Rolf A. Vaglid
2004-Dec-12 23:41 UTC
[Samba] Followed John's book, frustrating smbldap-problem
Hi all, Im having a hard time figuring whats wrong with my Samba-ldap setup. I hope somebody may point out the error. I've set it up according to John H. Terpstra's excellent "Samba 3 by example". This book is also availible from samba.org, and chapter I'm referencing is this: http://us1.samba.org/samba/docs/man/Samba-Guide/happy.html I followed the book character by character, and it seemed to work. I added two test-users, elev1 and elev2 by doing 'smbldap-useradd -m -a elev1; smbldap-passwd elev1; smbpasswd -a elev1'. Everything worked fine. I put elev1 in the 'Domain Admins' group to allow him to add computers to the domain. Worked fine. I tried adding more users, but now something is very wrong. I may have tampered a little, but I have no clue to what's wrong. If I try logging on an Windows 2000 machinge with one of the new users, the logs says nothings wrong, but i still cant log on. Strange "check_ntlm_password: authentication for user [mhervik] -> [mhervik] -> [mhervik] succeeded" If i do a "smbclient //FILSERVER/netlogon -Umhervik", still no error, everything seems to be just fine: tkelev:/tmp/smbldap # smbclient //FILSERVER/netlogon -Umhervik Password: Domain=[ELEV] OS=[Unix] Server=[Samba 3.0.7-5.2-SUSE] smb: \> As you see, authentication works fine, just not on the Win2000-clients. May this have something to do with machine trust accounts? To keep this email as short as possible, I've uploaded the needed log- and conf-files (log-level 4) to http://www.tysvernett.no/smbldap/, please give it a look and I'll buy you a beer if we meet :) Distribution: SuSE 9.2 Clients: Windows 2000
Rolf A. Vaglid wrote:> Hi all, Im having a hard time figuring whats wrong with my Samba-ldap > setup. I hope somebody may point out the error.Hi, Did you join the Win2k machine? from samba server did you able to get correct id for win2k machine (using "id w2kclint$")? whats the error message in W2k? -- --beast