Petri Asikainen
2003-Dec-19 06:07 UTC
[Samba] SMB 3.0.1/LDAP Cannot add computer to domain
I'm trying to setup samba with ldapsam (Novell eDir 8.7.1). Right now I can login to samba and browse my shares with user "Administrator", but when I'm trying to add computer to domain I get "unknown user name or bad password" error. I have administrator, root and nobody accounts in ldap. And I have manualy added following groupmappings to ldap-groups: Domain Users (S-1-5-21-1216271347-3991190149-1732390643-513) -> yklusers Domain Admins (S-1-5-21-1216271347-3991190149-1732390643-512) -> root System Operators (S-1-5-32-549) -> sysops Replicators (S-1-5-32-552) -> replicat Guests (S-1-5-32-546) -> guests Power Users (S-1-5-32-547) -> powerusr Print Operators (S-1-5-32-550) -> printop Administrators (S-1-5-32-544) -> admins Account Operators (S-1-5-32-548) -> accopp Backup Operators (S-1-5-32-551) -> bakoper Users (S-1-5-32-545) -> users What I should check next? Petri
Hi:
You must add machine account into ldap first,
run
pdbedit -L -d 0
find out if there exist you computer name with a $ suffix.
here is my working example ldif
use device and ipHost Class, you may use others as well. it just work for me.
dn: cn=statation.aaa.com,ou=Hosts,o=aaa
objectClass: top
objectClass: device
objectClass: sambaSamAccount
objectClass: ipHost
uid: statation$
uid: statation
ou: sysadmin
sambaSID: S-1-5-21-111111111-1111111111-1111111111-111111
sambaLMPassword: 842ED29E8B0AA719464905569BB447AE
sambaNTPassword: C759AE76899C698BCB247E29072CA82D
sambaPwdLastSet: 1071823632
sambaPwdCanChange: 1071823632
sambaPwdMustChange: 2147483647
sambaAcctFlags: [W ]
displayName: statation
sambaPrimaryGroupSID: S-1-5-21-104386597-1723736802-2492567804-2999
ipHostNumber: 192.168.100.101
manager: uid=usera,ou=People,o=aaa
owner: uid=usera,ou=People,o=aaa
cn: statation.aaa.com
cn: statation
Petri Asikainen
2003-Dec-19 21:09 UTC
[Samba] SMB 3.0.1/LDAP Cannot add computer to domain
Thanks, I particaly solved this. I have to create machine account by hand and then join domain. It would be be nice that machine account would be automaticly created, like it was before 3.0.x... Petri Bertrand Maugain wrote:>hi, >You could check if everything is okay with each user : pdbedit -L -v -u username > >Check if the path are fine or not... > > > >-----Message d'origine----- >De : Petri Asikainen [mailto:paca@sci.fi] >Envoy? : vendredi 19 d?cembre 2003 07:07 >? : samba >Objet : [Samba] SMB 3.0.1/LDAP Cannot add computer to domain > > > >I'm trying to setup samba with ldapsam (Novell eDir 8.7.1). Right now I >can login to samba and browse my shares with user "Administrator", but when >I'm trying to add computer to domain I get "unknown user name or bad >password" error. >I have administrator, root and nobody accounts in ldap. And I have >manualy added following groupmappings to ldap-groups: > >Domain Users (S-1-5-21-1216271347-3991190149-1732390643-513) -> yklusers >Domain Admins (S-1-5-21-1216271347-3991190149-1732390643-512) -> root >System Operators (S-1-5-32-549) -> sysops >Replicators (S-1-5-32-552) -> replicat >Guests (S-1-5-32-546) -> guests >Power Users (S-1-5-32-547) -> powerusr >Print Operators (S-1-5-32-550) -> printop >Administrators (S-1-5-32-544) -> admins >Account Operators (S-1-5-32-548) -> accopp >Backup Operators (S-1-5-32-551) -> bakoper >Users (S-1-5-32-545) -> users > >What I should check next? > >Petri > > > > > > > >