LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   LDAP 2.1.23 - Samba 3.0.0 - trust account problems (https://www.linuxquestions.org/questions/linux-software-2/ldap-2-1-23-samba-3-0-0-trust-account-problems-116292/)

klnasveschuk 11-15-2003 08:04 AM
LDAP 2.1.23 - Samba 3.0.0 - trust account problems
 
Hello,
I've posted this many time on the samba list server and openldap list server but I still am unable to fix this problem, so I look for clues.

PROBLEM:
I am not able joind a Windows 2000 computer to a Samba domain. I get an error message logon failure: unknown username or bad password.

WHAT DOES WORK:
Can logon to domain from a Windows 95/98 and get mapped drive to home directory, netlogon on share.

After logging into local machine on Windows 2000 computer, I can browse the network, find the domain controller where it prompts me for a username and password. It accept the password and allows me to get to the shares that are allowed for my account.

I can also change passwords.

WHAT THIS IMPLIES:
This implies that samba is communicating correctlly with the backend db. It also implies that samba is using the LDAP admin account for access to the LDAP directory correctly.

The error messages I get appears to be the result of samba mapping to the root account or the password for the root account..

The root account I use in LDAP is Administrator

# Administrator, Users, tow,net
# Administrator, Users, tow.net
dn: uid=Administrator,ou=Users,dc=tow,dc=net
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
gidNumber: 0
uid: Administrator
uidNumber: 0
sambaPwdLastSet: 1068814077
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 1068814077
sambaPwdMustChange: 2147483647
sambaHomePath: \\whs1\Administrator
sambaHomeDrive: H:
sambaProfilePath: \\whs1\profiles\
sambaLMPassword: E3B4E05BE6A182C9E13B8E8F6853DCAC
sambaNTPassword: F4858C7E53BB628AE91E00E9DB6CD467
sambaAcctFlags: [U ]
sambaSID: S-1-5-21-1129281578-1295143107-3311307472-1000
loginShell: /bin/bash
gecos: Netbios Domain Administrator
sambaPrimaryGroupSID: S-1-5-21-1129281578-1295143107-3311307472-1001
userPassword:: e1NNRDV9ZGpiNFo3ODQ3VFlKYWJYZEM5ZGRtSkFpMklzPQ==
homeDirectory: /root


Does anyone out ther have any clues as to why I would have a problem connecting this account?


Kent N

chilinski 11-20-2003 09:47 PM
There was a posting on the Samba lists that said you must, Must, MUST have a samba account named root. That poster said to do:
smbpasswd -a root
and put in a password different from root's Linux password. During the procedure to join the domain you are asked for a user who has the rights to join the domain. Enter root as the user and the password you set up.

There was also a step-by-step on how to do LDAP. Here, too, you needed to have a samba user called root with a UID of 0 and a rid of 1000. This was done with a: smbldap-useradd.pl -a -P root. Then use GQ to change the rid and UID.


All times are GMT -5. The time now is 08:03 AM.