LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Samba + Ldap help needed (https://www.linuxquestions.org/questions/linux-software-2/samba-ldap-help-needed-262009/)

MastaPuffy 12-02-2004 11:45 PM
Samba + Ldap help needed
 
Need help. I have a Fedora Core 3 Server running. The server is up2date. I am able to join the domain with a windows XP computer. but i am not able to login. For the cinfiguration i pretty much followed www.idealx.org/prj/samba/smbldap-howto.en.html . I have created the user mastapuffy in ldap with smbladp-tools. I want to be able to use Windows Xp in the domain and will be addin a win98 and a suse server soon to the domain. What is my mistake? thx

at My Network places i am able to see the Samba server and when klickin gon it am able to access it with the Masta user and pw. There i then can access the shares. But as said i cant login to the domain then starting the windows client.


[root@localhost ~]# ssh Masta@localhost
Masta@localhost's password:
[Masta@localhost ~]$ id
uid=1016(Masta) gid=513(Domain Users) groups=513(Domain Users)

Config Files.

testparm of smb.conf
Processing section "[homes]"
Processing section "[printers]"
Processing section "[doc]"
Processing section "[netlogon]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

# Global parameters
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = HOME-NET
netbios name = SERVER
server string = Samba Server
obey pam restrictions = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
log file = /var/log/samba/%m.log
max log size = 50
server signing = auto
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
printcap name = /etc/printcap
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
domain logons = Yes
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=Manager,dc=MASTAPUFFY,dc=COM
ldap delete dn = Yes
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=MASTAPUFFY,dc=COM
ldap ssl = no
ldap user suffix = ou=Users
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
cups options = raw

[homes]
comment = Home Directories
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No

[doc]
path = /usr/share/doc
read only = No
create mask = 0750
guest ok = Yes

[netlogon]
comment = The domain logon service
path = /usr/local/samba/netlogon

ldap.conf

host 127.0.0.1
base dc=MASTAPUFFY,dc=COM
rootbinddn cn=nssldap,ou=DSA,dc=MASTAPUFFY,dc=COM
nss_base_passwd dc=MASTAPUFFY,dc=COM?sub
nss_base_shadow dc=MASTAPUFFY,dc=COM?sub
nss_base_group ou=Groups,dc=MASTAPUFFY,dc=COM?one
ssl no
pam_password md5


sldap.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by anonymous auth
by * none
access to *
by * read
database ldbm
suffix "dc=MASTAPUFFY,dc=COM"
rootdn "cn=Manager,dc=MASTAPUFFY,dc=com"
rootpw mypassword
directory /var/lib/ldap
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq

ldapsearch -x -b 'dc=MASTAPUFFY,dc=COM' 'objectclass=*'

# Masta, Users, MASTAPUFFY.COM
dn: uid=Masta,ou=Users,dc=MASTAPUFFY,dc=COM
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: Benjamin Ott
sn: Masta
uid: Masta
uidNumber: 1016
gidNumber: 513
homeDirectory: /home/Masta
loginShell: /bin/bash
gecos: Benjamin
description: Benjamin
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: Benjamin Ott
sambaSID: S-1-5-21-1180781469-1617491572-1676486207-3032
sambaPrimaryGroupSID: S-1-5-21-1180781469-1617491572-1676486207-513
sambaLogonScript: Masta.cmd
sambaHomePath: \\Server\home\Masta
sambaHomeDrive: H:
sambaAcctFlags: [U]
sambaPwdLastSet: 1102095030
sambaPwdMustChange: 1105983030

# mastapuffy$, Computers, MASTAPUFFY.COM
dn: uid=mastapuffy$,ou=Computers,dc=MASTAPUFFY,dc=COM
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
cn: mastapuffy$
sn: mastapuffy$
uid: mastapuffy$
uidNumber: 1017
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
sambaSID: S-1-5-21-894537981-3666588187-2000060742-3034
sambaPrimaryGroupSID: S-1-5-21-894537981-3666588187-2000060742-2031
displayName: MASTAPUFFY$
sambaPwdCanChange: 1102095094
sambaPwdMustChange: 2147483647
sambaPwdLastSet: 1102095094
sambaAcctFlags: [W ]

MastaPuffy 12-03-2004 12:41 PM
Hello Anyone?

MastaPuffy 12-04-2004 08:09 AM
Anyone know at which board someone would be willing to help me?

GenericProdigy 12-08-2004 09:06 AM
Hold on!
 
Give people time to look into it. This is voluntary and you have provided a fair bit of information to look through.

Try looking through other posts to see if this has been raised before.

I also require help setting up authentication for Samba - I would like the users registered on my server as users to be used for the authentication - how can I achieve this?

berrance 12-08-2004 09:24 AM
i had this problembefor but cant remember how i fixed it! i will have a look at my smb.conf on my server soon and see if ther is anything in there for you

Self 12-11-2004 02:30 AM
HI

Did you figure this one out? I have the same trouble, can add machine accounts, log in from everything except XP, can browse from non-logged in XP. I have had this working before but cannot find the difference between configs. If it is any help I get these two messages from /var/log/samba/log.test and /var/log/samba/log.192.168.10.128, where test is the XP machine name and 192.168.10.128 is its IP address:

log.test

smbd/connection_yield.c:yield_connection(69)
Yeilding connection to
smbd/connection_yield.c:yield_connection(76)
yield_connection: tdb_delete for name failed with error Record does not exist. ****notice the double space between name and failed, maybe this is trying to delete a blank user

log.192.168.10.128

libsmb/ntlmssp.c:ntlmssp_server_auth(615)
Got user=[] domain=[] workstation=[TEST] len1=1 len2-0

Futher up in the logs there is a definate successful reply to the user logon however, once this is done there is this unknown attempt with no user and no domain.

Hope we can sought this out, did you get the same messages in your logs?


All times are GMT -5. The time now is 09:59 PM.