LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Whay I can't join WinXP to Samba PDC LDAP domain? (http://www.linuxquestions.org/questions/linux-server-73/whay-i-cant-join-winxp-to-samba-pdc-ldap-domain-681462/)

meksyk13 11-06-2008 03:11 AM

Whay I can't join WinXP to Samba PDC LDAP domain?
 
I have problem with joining Windows XP Pro to the Samba domain.


smb.conf
---------
[global]
workgroup = SOEG.PL
netbios name = SOEG
interfaces = lo, eth0
bind interfaces only = Yes
map to guest = Bad User
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://127.0.0.1
passwd program = /usr/local/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
username map = /etc/samba/smbusers
unix password sync = Yes
client NTLMv2 auth = Yes
log level = 5
log file = /var/log/samba/%m.log
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
add user script = /usr/local/sbin/smbldap-useradd -m %u
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p %g
delete group script = /usr/local/sbin/smbldap-groupdel %g
add user to group script = /usr/local/sbin/smbldap-groupmod -m %g %u
delete user from group script = /usr/local/sbin/smbldap-groupmod -x %g %u
set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u
add machine script = /usr/local/sbin/smbldap-useradd -w -i %u
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 255
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=manager,dc=soeg,dc=pl
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Users
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=soeg,dc=pl
ldap ssl = no
ldap user suffix = ou=Users
idmap uid = 10000-20000
idmap gid = 10000-20000
create mask = 0640
directory mask = 0750
nt acl support = No
cups options = raw
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd

[homes]
comment = Home Directories
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No

[profiles]
comment = Network Profiles Service
path = /home/samba/profiles
valid users = %U, "Domain Admins"
force user = %U
read only = No
create mask = 0600
directory mask = 0700
guest ok = Yes
profile acls = Yes
store dos attributes = Yes
browseable = No

[netlogon]
comment = NetLogon Scripts
path = /home/samba/netlogon
inherit acls = Yes
browseable = No

[public]
comment = Public
path = /home/public
read only = No
inherit acls = Yes

[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes

----end smb.conf----
I sucessfull populate ldap by script smbldap-populate.
/usr/local/sbin/smbldap-populate -u 10000 -g 15000
Populating LDAP directory for domain SOEG.PL (S-1-5-21-4082334872-2015609457-1420611726)
(using builtin directory structure)

entry dc=soeg,dc=pl already exist.
adding new entry: ou=Users,dc=soeg,dc=pl
adding new entry: ou=Groups,dc=soeg,dc=pl
adding new entry: ou=Computers,dc=soeg,dc=pl
adding new entry: ou=Idmap,dc=soeg,dc=pl
adding new entry: uid=Administrator,ou=Users,dc=soeg,dc=pl
adding new entry: uid=nobody,ou=Users,dc=soeg,dc=pl
adding new entry: cn=Domain Admins,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Users,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Guests,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Domain Computers,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Administrators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Account Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Print Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Backup Operators,ou=Groups,dc=soeg,dc=pl
adding new entry: cn=Replicators,ou=Groups,dc=soeg,dc=pl
adding new entry: sambaDomainName=SOEG.PL,dc=soeg,dc=pl

Please provide a password for the domain Administrator:
******
----------

DNS and dig. fileserver0.soeg.pl is my dns server.

dig @fileserver0.soeg.pl -t any _ldap._tcp.dc._msdcs.soeg.pl

; <<>> DiG 9.4.2-P1 <<>> @fileserver0.soeg.pl -t any _ldap._tcp.dc._msdcs.soeg.pl
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28950
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;_ldap._tcp.dc._msdcs.soeg.pl. IN ANY

;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.soeg.pl. 600 IN SRV 0 100 389 fileserver0.soeg.pl.

;; AUTHORITY SECTION:
soeg.pl. 172800 IN NS fileserver0.soeg.pl.

;; ADDITIONAL SECTION:
fileserver0.soeg.pl. 172800 IN A 172.21.8.171

;; Query time: 0 msec
;; SERVER: 172.21.8.171#53(172.21.8.171)
;; WHEN: Thu Nov 6 09:48:00 2008
;; MSG SIZE rcvd: 115

ping fileserver0.soeg.pl
< 1ms. ok.
----------
Here is the errors when I try to join domain.
"Domain not exists or can not be contacted."

----
There aren't any error in smbd.log or nmb.log soeg.pl.log localmessage.log etc.
OS OpenSuSe 11
-----------
Where is the bug?


All times are GMT -5. The time now is 11:36 PM.