 3 + LDAP as PDC join domain problem Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties - Computer Name - Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I had the same problem. Are you using nis or only LDAP as backend ? Do you use diferent OU's for Users and Machines? (e.g. ou=People and ou=Machines)? If not using NIS. check /etc/ldap.conf and comment as follows #nss_base_shadow #nss_base_passwd because if you're using different OU's and using the above two lines uncommented. The Machine you want to join will be searched in ou=People and that's why you get an User not found. By commenting the two nss_... lines the Machine you want to join will be then searched in the correct OU. And there will be no error anymore in joining a machine to DOMAIN. I've checked the LDAP directory that the computer account is created successfully without any problem. So, I click OK again and enter the Administrator account password again, and it success. Set you LDAP to a higher LOGLEVEL and you will see what I Tried to explain. So, I'd like to know, why I need to do it twice even though the computer account is already created successfully at the fist time? Thanks a lot. No Matter Christian --- Jacky C.K Tsoi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3 + LDAP as PDC join domain problem
I'm using LDAP only, no NIS or other password backends. The OU are different for users and computers (ou=People ou=Computer). I've tried to comment out both lines, and tried that I'm able to finger those computer accounts in the prompt. However, the problem persist and I still need to enter the password twice. I've tried to set the log level = 6 but seems no useful information can be found, how can I set Samba to log more information about my problem? _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 02, 2004 6:06 PM To: Jacky C.K Tsoi Subject: Re: [Samba] Samba 3 + LDAP as PDC join domain problem Jacky C.K Tsoi [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 30.07.2004 06:45 To:[EMAIL PROTECTED] cc: Subject:[Samba] Samba 3 + LDAP as PDC join domain problem Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties - Computer Name - Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I had the same problem. Are you using nis or only LDAP as backend ? Do you use diferent OU's for Users and Machines? (e.g. ou=People and ou=Machines)? If not using NIS. check /etc/ldap.conf and comment as follows #nss_base_shadow #nss_base_passwd because if you're using different OU's and using the above two lines uncommented. The Machine you want to join will be searched in ou=People and that's why you get an User not found. By commenting the two nss_... lines the Machine you want to join will be then searched in the correct OU. And there will be no error anymore in joining a machine to DOMAIN. I've checked the LDAP directory that the computer account is created successfully without any problem. So, I click OK again and enter the Administrator account password again, and it success. Set you LDAP to a higher LOGLEVEL and you will see what I Tried to explain. So, I'd like to know, why I need to do it twice even though the computer account is already created successfully at the fist time? Thanks a lot. No Matter Christian --- Jacky C.K Tsoi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3 + LDAP as PDC join domain problem
On Mon, 2004-08-02 at 20:04, Jacky C.K Tsoi wrote: I'm using LDAP only, no NIS or other password backends. The OU are different for users and computers (ou=People ou=Computer). I've tried to comment out both lines, and tried that I'm able to finger those computer accounts in the prompt. However, the problem persist and I still need to enter the password twice. I've tried to set the log level = 6 but seems no useful information can be found, how can I set Samba to log more information about my problem? log level = 10 this will log an incredible amount Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 + LDAP as PDC join domain problem
Jacky C.K Tsoi wrote: Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties - Computer Name - Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I've checked the LDAP directory that the computer account is created successfully without any problem. So, I click OK again and enter the Administrator account password again, and it success. How is your network set up with regard to the PDC and your LDAP server(s)? I would guess that when you say the account is created properly that the posix account is created, but that it has no samba attributes, then the second time it adds those attributes to the object. I had a similar issue when I was testing using a local samba PDC and a remote LDAP master with a local slave. The issue was that the replication from master-slave was not happening quick enough for the smbldap-tools script to find the posix account on the local slave when it needed to. I hacked a 2 (or maybe it was 5) second sleep into the add machine account part of the script. If this is what you're seeing I can tell you where I did it. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 + LDAP as PDC join domain problem
Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties - Computer Name - Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I've checked the LDAP directory that the computer account is created successfully without any problem. So, I click OK again and enter the Administrator account password again, and it success. So, I'd like to know, why I need to do it twice even though the computer account is already created successfully at the fist time? Thanks a lot. --- Jacky C.K Tsoi -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba