Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am having trouble getting this samba pdc up and running.
My setup is:
Red Hat Enterprise Linux 3
samba-3.0.0
opneldap-2.0.27
I cannot get my WinXP client to switch domains.
After trying to login as Administrator I get a message "Access is denied."
Trying root gets me "User name could not be found."
Here's what I've done:
1. Migrated user & group info from files to ldap with padl scripts.
2. Changed the authentication/info setting so pam and nss look to ldap.
3. Used smbtools from idealx.org to add samba user info.
From WinXP I can access shares on the Samba 3 PDC, but I just can't logon to the domain.
Here's the relevant parts of my smb.conf:
[global]
# Identification
workgroup = aecollab
server string = Samba Server %v
interfaces = eth0
hosts allow = 192.168.1. 127.
; name resolve order = wins lmhosts bcast
# PDC and Browsing
domain master = yes
local master = yes
preferred master = yes
domain logons = yes
os level = 99
remote browse sync = 192.168.1.255
remote announce = 192.168.1.255
wins support = yes
; wins server = 192.168.1.1
# Logging
log level = 10
log file = /var/log/samba/%m.log
max log size = 50 # in kilobytes
# Security
security = user
encrypt passwords = yes
; domain admin group = root brian # looks like this is depricated
AFAIK it is case sensitive so "people" is not the same as "People". Try making the P uppercase in smb.conf then restart samba and try joining the domain as root.
I don't think the case-sensitivity was the issue. I did change the case in smb.conf to match the LDAP directory. After restarting, the logs showed that the binds failed. So, then I had to issue smbpasswd -w again to update the secrets file. That is case sensitive apparently. After that it would bind again, but return to the same problem.
I looked around some more and found that the smbldap-useradd.pl script has a portion commented out in the ADD MACHINE section. The script assumes that the sambaSamAccount info will be added for the machine when it initially joins the domain.
So, uncommented that portion of the script to let the script add the samba info. Then I deleted the machine accounts under the ou=Machines branch. Then ran smbldap-useradd.pl to add the machine. No problems.
The WinXP box then joined the domain using the root user without fail.
Now my problem is that I cannot get the user's home directory to load correctly.
I removed all the stuff related to logon home/path/script/drive from the ldap directory to let smb.conf handle it. I added logon drive = H: to smb.conf.
The homes section:
[home]
valid users = %S
browseable = no
; no explicit path info
From /var/netlogon/logon.bat
NET USE H: /HOME /YES
Whenever I login in the command window executing the logon.bat script asks for a valid username and password. Nothing works - even to browse to it.
So, I tried...
valid users = %U
This works except that in My Network Places you can see everyone's home directory. You can't access them, but you can see them. I thought that you were only supposed to see your own directory - not everyone else's.
This is a minor issue, but I'd like to understand the difference between %U, %S, and %u. The smb.conf man file does not explain these very well.
I turned browseable = no in the global section and will explicitly turn it on in each section. I am also using %u and took out the NET USE H: /HOME section in the logon.bat file. It all seems to be doing what I want now.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.