Re: [Samba] Samba + LDAP problem for find user name
"Bruno Steven" wrote in message news:c6bf33680910270225n6b5423e5te193e27399144...@mail.gmail.com... I have samba integrated with openldap , all process are up and I am trying add one machine Windows XP with SP3 in domain Samba , but windows show this message Error while the attempt of entry in domain "amblivre.com" Is not possible find user name I am tired because I don´t found any solution about this problem , I need some idea .. Thanks ... Have you set up nss ldap? When you type "getent passwd" do you see the users created in ldap as well as those in the /etc/passwd file? When you type "getent group" do you see the groups created in ldap as well as those in the /etc/group file? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP problem for find user name
Hi .. guy or girls ... until now I did´t found any information that resolv my problem , there is somebody in this list that made Samba more Openldap together work ? On Tue, Oct 27, 2009 at 7:25 AM, Bruno Steven wrote: > I have samba integrated with openldap , all process are up and I am trying > add one machine Windows XP with SP3 in domain Samba , but windows show this > message Error while the attempt of entry in domain "amblivre.com" Is > not possible find user name > > I am tired because I don´t found any solution about this problem , I need > some idea .. > > Thanks ... > > -- > Bruno Steven - Administrador de sistemas. > LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 > https://www.lpi.org/caf/Xamman/certification > > MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 > https://mcp.microsoft.com/authenticate/validatemcp.aspx > > > P Antes de imprimir pense em sua responsabilidade e comprometimento com o > Meio Ambiente. Before printing this message, think about your ecologic > responsability and environment commitment. > -- Bruno Steven - Administrador de sistemas. LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 https://www.lpi.org/caf/Xamman/certification MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 https://mcp.microsoft.com/authenticate/validatemcp.aspx P Antes de imprimir pense em sua responsabilidade e comprometimento com o Meio Ambiente. Before printing this message, think about your ecologic responsability and environment commitment. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba ldap problem
Hi, we had this setup working for quite some time but after upgrading the samba package things look different: we now have the following samba/ldap setup: samba-3.0.34p1-cups-ldap openldap-server-2.3.43 the samba-ldap configuration is: doing parameter ldap suffix = dc=foo,dc=ch doing parameter ldap machine suffix = ou=Computers,ou=Samba,ou=system snip >> in this state we don't see any packets going to the ldap server anymore. Have you seen this behaviour or do you have any hints how we could debug this better? >> >> >>> Very strange is also teh fact, that the first connection works, but >>> gets interrupted in the middle somehow and then all subsequent >>> attempts using smbclient fail: >> >>> root:13# pgrep smbd >>> 4268 >>> 30945 >>> root:14# smbclient -U mbalmer -L tesla >>> Password: >>> Domain=[EDUBS] OS=[Unix] Server=[Samba 3.0.34] >>> snip .. >> >>> This is on OpenBSD 4.4/i386, btw. >> >>> - Marc >> >> Did you copy the new samba schema file from the new samba version to >> the >> openldap scheme directory? >> I had some strange problems once after a update and that was the >> case in >> my situation. >Yes I did that, but of course the additional fields in the SambaDomain >object are empty. Do I need to full them with some values? >- Marc As far as i know not, in my case the copy of schema file was enough, i could not imagine why it needs altering. I mean this file (On FreeBSD). /usr/local/share/examples/samba/LDAP/samba.schema And that needs to be copied to the loaction mentioned in your slapd.conf file: in my case: include /usr/local/etc/openldap/schema/samba.schema regards, Johan Checked by AVG - www.avg.com Version: 8.5.387 / Virus Database: 270.13.16/2240 - Release Date: 07/16/09 18:00:00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba ldap problem
Am 17.07.2009 um 13:55 schrieb Johan Hendriks: Hi, we had this setup working for quite some time but after upgrading the samba package things look different: we now have the following samba/ldap setup: samba-3.0.34p1-cups-ldap openldap-server-2.3.43 the samba-ldap configuration is: doing parameter ldap suffix = dc=foo,dc=ch doing parameter ldap machine suffix = ou=Computers,ou=Samba,ou=system snip in this state we don't see any packets going to the ldap server anymore. Have you seen this behaviour or do you have any hints how we could debug this better? Very strange is also teh fact, that the first connection works, but gets interrupted in the middle somehow and then all subsequent attempts using smbclient fail: root:13# pgrep smbd 4268 30945 root:14# smbclient -U mbalmer -L tesla Password: Domain=[EDUBS] OS=[Unix] Server=[Samba 3.0.34] snip .. This is on OpenBSD 4.4/i386, btw. - Marc Did you copy the new samba schema file from the new samba version to the openldap scheme directory? I had some strange problems once after a update and that was the case in my situation. Yes I did that, but of course the additional fields in the SambaDomain object are empty. Do I need to full them with some values? - Marc Regards, Johan Checked by AVG - www.avg.com Version: 8.5.387 / Virus Database: 270.13.16/2240 - Release Date: 07/16/09 18:00:00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba ldap problem
>> Hi, >> >> we had this setup working for quite some time but after upgrading the >> samba package things look different: >> >> we now have the following samba/ldap setup: >> >> samba-3.0.34p1-cups-ldap >> openldap-server-2.3.43 >> >> the samba-ldap configuration is: >> doing parameter ldap suffix = dc=foo,dc=ch >> doing parameter ldap machine suffix = ou=Computers,ou=Samba,ou=system >>snip >> in this state we don't see any packets going to the ldap server >> anymore. >> Have you seen this behaviour or do you have any hints how we could >> debug >> this better? >> >Very strange is also teh fact, that the first connection works, but >gets interrupted in the middle somehow and then all subsequent >attempts using smbclient fail: >root:13# pgrep smbd >4268 >30945 >root:14# smbclient -U mbalmer -L tesla >Password: >Domain=[EDUBS] OS=[Unix] Server=[Samba 3.0.34] > snip .. >This is on OpenBSD 4.4/i386, btw. >- Marc Did you copy the new samba schema file from the new samba version to the openldap scheme directory? I had some strange problems once after a update and that was the case in my situation. Regards, Johan Checked by AVG - www.avg.com Version: 8.5.387 / Virus Database: 270.13.16/2240 - Release Date: 07/16/09 18:00:00 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba ldap problem
Am 16.07.2009 um 18:01 schrieb Mischa Diehm: Hi, we had this setup working for quite some time but after upgrading the samba package things look different: we now have the following samba/ldap setup: samba-3.0.34p1-cups-ldap openldap-server-2.3.43 the samba-ldap configuration is: doing parameter ldap suffix = dc=foo,dc=ch doing parameter ldap machine suffix = ou=Computers,ou=Samba,ou=system doing parameter ldap user suffix = ou=Users,ou=Samba,ou=system doing parameter ldap group suffix = ou=Groups,ou=Samba,ou=system doing parameter ldap admin dn = "cn=SambaAdmin,ou=Users,ou=OpenLDAP,ou=system,dc=foo,dc=ch" doing parameter ldap delete dn = no doing parameter ldap passwd sync = no doing parameter ldap replication sleep = 6000 doing parameter ldap timeout = 120 doing parameter ldap ssl = No when starting the smbd things look ok: Attempting to find an passdb backend to match ldapsam:ldap:// localhost/ (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=EDUBS))] smbldap_search_ext: base => [dc=edubs,dc=ch], filter => [(&(objectClass=sambaDomain)(sambaDomainName=EDUBS))], scope => [2] The connection to the LDAP server was closed smb_ldap_setup_connection: ldap://localhost/ smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://localhost/ as "cn=SambaAdmin,ou=Users,ou=OpenLDAP,ou=system,dc=edubs,dc=ch" ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results The LDAP server is successfully connected smbldap_get_single_attribute: [sambaAlgorithmicRidBase] = [] pdb backend ldapsam:ldap://localhost/ has a valid init it seems the first connection works: root:195# smbclient -L localhost -U foo.bar Password: Anonymous login successful Domain=[EDUBS] OS=[Unix] Server=[Samba 3.0.34] Sharename Type Comment - --- IPC$IPC IPC Service (ICT Fileserver) read_socket_with_timeout: timeout read. read error = Connection reset by peer. Receiving SMB: Server stopped responding session request to LOCALHOST failed (Read error: Connection reset by peer) Error connecting to 127.0.0.1 (Connection refused) Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED) NetBIOS over TCP disabled -- no workgroup available but any connection afterwards fails with this: root:199# smbclient -L localhost -U foo.bar Password: Receiving SMB: Server stopped responding session setup failed: Call returned zero bytes in this state we don't see any packets going to the ldap server anymore. Have you seen this behaviour or do you have any hints how we could debug this better? Very strange is also teh fact, that the first connection works, but gets interrupted in the middle somehow and then all subsequent attempts using smbclient fail: root:13# pgrep smbd 4268 30945 root:14# smbclient -U mbalmer -L tesla Password: Domain=[EDUBS] OS=[Unix] Server=[Samba 3.0.34] Sharename Type Comment - --- IPC$IPC IPC Service (ICT Fileserver) mbalmer Disk Home Directories Receiving SMB: Server stopped responding session setup failed: Call returned zero bytes (EOF) NetBIOS over TCP disabled -- no workgroup available root:15# smbclient -U mbalmer -L tesla Password: Receiving SMB: Server stopped responding session setup failed: Call returned zero bytes (EOF) This is on OpenBSD 4.4/i386, btw. - Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP problem
Ran into the same problem too. what i did was 1, create a generic barebones smb.conf(i.e. no ldap backend and such), 2. started up samba 3. shut down samba 4. edited smb.conf to support ldap backend 5. started up samba it may have something to do with samba not generating an SID when configured to support LDAP at the onset. *or*, just do the setlocalsid thing as Mr. Björn Jacke has suggested --- On Wed, 2/4/09, Agustin Eguia wrote: > From: Agustin Eguia > Subject: [Samba] Samba + LDAP problem > To: samba@lists.samba.org > Date: Wednesday, February 4, 2009, 5:44 AM > Hello everyone, I have a question here that has been giving > me troubles : > > I installed my PDC with samba + LDAP... everything seems to > work just fine (user creation, population, groups, users and > machines connecting to the domain)... but one thing keeps > not working : net getlocalsid... I keep getting this message > : Can't fetch domain SID for name: MACHINENAME > > > I searched the internet like crazy even asked in IRC > channels but no luck... can anyone enlight me on this one ? > > > Thanks, > > > A. > -- To unsubscribe from this list go to the following URL > and read the > instructions: > https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP problem
On 2009-02-03 at 17:44 +0100 Agustin Eguia sent off: > Hello everyone, I have a question here that has been giving me troubles : > > I installed my PDC with samba + LDAP... everything seems to work just fine > (user creation, population, groups, users and machines connecting to the > domain)... but one thing keeps not working : net getlocalsid... I keep > getting this message : Can't fetch domain SID for name: MACHINENAME > > > I searched the internet like crazy even asked in IRC channels but no > luck... can anyone enlight me on this one ? I saw something like that, looks like the localsid initialization logic broken. Take a look at https://bugzilla.samba.org/show_bug.cgi?id=6033 for description and workaround. Cheers Björn -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP problem
http://www.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-massive Samba-3 generates a Windows Security Identifier (SID) only when smbd has been started. For this reason, you start Samba. After a few seconds delay, execute: root# smbclient -L localhost -U% root# net getlocalsid A report such as the following means that the domain SID has not yet been written to the secrets.tdb or to the LDAP backend: [2005/03/03 23:19:34, 0] lib/smbldap.c:smbldap_connect_system(852) failed to bind to server ldap://massive.abmas.biz with dn="cn=Manager,dc=abmas,dc=biz" Error: Can't contact LDAP server (unknown) [2005/03/03 23:19:48, 0] lib/smbldap.c:smbldap_search_suffix(1169) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) The attempt to read the SID will cause and attempted bind to the LDAP server. Because the LDAP server is not running, this operation will fail by way of a timeout, as shown previously. This is normal output; do not worry about this error message. When the domain has been created and written to the secrets.tdb file, the output should look like this: SID for domain MASSIVE is: S-1-5-21-3504140859-1010554828-2431957765 If, after a short delay (a few seconds), the domain SID has still not been written to the secrets.tdb file, it is necessary to investigate what may be misconfigured. In this case, carefully check the smb.conf file for typographical errors (the most common problem). The use of the testparm is highly recommended to validate the contents of this file. > Hello everyone, I have a question here that has been giving me troubles : > > I installed my PDC with samba + LDAP... everything seems to work just > fine (user creation, population, groups, users and machines connecting > to the domain)... but one thing keeps not working : net getlocalsid... I > keep getting this message : Can't fetch domain SID for name: MACHINENAME > > > I searched the internet like crazy even asked in IRC channels but no > luck... can anyone enlight me on this one ? > > > Thanks, > > > A. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba / ldap problem with cpu load
Am Freitag, 9. Januar 2009 23:57 schrieb franck molle: > First of all, I am french. My english is not very good and i am sorry > for this ;). > > One month ago, I have upgrade my server in debian Etch (it was in > debian sarge). So now, samba is in 3.0.24 version. My server use > samba and ldap. > > Since this upgrade, i have some problems with cpu loading when the > users log on the samba domain (smbd and slapd services). > > I have take a look at samba log but i don't see anything. After that, > i have take a look on the ldap logs in debug level 256. > > I can see the problem in the logs but i can't explain it, i hope you > can help me about it. > In the log file, i have this entry thousand of time (2 entry) > base="ou=Groups,ou=clg-hugo-gisors,ou=ac-rouen,ou=education,o=gouv,c= >fr" scope=2 deref=0 > filter="(&(objectClass=sambaGroupMapping)(gidNumber=0))" Reconfigure the package libnss-ldap, so that libnss use an anonymous bind. Or manually disable the rootdn statement in /etc/libnss-ldap.conf and restart nscd. Maybe, you must invalidate the cache with nscd -i group nscd -i passwd > thanks for your help, bye > > -- > ~~ > Franck MOLLE > Animateur de Secteur > Relais assistance Tice, Louviers-Vernon > ~~ -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] samba ldap problem
[EMAIL PROTECTED] wrote: What is your guest user in smb.conf ? check if is not nobody, the guest acoutn is used by samba for first connection. Yes it s nobody user . I have modify this with guest user in ldap directory . -- Laradji nacer ovea http://www.ovea.com Tél : +33 4 6767 Gsm : +33 6 1059 6883 1024D/DFCF1726 : 33A5 7162 4370 9C30 E22C 0721 DBA7 CBEE DFCF 1726 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] samba ldap problem
What is your guest user in smb.conf ? check if is not nobody, the guest acoutn is used by samba for first connection. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 10/06/2005 16:20:56 : > I have tried to create a samba domain with a ldap backend. > > This is how my ldap structure looks like. > > # example.com > dn: dc=example,dc=com > objectClass: dcObject > objectClass: organization > o: example > dc: example > > # groups, example.com > dn: ou=groups,dc=example,dc=com > objectClass: organizationalUnit > ou: groups > > # Domain Admins, groups, example.com > dn: cn=Domain Admins,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 512 > cn: Domain Admins > memberUid: root > description: Netbios Domain Administrators > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-512 > sambaGroupType: 2 > displayName: Domain Admins > > # Domain Users, groups, example.com > dn: cn=Domain Users,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 513 > cn: Domain Users > description: Netbios Domain Users > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-513 > sambaGroupType: 2 > displayName: Domain Users > > # Domain Guests, groups, example.com > dn: cn=Domain Guests,ou=groups,dc=example,dc=com > objectClass: posixGroup > objectClass: sambaGroupMapping > gidNumber: 514 > cn: Domain Guests > description: Netbios Domain Guests Users > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-514 > sambaGroupType: 2 > displayName: Domain Guests > > # computers, example.com > dn: ou=computers,dc=example,dc=com > objectClass: organizationalUnit > ou: computers > > # PDC, example.com > dn: sambaDomainName=PDC,dc=example,dc=com > objectClass: sambaDomain > sambaDomainName: PDC > sambaNextGroupRid: 9 > sambaNextUserRid: 9 > sambaSID: S-1-5-21-3527759599-3696857034-3584459987 > sambaNextRid: 9 > > # people, example.com > dn: ou=people,dc=example,dc=com > objectClass: organizationalUnit > ou: people > > # root, people, example.com > dn: uid=root,ou=people,dc=example,dc=com > uid: root > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-500 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-512 > displayName: root > sambaAcctFlags: [U ] > objectClass: account > objectClass: sambaSamAccount > sambaPwdMustChange: 2147483647 > sambaLMPassword: 63D2114DE42F744B30A84C4AFE5A > sambaNTPassword: 5460FB29D247C383F63E1E3A417FC39B > sambaPasswordHistory: > > sambaPwdCanChange: 1118395221 > sambaPwdLastSet: 1118395221 > > # win2k$, Computers, example.com > dn: uid=win2k$,ou=Computers,dc=example,dc=com > uid: win2k$ > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-3022 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-1201 > objectClass: sambaSamAccount > objectClass: account > displayName: win2k$ > sambaPwdMustChange: 2147483647 > sambaAcctFlags: [W ] > sambaPwdCanChange: 1118395893 > sambaNTPassword: 5C70F10A2EAD0B4FE5588114C98ED1ED > sambaPwdLastSet: 1118395893 > > # Martin Hallgren, people, example.com > dn: cn=Martin Hallgren,ou=people,dc=example,dc=com > objectClass: inetOrgPerson > objectClass: organizationalPerson > objectClass: person > objectClass: posixAccount > objectClass: top > objectClass: krb5Principal > objectClass: krb5KDCEntry > objectClass: sambaSamAccount > krb5PrincipalName: [EMAIL PROTECTED] > krb5KeyVersionNumber: 1 > krb5MaxLife: 86400 > krb5MaxRenew: 604800 > krb5KDCFlags: 126 > cn: Martin Hallgren > givenName: Martin > mail: [EMAIL PROTECTED] > sn: Hallgren > uid: martin > uidNumber: 1050 > gidNumber: 100 > homeDirectory: /home/martin > loginShell: /bin/bash > sambaAcctFlags: [U ] > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-3250 > sambaPwdCanChange: 1118395383 > sambaPwdMustChange: 2147483647 > sambaLMPassword: 01FC5A6BE7BC6929AAD3B435B51404EE > sambaNTPassword: 0CB6948805F797BF2A82807973B89537 > sambaPasswordHistory: > > sambaPwdLastSet: 1118395383 > > # nobody, people, example.com > dn: uid=nobody,ou=people,dc=example,dc=com > objectClass: account > objectClass: sambaSamAccount > objectClass: posixAccount > uid:: bm9ib2R5ICAgICAgICAgICAgICAgICA= > sambaPwdLastSet: 0 > sambaLogonTime: 2147483647 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaPwdCanChange: 2147483647 > sambaPwdMustChange: 2147483648 > displayName: Nobody > cn: Nobody > sambaSID: S-1-5-21-3527759599-3696857034-3584459987-501 > sambaPrimaryGroupSID: S-1-5-21-3527759599-3696857034-3584459987-514 > gecos:: Tm9ib2R5IG9yIEd1ZXN0ICAgICAgIA== > homeDirectory:: L2Rldi9udWxsICAgICAgICAgICAgIA== > loginShell:: L2Rldi9udWxsICAgICA= > uidNumber: 65534 > gidNumber: 65534 > samba
RE: [Samba] Samba LDAP Problem
Dear List thank for attention #smbpasswd -a administrator with same result, still cant join domain. #tail -f /var/log/samba/172.16.0.22 2004/07/16 08:59:33, 3] smbd/oplock.c:init_oplocks(1226) open_oplock_ipc: opening loopback UDP socket. [2004/07/16 08:59:33, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(303) Linux kernel oplocks enabled [2004/07/16 08:59:33, 3] smbd/oplock.c:init_oplocks(1257) open_oplock ipc: pid = 14532, global_oplock_port = 32923 [2004/07/16 08:59:33, 4] lib/time.c:get_serverzone(122) Serverzone is -25200 [2004/07/16 08:59:33, 3] smbd/process.c:process_smb(890) Transaction 0 of length 72 [2004/07/16 08:59:33, 2] smbd/reply.c:reply_special(199) netbios connect: name1=SMB3name2=BACKUP [2004/07/16 08:59:33, 2] smbd/reply.c:reply_special(206) netbios connect: local=smb3 remote=backup, name type = 0 -Original Message- From: Federico Renzetti [mailto:[EMAIL PROTECTED] Sent: Thu 7/15/2004 9:18 PM To: Mohammad Reza Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject:Re: [Samba] Samba LDAP Problem Did you set samba ldap-passwd with smbpasswd? What machine-logs you try to add say? Il gio, 2004-07-15 alle 14:23, Mohammad Reza ha scritto: > Dear Lists, > > I try to configure Samba as PDC LDAP backend with Linux-Suse-9.1 and smbldap-tools > form www.idealx.org, > I follow guide from SMB-3 by Example book. > Step by step installation and configuration came with no error. > except i couldnt join w2k workstation to the new domain with administrator account. > > # /var/lib/samba/sbin/smbldap-usershow administrator > dn: uid=Administrator,ou=People,dc=mragroup,dc=net > cn: Administrator > sn: Administrator > objectClass: inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount > gidNumber: 512 > uid: Administrator > uidNumber: 0 > homeDirectory: /home/ > sambaLogonTime: 0 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaHomeDrive: H: > sambaPrimaryGroupSID: S-1-5-21-1557978329-216335016-4217907674-512 > sambaSID: S-1-5-21-1557978329-216335016-4217907674-2996 > loginShell: /bin/false > gecos: Netbios Domain Administrator > sambaPwdCanChange: 1089891115 > sambaLMPassword: BBBDA461DC390736B8FCC6137C839435 > sambaAcctFlags: [U] > sambaNTPassword: 490F588B2F94E97F07A4F952DAACBF7F > sambaPwdLastSet: 1089891324 > sambaPwdMustChange: 1094643324 > userPassword: {SSHA}23S45Jt6Fx3ET1nhXONtAadA43dKZn4n > # /var/lib/samba/sbin/smbldap-passwd administrator > Changing password for administrator > New password : > Retype new password : > # net join rpc -U administrator%password > Could not connect to server SMB3 > The username or password was not correct. > > When i try to join my w2k ws to new samba domain, with administrator account and > password , "Logon failure : unknown username and password" . > No error log in samba log (level 5). > Did i missed something ? please help me.. > > regards > reza > om beast dan pak wis tolongin dong.. -- Renzetti Federico System/Network Administrator RedHat Certified Engineer Fabaris S.r.l. Tel. +39 0765 22181 - Fax +39 0765 410100 Via G. Mameli, 90 02047 Poggio Mirteto (RI) Filiale: Viale dell'Università, 25 00185 Roma (RM) www.fabaris.it -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba LDAP Problem
Did you set samba ldap-passwd with smbpasswd? What machine-logs you try to add say? Il gio, 2004-07-15 alle 14:23, Mohammad Reza ha scritto: > Dear Lists, > > I try to configure Samba as PDC LDAP backend with Linux-Suse-9.1 and smbldap-tools > form www.idealx.org, > I follow guide from SMB-3 by Example book. > Step by step installation and configuration came with no error. > except i couldnt join w2k workstation to the new domain with administrator account. > > # /var/lib/samba/sbin/smbldap-usershow administrator > dn: uid=Administrator,ou=People,dc=mragroup,dc=net > cn: Administrator > sn: Administrator > objectClass: inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount > gidNumber: 512 > uid: Administrator > uidNumber: 0 > homeDirectory: /home/ > sambaLogonTime: 0 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaHomeDrive: H: > sambaPrimaryGroupSID: S-1-5-21-1557978329-216335016-4217907674-512 > sambaSID: S-1-5-21-1557978329-216335016-4217907674-2996 > loginShell: /bin/false > gecos: Netbios Domain Administrator > sambaPwdCanChange: 1089891115 > sambaLMPassword: BBBDA461DC390736B8FCC6137C839435 > sambaAcctFlags: [U] > sambaNTPassword: 490F588B2F94E97F07A4F952DAACBF7F > sambaPwdLastSet: 1089891324 > sambaPwdMustChange: 1094643324 > userPassword: {SSHA}23S45Jt6Fx3ET1nhXONtAadA43dKZn4n > # /var/lib/samba/sbin/smbldap-passwd administrator > Changing password for administrator > New password : > Retype new password : > # net join rpc -U administrator%password > Could not connect to server SMB3 > The username or password was not correct. > > When i try to join my w2k ws to new samba domain, with administrator account and > password , "Logon failure : unknown username and password" . > No error log in samba log (level 5). > Did i missed something ? please help me.. > > regards > reza > om beast dan pak wis tolongin dong.. -- Renzetti Federico System/Network Administrator RedHat Certified Engineer Fabaris S.r.l. Tel. +39 0765 22181 - Fax +39 0765 410100 Via G. Mameli, 90 02047 Poggio Mirteto (RI) Filiale: Viale dell'UniversitÃ, 25 00185 Roma (RM) www.fabaris.it -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba + LDAP problem...SOLVED
Bruno, As it turns out, all I had to do was enter this as my username when asked for it during the join-domain process: "nesbitt.local\administrator" Up until now, I had just been using "administrator". GEEESH, How simplistic can it be? Something that small caused me days, no a WEEK of grief! Thanks again for your help. Everything you offered was great advice, and it helped me make certain I had things right. -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP problem...
> I did have these set, as I used 'authconfig' to generate the PAM/LDAP > integration. > > What I didn't have (but do now) is some settings in /etc/ldap.conf. Those > that look like nns_base_passwd, nss_base_shadow, and nss_base_group or very > similar. I have those set now, and the error message that I'm getting is > different. > > On the Windows 2000 machine when I join the domain, I get: > > "The account used is a computer account. Use your global user account, or > local user account to access this server." > > It almost sounds like the "administrator" account is misconfigured and is > appearing to Windows as a computer account instead of a user account. Have > you heard of this happening before? > > I used 'smbldap-useradd.pl -a -m -g 200 administrator' to add the > "administrator" account after I had LDAP up and running. Don´t know if this occurs when using LDAP but I used to get this error when trying to join a machine to the domain with a user different then root or when my "add user script" was misconfigured and samba couldn´t create the machine account. Verify if you can run "/usr/local/sbin/smbldap-useradd.pl -w " from a directory different than /usr/local/bin, if not you need to configure perl to locate your smbldap_tools.pm. If the machine account was created try to change the uid and gid from the administrator to 0 or run "smbpasswd -a root" and use the user root to join the machine to the domain. Hope this helps. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba + LDAP problem...
On Friday, June 13, 2003 1:44 PM, Bruno Gimenes Pereti wrote: > Hi Kevin, Hi Bruno, and thanks for responding... > > > Below are some files that I think are pertinent. The > > /etc/openldap/ldap.conf, /etc/openldap/slapd.conf > /etc/samba/smb.conf, the > > base.ldif that is from the IDEALX.org HOWTO. > > > > I'm hoping that someone with much more experience than me > will be able to > > help me. > > I´m not so experience but I think you forgot one thing. Do > you have this: > > passwd: files ldap > shadow: files ldap > group: files ldap > > in your /etc/nsswitch.conf and this: > > authrequired /lib/security/pam_env.so > authsufficient/lib/security/pam_unix.so likeauth nullok > authsufficient use_first_pass > authrequired /lib/security/pam_deny.so > account sufficient /lib/security/pam_ldap.so > account required /lib/security/pam_unix.so > passwordrequired /lib/security/pam_cracklib.so retry=3 > passwordsufficient/lib/security/pam_unix.so nullok > use_authtok md5 > shadow > passwordsufficient /lib/security/pam_ldap.so > passwordrequired /lib/security/pam_deny.so > session required /lib/security/pam_limits.so > session sufficient /lib/security/pam_ldap.so > session required /lib/security/pam_unix.so > > in /etc/pam.d/system-auth? > > In redhat you can do this with authconfig. > I did have these set, as I used 'authconfig' to generate the PAM/LDAP integration. What I didn't have (but do now) is some settings in /etc/ldap.conf. Those that look like nns_base_passwd, nss_base_shadow, and nss_base_group or very similar. I have those set now, and the error message that I'm getting is different. On the Windows 2000 machine when I join the domain, I get: "The account used is a computer account. Use your global user account, or local user account to access this server." It almost sounds like the "administrator" account is misconfigured and is appearing to Windows as a computer account instead of a user account. Have you heard of this happening before? I used 'smbldap-useradd.pl -a -m -g 200 administrator' to add the "administrator" account after I had LDAP up and running. Thanks again for your input. -- Kevin L. Collins, MCSE Systems Manager Nesbitt Engineering, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP problem...
Hi Kevin, > Below are some files that I think are pertinent. The > /etc/openldap/ldap.conf, /etc/openldap/slapd.conf /etc/samba/smb.conf, the > base.ldif that is from the IDEALX.org HOWTO. > > I'm hoping that someone with much more experience than me will be able to > help me. I´m not so experience but I think you forgot one thing. Do you have this: passwd: files ldap shadow: files ldap group: files ldap in your /etc/nsswitch.conf and this: authrequired /lib/security/pam_env.so authsufficient/lib/security/pam_unix.so likeauth nullok authsufficient use_first_pass authrequired /lib/security/pam_deny.so account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_unix.so passwordrequired /lib/security/pam_cracklib.so retry=3 passwordsufficient/lib/security/pam_unix.so nullok use_authtok md5 shadow passwordsufficient /lib/security/pam_ldap.so passwordrequired /lib/security/pam_deny.so session required /lib/security/pam_limits.so session sufficient /lib/security/pam_ldap.so session required /lib/security/pam_unix.so in /etc/pam.d/system-auth? In redhat you can do this with authconfig. hope this helps. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba