On my server, I have root in LDAP, and am following the Samba3 by
example book, but I'm unable to get it to join the domain. I'm running
samba 3.0.25b.
[root@gomer samba]# net rpc join -U root%xxxxxxxx
Unable to find a suitable server
[root@gomer samba]# net rpc testjoin -S GOMER -U root%tical123
Join to 'ADMIN' is OK
[root@gomer samba]# net rpc testjoin -D DOMAIN -U root%tical123
Unable to find a suitable server
Join to domain 'ADMIN' is not valid
I google searched for the error, but didn't find a solution. Any ideas?
smb.conf:
[global]
unix charset = LOCALE
workgroup = ADMIN
netbios name = GOMER
server string = Samba Server %v on gomer
interfaces = eth0, lo
bind interfaces only = Yes
passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us
enable privileges = Yes
username map = /etc/samba/smbusers
log level = 5
syslog = 0
log file = /var/log/samba/%m
max log size = 50
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = no
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/sbin/smbldap-groupmod -g "%g"
"%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
idmap backend = ldap:ldap://gomer.mdah.state.ms.us
idmap uid = 10000 - 20000
idmap gid = 10000 - 20000
map acl inherit = Yes
printing = cups
printer admin = root, awilliam
[homes]
comment = Home Directories
valid users = %S
read only = no
browseable = No
[accounts]
comment = Accounting Files
path = /data/accounts
read only = No
[netlogon]
comment = network logon service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = root, awilliam
ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxx
-x
# extended LDIF
#
# LDAPv3
# base <uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> with
scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# root, People, gomer.mdah.state.ms.us
dn: uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us
uid: root
cn: root
sn: root
mail: root@mdah.state.ms.us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: xxxxxxxxxxxxxxxxxxx
shadowLastChange: 13704
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: root
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[root@gomer samba]# ps ax|grep winbind
6511 pts/1 S+ 0:00 grep winbind
29280 ? Ss 0:00 winbindd
29282 ? S 0:00 winbindd
29285 ? S 0:00 winbindd
29286 ? S 0:00 winbindd
[root@gomer samba]# cat /etc/nsswitch.conf |grep wins
hosts: files dns wins
On my server, I have root in LDAP, and am following the Samba3 by example book, but I'm unable to get it to join the domain. I'm running samba 3.0.25b. [root@gomer samba]# net rpc join -U root%xxxxxxxx Unable to find a suitable server [root@gomer samba]# net rpc testjoin -S GOMER -U root%xxxxxxx Join to 'ADMIN' is OK [root@gomer samba]# net rpc testjoin -D DOMAIN -U root%xxxxxxx Unable to find a suitable server Join to domain 'ADMIN' is not valid I google searched for the error, but didn't find a solution. Any ideas? smb.conf: [global] unix charset = LOCALE workgroup = ADMIN netbios name = GOMER server string = Samba Server %v on gomer interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us enable privileges = Yes username map = /etc/samba/smbusers log level = 5 syslog = 0 log file = /var/log/samba/%m max log size = 50 name resolve order = wins bcast hosts time server = Yes printcap name = CUPS show add printer wizard = no add user script = /usr/sbin/smbldap-useradd -a -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-groupmod -g "%g" "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" logon script = scripts\logon.bat logon path = \\%L\profiles\%U logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us idmap backend = ldap:ldap://gomer.mdah.state.ms.us idmap uid = 10000 - 20000 idmap gid = 10000 - 20000 map acl inherit = Yes printing = cups printer admin = root, awilliam [homes] comment = Home Directories valid users = %S read only = no browseable = No [accounts] comment = Accounting Files path = /data/accounts read only = No [netlogon] comment = network logon service path = /var/lib/samba/netlogon guest ok = Yes locking = No [profiles] comment = Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes [print$] comment = Printer Drivers path = /var/lib/samba/drivers browseable = yes guest ok = no read only = yes write list = root, awilliam ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b "uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxx -x # extended LDIF # # LDAPv3 # base <uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> with scope subtree # filter: (objectclass=*) # requesting: ALL # # root, People, gomer.mdah.state.ms.us dn: uid=root,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us uid: root cn: root sn: root mail: root@mdah.state.ms.us objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword:: xxxxxxxxxxxxxxxxxxx shadowLastChange: 13704 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: root # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@gomer samba]# ps ax|grep winbind 6511 pts/1 S+ 0:00 grep winbind 29280 ? Ss 0:00 winbindd 29282 ? S 0:00 winbindd 29285 ? S 0:00 winbindd 29286 ? S 0:00 winbindd [root@gomer samba]# cat /etc/nsswitch.conf |grep wins hosts: files dns wins
have you tried restarting both samba and winbind services ?? or as Roy from the "IT Crowd" says.. "Have you tried turning it off and on again?" :P Diego On Nov 7, 2007 5:11 PM, Adam Williams <awilliam@mdah.state.ms.us> wrote:> yeah, that works, but thats not what the Samba 3 by Example book has. > > [root@gomer etc]# net rpc join -S GOMER -U root > Password: > Joined domain ADMIN. > > But, winbind is still broken. > > [root@gomer etc]# wbinfo -g > Error looking up domain groups > [root@gomer etc]# wbinfo -u > Error looking up domain users > > any ideas on that? > > Diego Obetko wrote: > > I've been using > > # net rpc join -S (domain) -U root > > > > Diego > >
I think he did a "net rpc testjoin" command and got a "no suitable server" response. Diego Obetko wrote:> i'm sorry but he did join the machine in an earlier reply.. don't know > if it's the same machine or situation... > > [quote] > [root@gomer etc]# net rpc join -S GOMER -U root > Password: > Joined domain ADMIN. > [/quote] > > On Nov 7, 2007 7:04 PM, Ivan Ordonez <iordonez@nature.berkeley.edu > <mailto:iordonez@nature.berkeley.edu>> wrote: > > Make sure that the version of samba are all the same. Somehow, the > 3.0.26 version is not compatible with 3.0.24. If your PDC has an > earlier version to that machine you are trying to join, you will > not be > able to join it to the domain. > > Adam Williams wrote: > > I turned on log level = 10 and got some more data. > > > > [root@gomer samba]# net rpc join -S GOMER -U root > > [2007/11/07 15:52:27, 0] libsmb/clientgen.c:cli_receive_smb(112) > > Receiving SMB: Server stopped responding > > [2007/11/07 15:52:27, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) > > rpc_api_pipe: Remote machine GOMER pipe \NETLOGON fnum > 0x7751returned > > critical error. Error was Call timed out: server did not respond > after > > 10000 milliseconds > > Password: > > [2007/11/07 15:53:00, 0] libsmb/clientgen.c:cli_receive_smb(112) > > Receiving SMB: Server stopped responding > > [2007/11/07 15:53:00, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) > > rpc_api_pipe: Remote machine GOMER pipe \samr fnum 0x7775returned > > critical error. Error was Call timed out: server did not respond > after > > 10000 milliseconds > > Creation of workstation account failed > > Unable to join domain ADMIN. > > [root@gomer samba]# /etc/rc.d/init.d/smb restart && > > /etc/rc.d/init.d/winbind restart > > Shutting down SMB services: [ OK ] > > Starting SMB services: [ OK ] > > > > Shutting down Winbind services: [ OK ] > > Starting Winbind services: [ OK ] > > [root@gomer samba]# wbinfo -u > > Error looking up domain users > > > > > > Diego Obetko wrote: > >> but you used that sintax that didn't work again.. > >> > >> try this # net rpc join -S GOMER -U root > >> then > >> # /etc/rc.d/init.d/smb restart && /etc/rc.d/init.d/winbind restart > >> then > >> # wbinfo -u > >> > >> > > > >