Hi, I have multiple Samba servers working very well using the tdbsam backend. The number of servers is becoming harder to manage now so I began testing an LDAP-based Samba server. Everything works great except when a workstation tries to login to the domain... All users are able to login just fine when accessing network shares. Workstation are able to join the domain. But upon reboot, they're not able to login to the domain. Here's what I'm using: CentOS 4 Samba 3.0.10 OpenLDAP 2.2.13 smbldap-tools-0.9.4 Windows XP Pro The error message I get on the client is: "Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found." This happens on every computer. My server logs are filled with these messages: "[2008/04/01 13:48:22, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected" I've been trying to find a solution to this for (literally) months. I really, really, really need to get this working--I currently have four office that need to be connected under the same Samba domain, the all already have Samba servers installed but under different domains. And we're gearing up for another growth spurt in the next six to twelve months that will add to this number, which makes it even that more important. Any advice or pointers for resolving this will be very much appreciated! ~Tom
On Thu, Apr 3, 2008 at 8:28 PM, Tom Smith <aliase573201@mac.com> wrote:> Hi, > > I have multiple Samba servers working very well using the tdbsam backend. > The number of servers is becoming harder to manage now so I began testing an > LDAP-based Samba server. Everything works great except when a workstation > tries to login to the domain... > > All users are able to login just fine when accessing network shares. > Workstation are able to join the domain. But upon reboot, they're not able > to login to the domain. > > Here's what I'm using: > > CentOS 4 > Samba 3.0.10 > OpenLDAP 2.2.13 > smbldap-tools-0.9.4 > Windows XP Pro > > The error message I get on the client is: "Windows cannot connect to the > domain either because the domain controller is down or otherwise unavailable > or because your computer account was not found." This happens on every > computer. > > My server logs are filled with these messages: "[2008/04/01 13:48:22, 0] > lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport > endpoint is not connected" > > I've been trying to find a solution to this for (literally) months. I > really, really, really need to get this working--I currently have four > office that need to be connected under the same Samba domain, the all > already have Samba servers installed but under different domains. And we're > gearing up for another growth spurt in the next six to twelve months that > will add to this number, which makes it even that more important. > > Any advice or pointers for resolving this will be very much appreciated! >Can you please update your samba? That version is > 3 years old. The current samba is 3.0.28a. John
On Thu, 2008-04-03 at 17:28 -0700, Tom Smith wrote:> Hi, > > I have multiple Samba servers working very well using the tdbsam > backend. The number of servers is becoming harder to manage now so I > began testing an LDAP-based Samba server. Everything works great > except when a workstation tries to login to the domain... > > All users are able to login just fine when accessing network shares. > Workstation are able to join the domain. But upon reboot, they're not > able to login to the domain. > > Here's what I'm using: > > CentOS 4 > Samba 3.0.10 > OpenLDAP 2.2.13 > smbldap-tools-0.9.4 > Windows XP ProYikes. All of this is *very* old. OpenLDAP has been in the 2.3.x family for years, and Samba 3.0.10 is years old. And RedHat's OpenLDAP packages are total crap (search the archives of *any* LDAP related list). You can get sensible OpenLDAP 2.3.x packages from <http://staff.telkomsa.net/packages/rhel5/openldap/i386/> for RHEL5/CentOS5 built by someone who knows what they are doing. Don't deploy a production LDAP server using RedHat's antique and lousy packages; if you do, and then need assistance, any post on any OpenLDAP list is going to be met with an immediate "upgrade your software" response.> The error message I get on the client is: "Windows cannot connect to > the domain either because the domain controller is down or otherwise > unavailable or because your computer account was not found." This > happens on every computer. > My server logs are filled with these messages: "[2008/04/01 13:48:22, > 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was > Transport endpoint is not connected"This error is spurious and probably completely unrelated to your problem. Try increasing your debug level to 10 so you can see what the real failure is -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org