PHELPS, SCOTT
2003-Jul-12 01:19 UTC
[Samba] Samba-2.2.8a & LDAP - Can't join Domain - SID mapping error
Hi everyone, I am at my wits end and am hoping one of you can help me out. I am getting the following error when attempting to join Windows XP/2000 machine to the domain: "The following error occurred attempting to join the domain "MY_DOMAIN" No mapping between account names and security IDs was done. Running Gentoo Linux Samba 2.2.8a OpenLDAP 2.0.27 I performed the following registry hacks: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon\Parameters] "requirestrongkey"=dword:00000000"requiresignorseal"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Netlogon\Parameters] "requirestrongkey"=dword:00000000"requiresignorseal"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] "requirestrongkey"=dword:00000000"requiresignorseal"=dword:00000000 I am attempting to join the domain as root. root was added via smbpasswd -a root domain admin group = root Was placed in my smb.conf I set up a fake root user this way in LDAP: dn: uid=root,ou=People,dc=virginiabeach,dc=net objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount objectClass: sambaAccount uidNumber: 0 gidNumber: 0 homeDirectory: /home/root loginShell: /bin/bash gecos: root shadowLastChange: 0 shadowMax: 0 shadowWarning: 0 userPassword: {SSHA}GN3hrCs7c8Kgd93df23838hHH uid: root pwdLastSet: 1057974221 logonTime: 0 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 2147483647 pwdMustChange: 2147483647 displayName: root cn: root smbHome: \\MY_PDC\homes homeDrive: Z: scriptPath: logon.cmd profilePath: \\MT-PDC\profiles\root rid: 1000 primaryGroupID: 1001 lmPassword: 639C041927C79D99AAEJKHRJFHKRJKL ntPassword: 6E1766AB79DDFHGJDHFJJHBJFHBJRHR acctFlags: [UX ] The machine name is also in LDAP like this: dn: uid=MYMACHINE$,ou=Machine,dc=virginiabeach,dc=net objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount objectClass: sambaAccount uid: MYMACHINE$ uidNumber: 11014 gidNumber: 11014 homeDirectory: /dev/null loginShell: /bin/false gecos: rid96itlaptop windows machine,,, userPassword: {crypt}x shadowLastChange: 0 shadowMax: 0 shadowWarning: 0 pwdLastSet: 0 logonTime: 0 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 2147483647 pwdMustChange: 2147483647 displayName: MYMACHINE$ acctFlags: [W] rid: 23028 primaryGroupID: 23029 homeDrive: U: smbHome: profilePath: scriptPath: logon.cmd lmPassword: xxx ntPassword: xxx cn: MYMACHINE$ Everything else works, and I am able to log into Linux and a Samba share using a test user authenticating strictly via LDAP. Any help is greatly appreciated. Otherwise I will have no hair left! Thanks, -- Scott Phelps