Christopher Saul
2003-Sep-21 12:43 UTC
[Samba] Repost: 'We dont' find this rid' error - can't join a domain
I'm posting this again in the hope that someone can shed some light on the error - I've included logs and as much detail as I can! Chris -------- Original Message -------- I'm using Samba 2.2.8a on Red Hat 8. I was able to set up Samba running as a PDC and have my Windows 2000 client join the domain and authenticate users, map home drives, etc, without any problems. I've now set up Samba to work with LDAP. If I login to W2K locally I'm able to map drives, browse, etc from my ldap enable Samba server without any problems. The log on my LDAP Directory (Sun ONE Directory Server 5.1) shows authentications working fine. If I attach to Samba with smbclient from another Unix machine, I'm able to log in fine. When trying to get Windows 2000 to join the domain, I enter the root password when prompted, but then get an error back from Windows which says 'The specified user does not exist'. My Samba log has the following - [2003/09/18 14:13:10, 0] passdb/pdb_ldap.c:ldap_connect_system(316) ldap_connect_system: Binding to ldap server as "cn=Directory Manager" [2003/09/18 14:13:10, 0] passdb/pdb_ldap.c:pdb_getsampwrid(988) We don't find this rid [2012] count=0 Root's rid is 2006, uid and gid set to 0 as per various howtos I've found. According to my directory logs Samba is searching for rid 2012 and isn't finding it. [18/Sep/2003:14:09:43 +0400] conn=979 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [18/Sep/2003:14:09:43 +0400] conn=979 op=1 SRCH base="dc=iforce,dc=tech-access,dc=com" scope=2 filter="(rid=2012)" attrs="uid rid cn lmPassword ntPassword pwdLastSet logonTime logofftime kickoffTime pwdCanChange pwdMustChange acctFlags displayName smbHome homeDrive scriptPath profilePath description userWorkstations primaryGroupID domain" [18/Sep/2003:14:09:43 +0400] conn=979 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [18/Sep/2003:14:09:43 +0400] conn=979 op=2 UNBIND [18/Sep/2003:14:09:43 +0400] conn=979 op=2 fd=50 closed - U1 [18/Sep/2003:14:12:59 +0400] conn=980 fd=45 slot=45 connection from 192.168.2.4 to 192.168.2.55 [18/Sep/2003:14:12:59 +0400] conn=980 op=0 SRCH base="dc=iforce,dc=tech-access,dc=com" scope=2 filter="(uid=windoze$)" attrs=ALL [18/Sep/2003:14:12:59 +0400] conn=980 op=0 RESULT err=0 tag=101 nentries=1 etime=0 [18/Sep/2003:14:12:59 +0400] conn=980 op=1 UNBIND [18/Sep/2003:14:12:59 +0400] conn=980 op=1 fd=45 closed - U1 I've searched all over the web, but can't find an answer to this. I'm 90% of the way to getting Samba to work with Sun ONE Directory, but this is driving me mad! Thanks Chris -- Christopher Saul Systems Engineer Tech Access Direct line: +971 4 391 3122 Mob: +971 50 645 4254
Christopher Saul
2003-Sep-22 10:48 UTC
[Samba] Solved: 'We dont find this rid' error - can't join a domain
I was able to solve this by manually updating root's entry in my ldap directory to have the rid that Samba was looking for. I don't understand the process that was leading Samba to look for a specific RID - if anyone can shed light on what exactly happens I'd appreciate it. Christopher Saul wrote:> I'm posting this again in the hope that someone can shed some light on > the error - I've included logs and as much detail as I can! > > Chris > > -------- Original Message -------- > > > I'm using Samba 2.2.8a on Red Hat 8. > > I was able to set up Samba running as a PDC and have my Windows 2000 > client join the domain and authenticate users, map home drives, etc, > without any problems. > > I've now set up Samba to work with LDAP. If I login to W2K locally I'm > able to map drives, browse, etc from my ldap enable Samba server without > any problems. The log on my LDAP Directory (Sun ONE Directory Server > 5.1) shows authentications working fine. If I attach to Samba with > smbclient from another Unix machine, I'm able to log in fine. > > When trying to get Windows 2000 to join the domain, I enter the root > password when prompted, but then get an error back from Windows which > says 'The specified user does not exist'. > > My Samba log has the following - > > [2003/09/18 14:13:10, 0] passdb/pdb_ldap.c:ldap_connect_system(316) > ldap_connect_system: Binding to ldap server as "cn=Directory Manager" > [2003/09/18 14:13:10, 0] passdb/pdb_ldap.c:pdb_getsampwrid(988) > We don't find this rid [2012] count=0 > > Root's rid is 2006, uid and gid set to 0 as per various howtos I've found. > > According to my directory logs Samba is searching for rid 2012 and isn't > finding it. > > [18/Sep/2003:14:09:43 +0400] conn=979 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=directory manager" > [18/Sep/2003:14:09:43 +0400] conn=979 op=1 SRCH > base="dc=iforce,dc=tech-access,dc=com" scope=2 filter="(rid=2012)" > attrs="uid rid cn lmPassword ntPassword pwdLastSet logonTime logofftime > kickoffTime pwdCanChange pwdMustChange acctFlags displayName smbHome > homeDrive scriptPath profilePath description userWorkstations > primaryGroupID domain" > [18/Sep/2003:14:09:43 +0400] conn=979 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [18/Sep/2003:14:09:43 +0400] conn=979 op=2 UNBIND > [18/Sep/2003:14:09:43 +0400] conn=979 op=2 fd=50 closed - U1 > [18/Sep/2003:14:12:59 +0400] conn=980 fd=45 slot=45 connection from > 192.168.2.4 to 192.168.2.55 > [18/Sep/2003:14:12:59 +0400] conn=980 op=0 SRCH > base="dc=iforce,dc=tech-access,dc=com" scope=2 filter="(uid=windoze$)" > attrs=ALL > [18/Sep/2003:14:12:59 +0400] conn=980 op=0 RESULT err=0 tag=101 > nentries=1 etime=0 > [18/Sep/2003:14:12:59 +0400] conn=980 op=1 UNBIND > [18/Sep/2003:14:12:59 +0400] conn=980 op=1 fd=45 closed - U1 > > I've searched all over the web, but can't find an answer to this. I'm > 90% of the way to getting Samba to work with Sun ONE Directory, but this > is driving me mad! > > Thanks > > Chris > > > >-- Christopher Saul Systems Engineer Tech Access Direct line: +971 4 391 3122 Mob: +971 50 645 4254