> On Sat, 2003-05-24 at 18:08, Chris McKeever wrote:
> > are your other root related samba functions working correctly?
> > such as smbpasswd -a USERNAME?
>
> Yep,
> The ldap story is all ok, i can add and login any new user. The ldap
> directory is correctly populated for root afaik, there are the same
> password hashes in there as for my test machine and ldap pam works
>
> > just wondering if you did the smbpasswd -w PASSWORD
> > for the root account.
>
> Yes, rootdn password is stored in secrets.tdb
>
> > Shot in the dark here - since the root samba pasword is
> stored in a secrets
> > file, maybe there isnt one in the LDAP, and therefore your
> get your error.
> > Maybe run smbpasswd for the root (without the -w) so it
> populates the LDAP
> > directory.
>
> Password hashes are in place as a said before.
>
> > try a search using your ldap rootdn for the
> ntPassword,lmPassword of the
> > root user..
>
> No problem, as rootdn or as user root, I get all entries from
> user root.
> And as I said before normal users can login.
> Thanks for your suggestions, but I have a feeling it's got
> something to
> do with not being able to su root not because of the password but
> because of some permission or security setting but I can not
> figure out
> what.
> So I put the log level a bit higher. Now there seems to be a new check
> in username.c against a list root instead of list. Root is in
> that list
> and so samba makes me guest. When I login as administrator
> I am accepted just like in the 2.2.6 samba which checks against list,
> not list root. Has this got something to do with the root
> exploit fixed
> in 2.2.8a?
> Do I have to make some administrator able to have write priviliges in
> /var/lib/samba so it can add computers or am I completely wrong?
>
have me stumped (which is really easy), but to allow administrator to add
machines on my implementation, I used domain admin group in the smb.conf
> Thanks in advance,
>
> Regards
> Bas
>