OS: Mandrake 10.0 Official PowerPack
Samba version: 3.0.2a
OpenLDAP: 2.1.25
smb.conf:
# Global parameters
[global]
workgroup = WSLYHBB
netbios aliases = wslyhbb
server string = Wes' Computer
map to guest = Bad User
smb passwd file passdb backend = ldapsam:ldap://wslyhbb.personal-pc.com
passwd program = /etc/passwd
unix password sync = Yes
client plaintext auth = No
log file = /var/log/samba/log.%m
max log size = 50
server signing = auto
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
hostname lookups = Yes
load printers = No
printcap name = cups
add user script = /usr/share/samba/scripts/smbldap-useradd -m "%u"
delete user script = /usr/share/samba/scripts/smbldap-userdel "%u"
add group script = /usr/share/samba/scripts/smbldap-groupadd -p "%g"
delete group script = /usr/share/samba/scripts/smbldap-groupdel "%g"
add user to group script = /usr/share/samba/scripts/smbldap-groupmod -m
"%u" "%g"
delete user from group script /usr/share/samba/scripts/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/share/samba/scripts/smbldap-groupadd -p
"%g"
add machine script = /usr/share/samba/scripts/smbldap-useradd -w "%u"
preferred master = No
domain master = No
ldap suffix = dc=personal-pc,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap admin dn = cn=Manager,dc=personal-pc,dc=com
ldap ssl = no
ldap passwd sync = Yes
idmap uid = 500-20000
idmap gid = 500-20000
printer admin = @adm
guest ok = Yes
printing = cups
[homes]
comment = Home Directories
read only = No
browseable = No
[DOCUMENTS]
path = /home/whobbie
guest ok = No
LDAP entry:
# whobbie, People, personal-pc.com
dn: uid=whobbie,ou=People,dc=personal-pc,dc=com
uid: whobbie
cn: Wesley Hobbie
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: sambaSamAccount
shadowLastChange: 12469
shadowMin: -1
shadowMax: 99999
shadowWarning: -1
loginShell: /bin/bash
uidNumber: 500
gidNumber: 0
gecos: Wesley Hobbie
sambaSID: S-1-5-21-2641578063-170596405-1533976680-2000
homeDirectory: /home/whobbie
sambaPwdMustChange: 2147483647
sambaAcctFlags: [U ]
sambaPwdCanChange: 1088262622
sambaLMPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sambaPwdLastSet: 1088262622
userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Problem:
I try to connect to my "Documents" share from a Windows XP machine, it
displays the login box, I type WSLYHBB\whobbie and password and it says I
may not have permission. I know Samba is connecting to LDAP correctly
because I can change the password successfully, also the log file for the
connecting computer (log.dhobbie) says:
[2004/06/26 10:05:10, 1] smbd/service.c:make_connection_snum(705)
dhobbie (192.168.0.1) connect to service DOCUMENTS initially as user
whobbie (uid=500, gid=0) (pid 3957)
[2004/06/26 10:05:10, 1] smbd/service.c:close_cnum(887)
dhobbie (192.168.0.1) closed connection to service DOCUMENTS
Apparently it figures out what the UID of my user, so why is it closing the
connection right away instead of letting me access the folder? Why am I
unable to connect to my share?
It may be that winbind is not mapping the gid to sid correctly:
log.winbindd says:
[2004/06/26 10:05:10, 1] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(437)
Could not convert gid 501 to sid
[2004/06/26 10:05:10, 1] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(437)
Could not convert gid 502 to sid
However, I do not know why it is not and I do not know how to fix it.
