Samba + Ldap help needed
Need help. I have a Fedora Core 3 Server running. The server is up2date. I am able to join the domain with a windows XP computer. but i am not able to login. For the cinfiguration i pretty much followed www.idealx.org/prj/samba/smbldap-howto.en.html . I have created the user mastapuffy in ldap with smbladp-tools. I want to be able to use Windows Xp in the domain and will be addin a win98 and a suse server soon to the domain. What is my mistake? thx
at My Network places i am able to see the Samba server and when klickin gon it am able to access it with the Masta user and pw. There i then can access the shares. But as said i cant login to the domain then starting the windows client. [root@localhost ~]# ssh Masta@localhost Masta@localhost's password: [Masta@localhost ~]$ id uid=1016(Masta) gid=513(Domain Users) groups=513(Domain Users) Config Files. testparm of smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[doc]" Processing section "[netlogon]" Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions # Global parameters [global] dos charset = 850 unix charset = ISO8859-1 workgroup = HOME-NET netbios name = SERVER server string = Samba Server obey pam restrictions = Yes passdb backend = ldapsam:ldap://127.0.0.1/ log file = /var/log/samba/%m.log max log size = 50 server signing = auto socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 printcap name = /etc/printcap add user script = /usr/local/sbin/smbldap-useradd -m "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-groupadd -p "%g" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" domain logons = Yes preferred master = Yes domain master = Yes dns proxy = No ldap admin dn = cn=Manager,dc=MASTAPUFFY,dc=COM ldap delete dn = Yes ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=MASTAPUFFY,dc=COM ldap ssl = no ldap user suffix = ou=Users idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 cups options = raw [homes] comment = Home Directories valid users = %U read only = No create mask = 0664 directory mask = 0775 browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [doc] path = /usr/share/doc read only = No create mask = 0750 guest ok = Yes [netlogon] comment = The domain logon service path = /usr/local/samba/netlogon ldap.conf host 127.0.0.1 base dc=MASTAPUFFY,dc=COM rootbinddn cn=nssldap,ou=DSA,dc=MASTAPUFFY,dc=COM nss_base_passwd dc=MASTAPUFFY,dc=COM?sub nss_base_shadow dc=MASTAPUFFY,dc=COM?sub nss_base_group ou=Groups,dc=MASTAPUFFY,dc=COM?one ssl no pam_password md5 sldap.conf include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema allow bind_v2 pidfile /var/run/slapd.pid argsfile /var/run/slapd.args access to attrs=userPassword,sambaLMPassword,sambaNTPassword by self write by anonymous auth by * none access to * by * read database ldbm suffix "dc=MASTAPUFFY,dc=COM" rootdn "cn=Manager,dc=MASTAPUFFY,dc=com" rootpw mypassword directory /var/lib/ldap index objectClass,uidNumber,gidNumber eq index cn,sn,uid,displayName pres,sub,eq index memberUid,mail,givenname eq,subinitial index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq ldapsearch -x -b 'dc=MASTAPUFFY,dc=COM' 'objectclass=*' # Masta, Users, MASTAPUFFY.COM dn: uid=Masta,ou=Users,dc=MASTAPUFFY,dc=COM objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSamAccount cn: Benjamin Ott sn: Masta uid: Masta uidNumber: 1016 gidNumber: 513 homeDirectory: /home/Masta loginShell: /bin/bash gecos: Benjamin description: Benjamin sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 displayName: Benjamin Ott sambaSID: S-1-5-21-1180781469-1617491572-1676486207-3032 sambaPrimaryGroupSID: S-1-5-21-1180781469-1617491572-1676486207-513 sambaLogonScript: Masta.cmd sambaHomePath: \\Server\home\Masta sambaHomeDrive: H: sambaAcctFlags: [U] sambaPwdLastSet: 1102095030 sambaPwdMustChange: 1105983030 # mastapuffy$, Computers, MASTAPUFFY.COM dn: uid=mastapuffy$,ou=Computers,dc=MASTAPUFFY,dc=COM objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount cn: mastapuffy$ sn: mastapuffy$ uid: mastapuffy$ uidNumber: 1017 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer sambaSID: S-1-5-21-894537981-3666588187-2000060742-3034 sambaPrimaryGroupSID: S-1-5-21-894537981-3666588187-2000060742-2031 displayName: MASTAPUFFY$ sambaPwdCanChange: 1102095094 sambaPwdMustChange: 2147483647 sambaPwdLastSet: 1102095094 sambaAcctFlags: [W ] |
Hello Anyone?
|
Anyone know at which board someone would be willing to help me?
|
Hold on!
Give people time to look into it. This is voluntary and you have provided a fair bit of information to look through.
Try looking through other posts to see if this has been raised before. I also require help setting up authentication for Samba - I would like the users registered on my server as users to be used for the authentication - how can I achieve this? |
i had this problembefor but cant remember how i fixed it! i will have a look at my smb.conf on my server soon and see if ther is anything in there for you
|
HI
Did you figure this one out? I have the same trouble, can add machine accounts, log in from everything except XP, can browse from non-logged in XP. I have had this working before but cannot find the difference between configs. If it is any help I get these two messages from /var/log/samba/log.test and /var/log/samba/log.192.168.10.128, where test is the XP machine name and 192.168.10.128 is its IP address: log.test smbd/connection_yield.c:yield_connection(69) Yeilding connection to smbd/connection_yield.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. ****notice the double space between name and failed, maybe this is trying to delete a blank user log.192.168.10.128 libsmb/ntlmssp.c:ntlmssp_server_auth(615) Got user=[] domain=[] workstation=[TEST] len1=1 len2-0 Futher up in the logs there is a definate successful reply to the user logon however, once this is done there is this unknown attempt with no user and no domain. Hope we can sought this out, did you get the same messages in your logs? |
All times are GMT -5. The time now is 09:59 PM. |