Louis-David Mitterrand
2002-Oct-08 16:14 UTC
[Samba] new box can't join domain since switch to ldapsam
Hello,
Since changing to "passdb backend = ldapsam" on my debian unstable PDC
things work well, however a new winxp machine can't join the domain.
Here is the /var/log/samba/log.smbd output. It seems the sticking point
is about a missing user RID? (the new machine is sylla).
Thanks in advance for any hints as to what may be wrong, cheer,
2002/10/08 18:06:30, 0] passdb/pdb_ldap.c:init_ldap_from_sam(935)
NO user RID specified on account sylla$, cannot store!
[2002/10/08 18:06:30, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1661)
ldapsam_add_sam_account: init_ldap_from_sam failed!
[2002/10/08 18:06:30, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(2302)
could not add user/computer sylla$ to passdb. Check permissions?
[2002/10/08 18:06:30, 2] smbd/server.c:exit_server(533)
Closing connections
[2002/10/08 18:06:31, 2] smbd/reply.c:reply_special(81)
netbios connect: name1=ZENON name2=SYLLA
[2002/10/08 18:06:31, 2] smbd/reply.c:reply_special(95)
netbios connect: local=zenon remote=sylla
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_open_connection(267)
ldap_open_connection: connection opened
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_connect_system(419)
ldap_connect_system: succesful connection to the LDAP server
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(431)
ldapsam_search_one_user: searching
for:[(&(uid=root)(objectclass=sambaAccount)
)]
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:init_sam_from_ldap(677)
Entry found for user: root
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_open_connection(267)
ldap_open_connection: connection opened
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_connect_system(419)
ldap_connect_system: succesful connection to the LDAP server
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(431)
ldapsam_search_one_user: searching for:[rid=1000]
[2002/10/08 18:06:31, 2] passdb/pdb_ldap.c:init_sam_from_ldap(677)
Entry found for user: root
[2002/10/08 18:06:31, 2] auth/auth.c:check_ntlm_password(266)
check_password: authentication for user [root] -> [root] -> [root]
suceeded
[2002/10/08 18:06:32, 2] smbd/server.c:exit_server(533)
Closing connections
--
HIPPOLYTE: Je permets tout le reste ? mon libre courroux.
Sortez de l'esclavage o? vous ?tes r?duite.
(Ph?dre, J-B Racine, acte 5, sc?ne 1)
Andrew Bartlett
2002-Oct-09 13:50 UTC
[Samba] new box can't join domain since switch to ldapsam
Louis-David Mitterrand wrote:> > Hello, > > Since changing to "passdb backend = ldapsam" on my debian unstable PDC > things work well, however a new winxp machine can't join the domain. > > Here is the /var/log/samba/log.smbd output. It seems the sticking point > is about a missing user RID? (the new machine is sylla).Use either ldapsam_nua as the passdb backend, or use an add machine script to add a 'unix' account for the machine. getpwnam(machinename$) must function by the time the add to the domain is attempted, or if you use the _nua hack, it will try to do without - see the doco on this one. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net