Samba Ldap problem when joining Windows to the domain
Hi Expert,
Sorry for my bad English but I hope you can understand. I have Samba version 3.5.2 and OpenLDAP: slapd 2.3.43 which running for about 1 year as PDC, and it running smoothly until last week. When I want to join to the domain with Windows XP, after I key in Domain Administrator username and password to join to the domain, an error message has appeared as below: "Computer Name Changes The following error occurred attempting to join the domain 'ABC' The remote call procedure call failed." Then when I click OK, my machine doesn't join to my domain. But when I check at the LDAP tree using Jxplorer, I can see my Windows XP computer name has been registered under Computers account, but I notice at SambaAcctFlags, the value was set to [DW], not [W] as other computers account. I don't know how it was set to [DW], as I know D means Account was Disabled. I have try to change the value to [W] and rejoin back the computer but the same error will come out and the SambaAcctFlags will change back to [DW]. I hope somebody can help me or maybe has experienced the same problem before and have the solution to fix it. Below is my smb.conf for your reference. Thank you again. #======== Global Settings =================== [global] workgroup = ABC server string = ABC PRIMARY DOMAIN CONTROLER interfaces = lo eth0 domain master = yes domain logons = yes preferred master = yes os level = 255 wins support = yes wins proxy = no dns proxy = yes client ntlmv2 auth = yes lanman auth = yes ntlm auth = yes remote announce = 10.23.36.255 10.23.37.255 10.23.38.255 remote browse sync = 10.23.36.255 10.23.37.255 10.23.38.255 log level = 0 log file = /var/log/samba/samba.log max log size = 50 syslog = 0 passdb backend = ldapsam:ldap://127.0.0.1 ldap suffix = ou=OxObjects,dc=abc,dc=com ldap admin dn = cn=sambaadmin,ou=OxObjects,dc=abc,dc=com ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap passwd sync = yes add machine script = smbldap-useradd -W "%u" add user script = smbldap-useradd "%u" add group script = smbldap-groupadd "%g" delete user script = smbldap-userdel "%u" delete group script = smbldap-groupdel "%g" add user to group script = smbldap-groupmod -m "%u" "%g" delete user from group script = smbldap-groupmod -x "%u" "%g" set primary group script = smbldap-usermod -g "%g" "%u" admin users = root administrator @"Domain Admins" guest ok = no socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = default.bat logon drive = logon path = logon home = #name resolve order = wins lmhosts bcast #lm announce = yes #browse list = yes # printing printing = bsd printcap name = /dev/null #=================== Share Definitions ============ [homes] comment = Home Directories browseable = no writable = yes valid users = %S [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = yes read only = no create mask = 0664 directory mask = 0775 write list = @"domain admins" force group = "domain admins" [profiles] path = /home/samba/profiles read only = no create mask = 0600 directory mask = 0700 nt acl support = yes browseable = No guest ok = Yes profile acls = yes csc policy = disable force user = %U valid users = %U "Domain Admins" [regset] path = /home/samba/regset writeable = yes force user = root create mask = 0644 hide dot files = no sync always = yes [Public] path = /home/samba/smbshares/public comment = Public Shared Folder create mask = 0770 directory mask = 2770 force group = "Domain Admins" write list = @"Domain Admins" [Applications] path = /home/samba/smbshares/applications comment = Application Sources create mask = 0770 directory mask = 2770 force group = "Domain Admins" write list = @"Domain Admins" |
All times are GMT -5. The time now is 08:58 AM. |