Re: [Samba] login.bat has error?
On Thu, Jul 9, 2009 at 8:31 AM, Mohsen Pahlevanzadeh wrote: > ldap suffix = dc=example,dc=com Ohh... Your smb.conf is wrong. That one should read: ldap suffix = dc=mylove -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
On Fri, Jul 10, 2009 at 4:23 PM, Mohsen Pahlevanzadeh wrote: > I have configure all of them.But you remind me hash of > smbldap_bind.conf, i input clear text password.May i input hash of my > password? AFAIK, you need clear text passwords. What about your ACLs? Does DN have permission to write? Are you sure you have not made a typo somewhere? Do you have the samba.schema in place? The error you posted is -apparently- from Samba. When you run smbldap-useradd from CLI, does it gives an error? Can you run "smbldap-useradd somebody"? Remember that computers are users too, so nss_base_passwd (/etc/ldap.conf) must be configured so it can return entries in ou=users and ou=computers (in your case it must be nss_base_passwd dc=mylove?sub) BTW, are you running: smbldap-useradd -w debian$ or smbldap-useradd -w debian ? Regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
I have configure all of them.But you remind me hash of smbldap_bind.conf, i input clear text password.May i input hash of my password? smbldap-useradd -w workstation can't run.and gives me error: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1083. [2009/07/10 13:53:22, 0] passdb/pdb_interface.c:pdb_default_create_user(336) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w debian$' gave 1 On Fri, 2009-07-10 at 14:14 -0300, Norberto Bensa wrote: > smbldap_bind.conf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
On Fri, Jul 10, 2009 at 6:42 AM, Mohsen Pahlevanzadeh wrote: > Oh,I found following log in log.debian: > Error: modifications require authentication > at /usr/share/perl5/smbldap_tools.pm line 1083. Looking up the code of smbldap_tools.pm, it looks like it is trying to make a modification to the tree, but it doesn't have the required permissions (it wants to update $sambaUnixIdPooldn) Have you configured all these files ? : /etc/ldap/slapd.conf /etc/ldap/ldap.conf /etc/ldap.conf /etc/nsswitch.conf /etc/smbldap-tools/smbldap-tools.conf /etc/smbldap-tools/smbldap_bind.conf /etc/samba/smb.conf Have you ran smbldap-populate ? Does samba know the "ldap admin dn" password (smbpasswd -W) ? Can you run "smbldap-useradd -w workstation"? Does it succeed? HTH, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
Oh,I found following log in log.debian: Error: modifications require authentication at /usr/share/perl5/smbldap_tools.pm line 1083. Do you know about this? Yours, Mohsen On Fri, 2009-07-10 at 14:03 +0430, Mohsen Pahlevanzadeh wrote: > Now i changed my netbios name.but i get same error. > On Thu, 2009-07-09 at 20:38 -0300, Norberto Bensa wrote: > > Forwarding this one to the list: > > > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > > Pahlevanzadeh wrote: > > > Mylove is my netbios name & my workgroup name. > > > > Oh... That's a violation of the smb protocol :-) > > > > Your netbios name can't be your workgroup/domain name. > > > > Try that on Windows if you don't believe me. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
Now i changed my netbios name.but i get same error. On Thu, 2009-07-09 at 20:38 -0300, Norberto Bensa wrote: > Forwarding this one to the list: > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > Pahlevanzadeh wrote: > > Mylove is my netbios name & my workgroup name. > > Oh... That's a violation of the smb protocol :-) > > Your netbios name can't be your workgroup/domain name. > > Try that on Windows if you don't believe me. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
Now i changed netbios name to my hostname.& my workgroup name is mylove. But i got same error. On Thu, 2009-07-09 at 20:30 -0400, John Drescher wrote: > On Thu, Jul 9, 2009 at 7:38 PM, Norberto Bensa wrote: > > Forwarding this one to the list: > > > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > > Pahlevanzadeh wrote: > >> Mylove is my netbios name & my workgroup name. > > > > Oh... That's a violation of the smb protocol :-) > > > > Your netbios name can't be your workgroup/domain name. > > > > Try that on Windows if you don't believe me. > > > It also can not be the name of a user or group or anything else in smb > > John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
On Thu, Jul 9, 2009 at 7:38 PM, Norberto Bensa wrote: > Forwarding this one to the list: > > On Thu, Jul 9, 2009 at 8:16 PM, Mohsen > Pahlevanzadeh wrote: >> Mylove is my netbios name & my workgroup name. > > Oh... That's a violation of the smb protocol :-) > > Your netbios name can't be your workgroup/domain name. > > Try that on Windows if you don't believe me. > It also can not be the name of a user or group or anything else in smb John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
Forwarding this one to the list: On Thu, Jul 9, 2009 at 8:16 PM, Mohsen Pahlevanzadeh wrote: > Mylove is my netbios name & my workgroup name. Oh... That's a violation of the smb protocol :-) Your netbios name can't be your workgroup/domain name. Try that on Windows if you don't believe me. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
My log.nmbd: / Copyright Andrew Tridgell and the Samba Team 1992-2008 [2009/07/10 03:16:29, 0] nmbd/nmbd.c:main(879) standard input is not a socket, assuming -D option [2009/07/10 03:16:29, 0] nmbd/nmbd_subnetdb.c:create_subnets(206) create_subnets: No local IPv4 non-loopback interfaces ! [2009/07/10 03:16:29, 0] nmbd/nmbd_subnetdb.c:create_subnets(207) create_subnets: Waiting for an interface to appear ... [2009/07/10 03:16:59, 0] nmbd/nmbd_logonnames.c:add_logon_names(160) add_domain_logon_names: Attempting to become logon server for workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:16:59, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(291) become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:16:59, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(304) become_domain_master_browser_bcast: querying subnet 192.168.2.101 for domain master browser on workgroup MYLOVE [2009/07/10 03:17:03, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(121) become_logon_server_success: Samba is now a logon server for workgroup MYLOVE on subnet 192.168.2.101 [2009/07/10 03:17:07, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(110) * Samba server MYLOVE is now a domain master browser for workgroup MYLOVE on subnet 192.168.2.101 * [2009/07/10 03:17:22, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(395) * Samba name server MYLOVE is now a local master browser for workgroup MYLOVE on subnet 192.168.2.101 * /// Mylove is my netbios name & my workgroup name. On Thu, 2009-07-09 at 20:07 -0300, Norberto Bensa wrote: > On Thu, Jul 9, 2009 at 8:31 AM, Mohsen > Pahlevanzadeh wrote: > > Even i invoke :smbldap-useradd -w mylove > > Does this one succeed or doesn't? > > > then i run net rpc join mylove -u root > > Why are you doing this? Who is mylove? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
When i run net rpc join mylove -U root i see following log in /var/log/samba/log.mylove : [2009/07/10 02:54:12, 0] passdb/pdb_interface.c:pdb_default_create_user(336) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w mylove$' gave 9 when i saw it, i wanted to add to add by hand, but i saw it added already. Yes, i run nscd.Even i stop nscd but i didn't see anythings. I already configured nsswitch.conf for ldap : nsswitch.conf bsswd: files ldap group: files ldap shadow: files ldap hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 ldap // Even i run nmbd & smbd as non-daemon. Yours, Mohsen On Thu, 2009-07-09 at 11:14 -0400, John Drescher wrote: > On Thu, Jul 9, 2009 at 10:51 AM, Mohsen > Pahlevanzadeh wrote: > > Can i hope to solve this problem? > > It would help if you posted the samba log from the PDC that showed > what happened when you tried to join the domain. Also have you setup > your nss_switch.conf and are you running nscd? > > John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] login.bat has error?
On Thu, Jul 9, 2009 at 10:51 AM, Mohsen Pahlevanzadeh wrote: > Can i hope to solve this problem? It would help if you posted the samba log from the PDC that showed what happened when you tried to join the domain. Also have you setup your nss_switch.conf and are you running nscd? John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] login.bat has error?
Can i hope to solve this problem? On Thu, 2009-07-09 at 17:56 +0530, VIJAYAN wrote: > Ok Millian thanks Mohsen Pahlevanzadeh > > Regards, > > -Original Message- > From: Mohsen Pahlevanzadeh [mailto:moh...@pahlevanzadeh.org] > Sent: Thursday, July 09, 2009 5:01 PM > To: Adam Williams > Cc: samba@lists.samba.org > Subject: Re: [Samba] login.bat has error? > > Dear Adam, > I changed my machine & install Samba & Ldap in other machine with new > configuration. > > Even getent paaswd & getent shadow is work well.Ldap doesn't has problem. > Even i invoke :smbldap-useradd -w mylove then i run net rpc join mylove -u > root Enter root's password: > Creation of workstation account failed > Unable to join domain MYLOVE. > debian:/usr/local/etc/samba_3# > I confused > My smb.conf: > > / > [global] > dos charset = UTF-8 > display charset = UTF-8 > workgroup = MYLOVE > realm = MYLOVE > netbios name = MYLOVE > server string = %h server > map to guest = Bad User > passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd > program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n > *Retype*new*password* %n\n > *all*authentication*tokens*updated* > unix password sync = Yes > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > time server = Yes > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = > /usr/sbin/smbldap-useradd -m %u delete user script = > /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd > -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group > script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = > /usr/sbin/smbldap-groupmod -x %u %g set primary group script = > /usr/sbin/smbldap-usermod -g %g %u add machine script = > /usr/sbin/smbldap-useradd -w %u logon script = logon.bat logon path = > \\%N\profiles\%U logon drive = U: > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > dns proxy = No > wins support = Yes > ldap admin dn = cn=admin,dc=mylove > ldap delete dn = Yes > ldap group suffix = ou=group > ldap idmap suffix = ou=idmap > ldap machine suffix = ou=computer > ldap suffix = dc=example,dc=com > ldap ssl = no > ldap user suffix = ou=people > panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case > sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes > > [homes] > comment = Home Directories > valid users = %S > read only = No > create mask = 0600 > directory mask = 0700 > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > printable = Yes > browseable = No > > [print$] > comment = Printer Drivers > path = /var/lib/samba/printers > > [netlogon] > path = /var/lib/samba/netlogon > browseable = No > > [profiles] > path = /var/lib/samba/profiles > force user = %U > read only = No > create mask = 0600 > directory mask = 0700 > guest ok = Yes > profile acls = Yes > browseable = No > csc policy = disable > > [public] > path = /tmp > read only = No > guest ok = Yes > > > > > > On Tue, 2009-07-07 at 10:33 -0500, Adam Williams wrote: > > sounds like your computer doesn't have a machine account. > > > > Mohsen Pahlevanzadeh wrote: > > > Dear all, > > > I ran PDC on smbpasswd auth. > > > When i use following the command, i receive : > > > // > > > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > > > Enter root's password: > > > Creation of workstation account failed Unable to join domain MYLOVE. > > > debian:/usr/local/etc/samba_3# > > > /// > > > > > > > > > my smb.conf is : > > > > > > > > > > > > > > > [global] > > > netbios name = mylove > > > server string = Axjooon > > > workgroup = mylove > > > os level = 65 > > > prefered master = yes > > > domain master = yes > > > local master = yes > > > domain logons = yes > > > ;misc options > > > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > > > RCVBUF=8192 > > > time server = yes > > > hide dot files = yes > > > #client code page = 852 > &g
Re: [Samba] login.bat has error?
Dear Adam, I changed my machine & install Samba & Ldap in other machine with new configuration. Even getent paaswd & getent shadow is work well.Ldap doesn't has problem. Even i invoke :smbldap-useradd -w mylove then i run net rpc join mylove -u root Enter root's password: Creation of workstation account failed Unable to join domain MYLOVE. debian:/usr/local/etc/samba_3# I confused My smb.conf: / [global] dos charset = UTF-8 display charset = UTF-8 workgroup = MYLOVE realm = MYLOVE netbios name = MYLOVE server string = %h server map to guest = Bad User passdb backend = ldapsam:ldap://127.0.0.1/ pam password change = Yes passwd program = /usr/sbin/smbldap-passwd -u %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u logon script = logon.bat logon path = \\%N\profiles\%U logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=mylove ldap delete dn = Yes ldap group suffix = ou=group ldap idmap suffix = ou=idmap ldap machine suffix = ou=computer ldap suffix = dc=example,dc=com ldap ssl = no ldap user suffix = ou=people panic action = /usr/share/samba/panic-action %d map acl inherit = Yes case sensitive = No hide unreadable = Yes map hidden = Yes map system = Yes [homes] comment = Home Directories valid users = %S read only = No create mask = 0600 directory mask = 0700 browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/printers [netlogon] path = /var/lib/samba/netlogon browseable = No [profiles] path = /var/lib/samba/profiles force user = %U read only = No create mask = 0600 directory mask = 0700 guest ok = Yes profile acls = Yes browseable = No csc policy = disable [public] path = /tmp read only = No guest ok = Yes On Tue, 2009-07-07 at 10:33 -0500, Adam Williams wrote: > sounds like your computer doesn't have a machine account. > > Mohsen Pahlevanzadeh wrote: > > Dear all, > > I ran PDC on smbpasswd auth. > > When i use following the command, i receive : > > // > > debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root > > Enter root's password: > > Creation of workstation account failed > > Unable to join domain MYLOVE. > > debian:/usr/local/etc/samba_3# > > /// > > > > > > my smb.conf is : > > > > > > > > > > [global] > > netbios name = mylove > > server string = Axjooon > > workgroup = mylove > > os level = 65 > > prefered master = yes > > domain master = yes > > local master = yes > > domain logons = yes > > ;misc options > > #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO > > RCVBUF=8192 > > time server = yes > > hide dot files = yes > > #client code page = 852 > > #character set = ISO8859-2 > > smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd > > > > security = user > > guest ok = no > > invalid users = bin sys ftp man mail > > admin users = @admin > > wins support = yes > > # passdb backend = ldapsam:"ldap://ldap1.company.com > > ldap://ldap2.company.com"; > > # passdb backend = ldapsam:ldap://127.0.0.1/ > > # ldap admin dn = cn=Manager,dc=mylove,dc=com > > #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com > ># ldap suffix = dc=mylove,dc=com > > #ldap group suffix = ou=Groups > > #ldap user suffix = ou=Users > > #ldap machine suffix = ou=Computers > > #ldap idmap suffix = ou=Idmap > > #add user script = /usr/sbin/smbldap-useradd -m "%u" > > #ldap delete dn = Yes > > #delete user script = /usr/sbin/smbldap-userdel "%u" > > # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" > ># add group script = /usr/sbin/smbldap-groupadd -p "%g" > > #delete group script = /usr/sbin/smbldap-groupdel "%g" > > # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > > "%g" > > # delete user from group script = /usr/sbin/smbldap-groupmod -x > > "%u" "%g" > > # se
Re: [Samba] login.bat has error?
sounds like your computer doesn't have a machine account. Mohsen Pahlevanzadeh wrote: Dear all, I ran PDC on smbpasswd auth. When i use following the command, i receive : // debian:/usr/local/etc/samba_3# ./bin/net rpc join mylove -U root Enter root's password: Creation of workstation account failed Unable to join domain MYLOVE. debian:/usr/local/etc/samba_3# /// my smb.conf is : [global] netbios name = mylove server string = Axjooon workgroup = mylove os level = 65 prefered master = yes domain master = yes local master = yes domain logons = yes ;misc options #socket options = TCP NODELAY IPTOS LOWDELAY SO SNDBUF=8192 SO RCVBUF=8192 time server = yes hide dot files = yes #client code page = 852 #character set = ISO8859-2 smb passwd file = /usr/local/etc/samba_3/lib/smbpasswd security = user guest ok = no invalid users = bin sys ftp man mail admin users = @admin wins support = yes # passdb backend = ldapsam:"ldap://ldap1.company.com ldap://ldap2.company.com"; # passdb backend = ldapsam:ldap://127.0.0.1/ # ldap admin dn = cn=Manager,dc=mylove,dc=com #ldap admin dn = cn=samba,ou=DSA,dc=company,dc=com # ldap suffix = dc=mylove,dc=com #ldap group suffix = ou=Groups #ldap user suffix = ou=Users #ldap machine suffix = ou=Computers #ldap idmap suffix = ou=Idmap #add user script = /usr/sbin/smbldap-useradd -m "%u" #ldap delete dn = Yes #delete user script = /usr/sbin/smbldap-userdel "%u" # add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" # add group script = /usr/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/sbin/smbldap-groupdel "%g" # add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" # delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" # set primary group script = /usr/sbin/smbldap-usermod -g '%g' '% u' #domain admin group = @admin #domain admin users = root #encrypt password = yes ;logging log level = 2 log file = /usr/local/etc/samba_3/var/log.%L max log size = 1 debug timestamp = yes syslog = 1 ;user roaming profiles path logon path = \\%N\profiles\%u ;general logon script logon script = logon.bat [netlogon] path = /home/samba/netlogon public = no writeable = no browseable = no valid users = r...@debian [profiles] path = /home/samba/profiles writeable = yes create mask = 0700 directory mask = 0700 browseable = no valid users = r...@debian // my login.bat is : /// @echo off rem by robowarp.deletet...@gmx.de leave to public as it is , dont think of asking me rem created for samba 3 login, the bat files were creted on the fly by genlogin.pl rem this script is only valid for win2000/NT/XP rem exec bat for logged in machine ( maybe software status or machine data ) echo %COMPUTERNAME% call %COMPUTERNAME%.bat rem exec bat for login user echo %USERNAME% call %USERNAME%.bat rem exec bat for different groups rem ifmember.exe must be in the netlogon share download it at microschrott ifmember Administrators if errorlevel 1 call Administrators.bat ifmember users if errorlevel 1 call users.bat // Please help me -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba