Hello I've installed Fedora Core 3 (Test 3, kernel 2.6.8x), with Samba 3.0.8 and OpenLDAP 2.2.13 . I've smb.conf, slapd.conf, ldap.conf, /etc/pam.d/system-auth, nsswith.conf almost same as described on Idealx site. I've very strange thing. If I add user ( for this operation I use smbldap-tools), I can log on by this user at my unix host (for example by ssh), I can logon by this user to Samba Domain at Win9x workstation, I can see this user using 'getent passwd' command, I can see this user in Samba database using "pdbedit -Lv" command, but I can't logon by same user at every Win2k/XP workstations ( before I added those workstations to Samba domain successfully). By investigating I understand if I manually add this user in /etc/passwd ( I do it using vipw ) without setting password for user, then I can log on this user at WIn2k/XP. But why ? If I get positive reaction on ssh login ( this user can do it), and I see user by 'getent passwd', so Unix user account operate. (if I understand pam_ldap works right). If I see Samba user account 'pdbedit -Lv' command, and I can logon by user at Win9x ( I can see share NETLOGON on PDC from Win9x), so Samba account operate. Thank you for advance for any reaction. Regards, Nikolay Segreyev
Nikolay Sergeyev
2005-May-23 16:20 UTC
[Samba] Problem with PDC OpenLDAP logon at Win2K/XP
Hello I've installed Fedora Core 3 (Test 3, kernel 2.6.8x), with Samba 3.0.8 and OpenLDAP 2.2.13 . I've smb.conf, slapd.conf, ldap.conf, /etc/pam.d/system-auth, nsswith.conf almost same as described on Idealx site. I've very strange thing. If I add user ( for this operation I use smbldap-tools), I can log on by this user at my unix host (for example by ssh), I can logon by this user to Samba Domain at Win9x workstation, I can see this user using 'getent passwd' command, I can see this user in Samba database using "pdbedit -Lv" command, but I can't logon by same user at every Win2k/XP workstations ( before I added those workstations to Samba domain successfully). By investigating I understand if I manually add this user in /etc/passwd ( I do it using vipw ) without setting password for user, then I can log on this user at WIn2k/XP. But why ? If I get positive reaction on ssh login ( this user can do it), and I see user by 'getent passwd', so Unix user account operate. (if I understand pam_ldap works right). If I see Samba user account 'pdbedit -Lv' command, and I can logon by user at Win9x ( I can see share NETLOGON on PDC from Win9x), so Samba account operate. Thank you for advance for any reaction. Regards, Nikolay Segreyev
On Monday 23 May 2005 10:16, ??????? ??????? wrote:> Hello > > I've installed Fedora Core 3 (Test 3, kernel 2.6.8x), with Samba 3.0.8 and > OpenLDAP 2.2.13 . I've smb.conf, slapd.conf, ldap.conf, > /etc/pam.d/system-auth, nsswith.conf almost same as described on Idealx > site. I've very strange thing. If I add user ( for this operation I use > smbldap-tools), I can log on by this user at my unix host (for example by > ssh), I can logon by this user to Samba Domain at Win9x workstation, I can > see this user using 'getent passwd' command, I can see this user in Samba > database using "pdbedit -Lv" command, but I can't logon by same user at > every Win2k/XP workstations ( before I added those workstations to Samba > domain successfully). By investigating I understand if I manually add this > user in /etc/passwd ( I do it using vipw ) without setting password for > user, then I can log on this user at WIn2k/XP. > But why ?It is likely that your NSS_LDAP configuration is not working. Have you installed nss_ldap? - John T.> If I get positive reaction on ssh login ( this user can do it), and I see > user by 'getent passwd', so Unix user account operate. (if I understand > pam_ldap works right). > If I see Samba user account 'pdbedit -Lv' command, and I can logon by user > at Win9x ( I can see share NETLOGON on PDC from Win9x), so Samba account > operate. > > Thank you for advance for any reaction. > > Regards, > Nikolay Segreyev-- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production.