I think "root" and/or the SID 1000/1001 is the problem.
Try to use the LDAP-User "administrator" with SambaSID = S-1-5-...-500
and
SambaPrimaryGroupSID = S-1-5-...-512.
Hubertus
-----Urspr?ngliche Nachricht-----
Von: tpham@viettre.net [mailto:tpham@viettre.net]
Gesendet: Montag, 23. Juni 2003 16:19
An: samba@lists.samba.org
Betreff: [Samba] LDAP + SAMBA...about to give up...
Hello, everyone.
I apologize if this question is already asked before, and I'm sure that
it did and I also found them in in the Archive, but none of them can
resolve my issue that I'm having. Anyway, I installed Samba beta1 from
RPM for Redhat 8.0 with LDAP newest version 2.1.21. I got my LDAP up and
running, also got SAMBA to talk to LDAP just fine. Created root (as
Admin) users, and some other several users. I also created the following
groups using net groupmap command, and this is the dump.
System Operators (S-1-5-32-549) -> domso
Replicators (S-1-5-32-552) -> domrep
Guests (S-1-5-32-546) -> domg
Power Users (S-1-5-32-547) -> dompu
Domain Users (S-1-5-21-783284980-1158383531-2750713796-513) -> domdu
Domain Admins (S-1-5-21-783284980-1158383531-2750713796-512) -> domadm
Domain Guests (S-1-5-21-783284980-1158383531-2750713796-514) -> domdg
Print Operators (S-1-5-32-550) -> dompo
Account Operators (S-1-5-32-548) -> domao
Backup Operators (S-1-5-32-551) -> dombo
Users (S-1-5-32-545) -> domu
---------------------------------------------------
Also this is the dump for pdbedit -L -v root:
--------------------------------------------------
Entry found for user: root
Unix username: root
NT username: root
Account Flags: [U ]
User SID: S-1-5-21-2422541079-1097910024-471466596-1000
Primary Group SID: S-1-5-21-2422541079-1097910024-471466596-1001
Full Name: root
Home Directory: \\mymasterserver\root
HomeDir Drive:
Logon Script: .bat
Profile Path: \\mymasterserver\Profiles\root
Domain: MYHOMEDOMAIN
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Mon, 18 Jan 2038 21:14:07 GMT
Kickoff time: Mon, 18 Jan 2038 21:14:07 GMT
Password last set: Sun, 22 Jun 2003 00:49:45 GMT
Password can change: Sun, 22 Jun 2003 00:49:45 GMT
Password must change: Sun, 13 Jul 2003 00:49:45 GMT
--------------------------------------------------------------
Ok, everything seems just fine, right. Now I went into my XPs and
disable the sigorseal and securechannel registry stuff. Then I tried to
join the DOMAIN and typed in root as username and password, then I got an
error saying "The specified user does not exist". I check the log
files
and it reported that authentication for root is successful. Now after
the error, I checked LDAP tree, and the XP computer name was also added
in there just fine. I am clueless/hopeless on what else to do next. I
tried everything I could to find any solution but no luck. Please help,
if you can provide any HOWTO or up-2-date tutorials on SAMBA+LDAP I would
really apreciate it. I tried the other HOWTO but the seem to be out
dated now.
Thanks for your help.
+++++++++++++++++++++++++++++++
And here's my smb.conf:
+++++++++++++++++++++++++++++++
[global]
# LDAP Stuff here
passdb backend = ldapsam
#passdb backend = ldapsam smbpasswd guest
ldap suffix = dc=mydomain,dc=net
ldap machine suffix = ou=Computers,o=smb
ldap user suffix = ou=Users,o=smb
ldap group suffix = ou=Groups,o=smb
ldap admin dn = "cn=Manager,dc=mydomain,dc=net"
ldap ssl = no
admin users = root @domadm
idmap uid = 10000-15000
idmap gid = 10000-15000
log level = 3
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MYHOMEDOMAIN
netbios name = MYMASTERSERVER
..and other basic/default stuff.
-------------------------------------------------
Need Web Email Account?
Email tpham@viettre.net
-------------------------------------------------
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
