Hello, I have some problems with my Samba3 on my Suse 8.2 Linux. I got the Samba binaries from ftp://ftp.gwdg.de/linux/suse/ftp.suse.com/people/gd/8.2-i386/samba3-3 .0alpha24cvs/. When i want to join my domain from a winxp client (registry patch already applied), i got the error access denied. Regards, A. Roth Related Samba files are below: /var/log/samba/log/smbd: ----------------- SNIP --------------------------- [2003/05/12 11:52:17, 2] passdb/pdb_ldap.c:init_group_from_ldap(2662) Entry found for group: 512 [2003/05/12 11:52:17, 2] auth/auth.c:check_ntlm_password(294) check_ntlm_password: authentication for user [Administrator] -> [Administrato r] -> [Administrator] suceeded [2003/05/12 11:52:18, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513) Returning domain sid for domain ARSOFT -> S-1-5-21-780478325-1810273558-396141 6456 [2003/05/12 11:52:18, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x00000211) [2003/05/12 11:52:18, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513) Returning domain sid for domain ARSOFT -> S-1-5-21-780478325-1810273558-396141 6456 [2003/05/12 11:52:18, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115 ) _samr_create_user: ACCESS DENIED (granted: 0x00000201; required: 0x00000010) [2003/05/12 11:52:18, 2] smbd/server.c:exit_server(558) Closing connections ----------------- END --------------------------- /etc/samba/smb.conf: [global] dos charset = ASCII display charset = UTF8 workgroup = ARSOFT server string = AR Soft Domain Server interfaces = 127.0.0.1, eth0 bind interfaces only = Yes update encrypted = Yes min passwd length = 4 passdb backend = ldapsam:ldap://localhost/ non unix account range = 5000-50000 algorithmic rid base = 100000 log level = 2 announce version = 5.0 time server = Yes unix extensions = Yes keepalive = 30 socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192 printcap name = cups add user script = ldapsmb -a -u delete user script = ldapsmb -d -u add group script = ldapsmb -a -g delete group script = ldapsmb -d -g add user to group script = ldapsmb -j -u delete user from group script = ldapsmb -j -u add machine script = ldapsmb -a -w shutdown script = ldapsmb --shutdown abort shutdown script = ldapsmb --abortshutdown logon script = \\%L\%U\scripts\logon.bat logon path = \\%L\%U\profile logon drive = U: logon home = \\%L\%U domain logons = Yes os level = 254 preferred master = Yes domain master = Yes kernel oplocks = No ldap suffix = dc=arsoft,dc=local ldap machine suffix = ou=Computers,dc=arsoft,dc=local ldap user suffix = ou=Users,dc=arsoft,dc=local ldap admin dn = cn=Administrator,dc=arsoft,dc=local ldap ssl = no ldap passwd sync = Yes ldap trust ids = Yes time offset = 60 winbind uid = 10000-20000 winbind gid = 10000-20000 template homedir = /home/%U template shell = /bin/bash admin users = @Domain, Admins printer admin = @Printer, Admins use sendfile = Yes printing = cups [netlogon] comment = Network Logon Service path = /export/netlogon directory mask = 0775 guest ok = Yes browseable = No [profiles] comment = Network Profiles path = /export/users/%U read only = No create mask = 0600 directory mask = 0700 browseable = No ----------------- SNIP --------------------------- LDAP Entries: dn: dc=arsoft,dc=local dc: arsoft description: AR Soft objectClass: top objectClass: domain dn: ou=Groups, dc=arsoft,dc=local ou: Groups objectClass: organizationalUnit dn: ou=Computers, dc=arsoft,dc=local ou: Computers objectClass: organizationalUnit dn: cn=Domain Admins,ou=Groups, dc=arsoft,dc=local ntGroupType: 2 gidNumber: 512 displayName: Domain Admins memberUid: Administrator ntSid: S-1-5-21-780478325-1810273558-3961416456-512 objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Admins dn: cn=Domain Users,ou=Groups, dc=arsoft,dc=local ntGroupType: 2 gidNumber: 513 displayName: Domain Users ntSid: S-1-5-21-780478325-1810273558-3961416456-513 objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Users dn: cn=Domain Guests,ou=Groups, dc=arsoft,dc=local ntGroupType: 2 gidNumber: 514 displayName: Domain Guests ntSid: S-1-5-21-780478325-1810273558-3961416456-514 objectClass: posixGroup objectClass: sambaGroupMapping cn: Domain Guests dn: cn=Administrators,ou=Groups, dc=arsoft,dc=local gidNumber: 544 description: Netbios Domain Members can fully administer the computer/domain (not implemented yet) objectClass: posixGroup cn: Administrators dn: cn=Users,ou=Groups, dc=arsoft,dc=local gidNumber: 545 description: Netbios Domain Ordinary users (not implemented yet) objectClass: posixGroup cn: Users dn: cn=Guests,ou=Groups, dc=arsoft,dc=local gidNumber: 546 memberUid: nobody description: Netbios Domain Users granted guest access to the computer/domain (not implemented yet) objectClass: posixGroup cn: Guests dn: cn=Power Users,ou=Groups, dc=arsoft,dc=local gidNumber: 547 description: Netbios Domain Members can share directories and printers (not i mplemented yet) objectClass: posixGroup cn: Power Users dn: cn=Account Operators,ou=Groups, dc=arsoft,dc=local gidNumber: 548 description: Netbios Domain Users to manipulate users accounts (not implement ed yet) objectClass: posixGroup cn: Account Operators dn: cn=Server Operators,ou=Groups, dc=arsoft,dc=local gidNumber: 549 description: Netbios Domain Server Operators (need smb.conf configuration) objectClass: posixGroup cn: Server Operators dn: cn=Print Operators,ou=Groups, dc=arsoft,dc=local gidNumber: 550 description: Netbios Domain Print Operators (need smb.conf configuration) objectClass: posixGroup cn: Print Operators dn: cn=Backup Operators,ou=Groups, dc=arsoft,dc=local gidNumber: 551 description: Netbios Domain Members can bypass file security to back up files (not implemented yet) objectClass: posixGroup cn: Backup Operators dn: cn=Replicator,ou=Groups, dc=arsoft,dc=local gidNumber: 552 description: Netbios Domain Supports file replication in a domain (not implem ented yet) objectClass: posixGroup cn: Replicator dn: cn=Domain Computers,ou=Groups, dc=arsoft,dc=local gidNumber: 553 description: Netbios Domain Computers accounts objectClass: posixGroup cn: Domain Computers dn: ou=Users, dc=arsoft,dc=local ou: Users objectClass: organizationalUnit dn: uid=Administrator,ou=Users, dc=arsoft,dc=local logonTime: 0 objectClass: inetOrgPerson objectClass: sambaAccount objectClass: posixAccount lmPassword: E701F9FAB541320CAAD3B435B51404EE primaryGroupID: 512 acctFlags: [U ] smbHome: \\DS\homes uid: Administrator uidNumber: 998 cn: Administrator ntSid: S-1-5-21-780478325-1810273558-3961416456-500 loginShell: /bin/false homeDrive: H: logoffTime: 2147483647 gidNumber: 512 kickoffTime: 2147483647 pwdLastSet: 1052727850 gecos: Netbios Domain Administrator homeDirectory: /export/users/ pwdCanChange: 1052727850 profilePath: \\DS\profiles\ sn: Administrator pwdMustChange: 1054542250 ntPassword: 55F79BF273802801CFC79712AAC292F3 dn: uid=nobody,ou=Users, dc=arsoft,dc=local logonTime: 0 objectClass: inetOrgPerson objectClass: sambaAccount objectClass: posixAccount lmPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX primaryGroupID: 514 acctFlags: [NU ] smbHome: \\DS\homes uid: nobody uidNumber: 999 cn: nobody ntSid: S-1-5-21-780478325-1810273558-3961416456-501 loginShell: /bin/false homeDrive: U: logoffTime: 2147483647 gidNumber: 514 kickoffTime: 2147483647 pwdLastSet: 0 homeDirectory: /dev/null pwdCanChange: 0 profilePath: \\DS\profiles\ sn: nobody pwdMustChange: 2147483647 ntPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX ----------------- END ---------------------------