LQ Newbie
Registered: Nov 2008
Posts: 1
Rep:
|
Whay I can't join WinXP to Samba PDC LDAP domain?
I have problem with joining Windows XP Pro to the Samba domain.
smb.conf
---------
[global]
workgroup = SOEG.PL
netbios name = SOEG
interfaces = lo, eth0
bind interfaces only = Yes
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://127.0.0.1
passwd program = /usr/local/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
username map = /etc/samba/smbusers
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 5
log file = /var/log/samba/%m.log
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/local/sbin/smbldap-useradd -m %u
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p %g
delete group script = /usr/local/sbin/smbldap-groupdel %g
add user to group script = /usr/local/sbin/smbldap-groupmod -m %g %u
delete user from group script = /usr/local/sbin/smbldap-groupmod -x %g %u
set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u
add machine script = /usr/local/sbin/smbldap-useradd -w -i %u
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 255
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=manager,dc=soeg,dc=pl
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=soeg,dc=pl
ldap ssl = no
ldap user suffix = ou=Users
idmap uid = 10000-20000
idmap gid = 10000-20000
create mask = 0640
directory mask = 0750
nt acl support = No
cups options = raw
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
[homes]
comment = Home Directories
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No
[profiles]
comment = Network Profiles Service
path = /home/samba/profiles
valid users = %U, "Domain Admins"
force user = %U
read only = No
create mask = 0600
directory mask = 0700
guest ok = Yes
profile acls = Yes
store dos attributes = Yes
browseable = No
[netlogon]
comment = NetLogon Scripts
path = /home/samba/netlogon
inherit acls = Yes
browseable = No
[public]
comment = Public
path = /home/public
read only = No
inherit acls = Yes
[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes
----end smb.conf----
I sucessfull populate ldap by script smbldap-populate.
/usr/local/sbin/smbldap-populate -u 10000 -g 15000
Populating LDAP directory for domain SOEG.PL (S-1-5-21-4082334872-2015609457-1420611726)
(using builtin directory structure)
entry dc=soeg,dc=pl already exist.
adding new entry: ou=Users,dc=soeg,dc=pl
adding new entry: ou=Groups,dc=soeg,dc=pl
adding new entry: ou=Computers,dc=soeg,dc=pl
adding new entry: ou=Idmap,dc=soeg,dc=pl
adding new entry: uid=Administrator,ou=Users,dc=soeg,dc=pl
adding new entry: uid=nobody,ou=Users,dc=soeg,dc=pl
adding new entry: cn=Domain Admins,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Users,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Guests,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Computers,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Administrators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Account Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Print Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Backup Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Replicators,ou=Groups,dc=soeg,dc=pl
adding new entry: sambaDomainName=SOEG.PL,dc=soeg,dc=pl
Please provide a password for the domain Administrator:
******
----------
DNS and dig. fileserver0.soeg.pl is my dns server.
dig @fileserver0.soeg.pl -t any _ldap._tcp.dc._msdcs.soeg.pl
; <<>> DiG 9.4.2-P1 <<>> @fileserver0.soeg.pl -t any _ldap._tcp.dc._msdcs.soeg.pl
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28950
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;_ldap._tcp.dc._msdcs.soeg.pl. IN ANY
;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.soeg.pl. 600 IN SRV 0 100 389 fileserver0.soeg.pl.
;; AUTHORITY SECTION:
soeg.pl. 172800 IN NS fileserver0.soeg.pl.
;; ADDITIONAL SECTION:
fileserver0.soeg.pl. 172800 IN A 172.21.8.171
;; Query time: 0 msec
;; SERVER: 172.21.8.171#53(172.21.8.171)
;; WHEN: Thu Nov 6 09:48:00 2008
;; MSG SIZE rcvd: 115
ping fileserver0.soeg.pl
< 1ms. ok.
----------
Here is the errors when I try to join domain.
"Domain not exists or can not be contacted."
----
There aren't any error in smbd.log or nmb.log soeg.pl.log localmessage.log etc.
OS OpenSuSe 11
-----------
Where is the bug?
|