Hi everyone!!
I'm having a bit of trouble join a Samba 3 PDC with LDAP authentication.
First some tips on what system I'm using:
- Debian Sarge
- Samba 3.0.14a-Debian
- OpenLDAP 2.2.24 : Protocol v.3
Well, Now I'll explain the problem and show you some log output.
When ever I try to join the domain I get the following error:
--begin---------------------
# net rpc join GICOMMNET
Creation of workstation account failed
Unable to join domain GICOMMNET.
--end---------------------
So, I check my logs to see what's wrong and I see this in the Samba log:
--begin---------------------
[2005/07/04 17:29:36, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244)
get_md4pw: Workstation DAVIDSZANTO$: no account in domain
Error: modifications require authentication
at /usr/share/perl5/smbldap_tools.pm line 1005, <DATA> line 283.
[2005/07/04 17:29:39, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324)
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
"davidszanto$"' gave 1
--end--------------------
So I check if everything alright with my smbldap-useradd command, and I try
creating the account manually using exactly the same command. Everything
works fine. The account is created and machine davidszanto$ is created.
So then I scratch my head a bit, and while I'm loosing most of my hair I try
something a bit easier. Let's see if I can recover the user list or the
group list. I use the "net user -I 192.168.xxx.xxx" and it works
fine. I
get the whole list and smae with groups. So, if everything looks fine,
where's the mistake?
I try joining again and this time I check the slapd log as well and I get the
biggest transaction log record in history!! :
--begin------------------
Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35
Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): checking for input
on id=35
Jul 4 17:38:49 localhost slapd[8515]: do_bind
Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
berica,dc=esp>
Jul 4 17:38:49 localhost slapd[8515]: do_bind: version=3
dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
Jul 4 17:38:49 localhost slapd[8515]: do_bind: v3 bind:
"cn=admin,dc=gicomm,dc=iberica,dc=esp" to
"cn=admin,dc=gicomm,dc=i
berica,dc=esp"
Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: conn=35 op=0 p=3
Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: msgid=1 tag=97
err=0
Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35
Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): checking for input
on id=35
Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:49 localhost slapd[8515]: do_search
Jul 4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal: <>
Jul 4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal: <>,
<>
Jul 4 17:38:49 localhost slapd[8515]: => send_search_entry: dn=""
Jul 4 17:38:49 localhost slapd[8515]: <= send_search_entry
Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: conn=35 op=1 p=3
Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: msgid=2 tag=101
err=0
Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got connid=35
Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): checking for input
on id=35
Jul 4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:50 localhost slapd[8515]: do_search
Jul 4 17:38:50 localhost slapd[8515]: >>> dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:50 localhost slapd[8515]: <<< dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:50 localhost slapd[8515]: => bdb_search
Jul 4 17:38:50 localhost slapd[8515]:
bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
Jul 4 17:38:50 localhost slapd[8515]: search_candidates:
base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
Jul 4 17:38:50 localhost slapd[8515]: =>
bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
Jul 4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:50 localhost slapd[8515]: => key_read
Jul 4 17:38:50 localhost slapd[8515]: <= bdb_index_read: failed (-30990)
Jul 4 17:38:50 localhost slapd[8515]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jul 4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates (uid)
Jul 4 17:38:50 localhost slapd[8515]: => key_read
Jul 4 17:38:50 localhost slapd[8515]: <= bdb_index_read: failed (-30990)
Jul 4 17:38:50 localhost slapd[8515]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jul 4 17:38:50 localhost slapd[8515]: bdb_search_candidates: id=0 first=1
last=0
Jul 4 17:38:50 localhost slapd[8515]: bdb_search: no candidates
Jul 4 17:38:50 localhost slapd[8515]: send_ldap_result: conn=35 op=2 p=3
Jul 4 17:38:50 localhost slapd[8515]: send_ldap_response: msgid=3 tag=101
err=0
Jul 4 17:38:50 localhost smbd[8612]: [2005/07/04 17:38:50, 0]
rpc_server/srv_netlog_nt.c:get_md4pw(244)
Jul 4 17:38:50 localhost smbd[8612]: get_md4pw: Workstation DAVIDSZANTO$:
no account in domain
Jul 4 17:38:50 localhost slapd[8515]: connection_get(10): got connid=35
Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): checking for input
on id=35
Jul 4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10 failed errno=0
(Success)
Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): input error=-2
id=35, closing.
Jul 4 17:38:50 localhost slapd[8515]: connection_closing: readying conn=35
sd=10 for close
Jul 4 17:38:50 localhost slapd[8515]: connection_close: conn=35 sd=10
Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got connid=36
Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): checking for input
on id=36
Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:51 localhost slapd[8515]: do_bind
Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
berica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: do_bind: version=3
dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
Jul 4 17:38:51 localhost slapd[8515]: do_bind: v3 bind:
"cn=admin,dc=gicomm,dc=iberica,dc=esp" to
"cn=admin,dc=gicomm,dc=i
berica,dc=esp"
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: conn=36 op=0 p=3
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: msgid=1 tag=97
err=0
Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got connid=36
Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): checking for input
on id=36
Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:51 localhost slapd[8515]: do_search
Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: <>
Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: <>,
<>
Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry: dn=""
Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: conn=36 op=1 p=3
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: msgid=2 tag=101
err=0
Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got connid=36
Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): checking for input
on id=36
Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:51 localhost slapd[8515]: do_search
Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: => bdb_search
Jul 4 17:38:51 localhost slapd[8515]:
bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
Jul 4 17:38:51 localhost slapd[8515]: search_candidates:
base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
Jul 4 17:38:51 localhost slapd[8515]: =>
bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read: failed (-30990)
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=1,
first=243, last=243
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=97,
first=144, last=256
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=97,
first=144, last=256
Jul 4 17:38:51 localhost slapd[8515]: bdb_search_candidates: id=1 first=243
last=243
Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry:
dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp"
Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: conn=36 op=2 p=3
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: msgid=3 tag=101
err=0
Jul 4 17:38:51 localhost smbd[8613]: nss_ldap: reconnecting to LDAP server...
Jul 4 17:38:51 localhost slapd[8515]: connection_get(14): got connid=37
Jul 4 17:38:51 localhost slapd[8515]: connection_read(14): checking for input
on id=37
Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:51 localhost slapd[8515]: do_bind
Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
<cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i
berica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: do_bind: version=3
dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128
Jul 4 17:38:51 localhost slapd[8515]: do_bind: v3 bind:
"cn=admin,dc=gicomm,dc=iberica,dc=esp" to
"cn=admin,dc=gicomm,dc=i
berica,dc=esp"
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: conn=37 op=0 p=3
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: msgid=1 tag=97
err=0
Jul 4 17:38:51 localhost slapd[8515]: connection_get(14): got connid=37
Jul 4 17:38:51 localhost slapd[8515]: connection_read(14): checking for input
on id=37
Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14 failed errno=11
(Resource temporarily unavailable)
Jul 4 17:38:51 localhost slapd[8515]: do_search
Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal:
<dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp>
Jul 4 17:38:51 localhost slapd[8515]: => bdb_search
Jul 4 17:38:51 localhost slapd[8515]:
bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp")
Jul 4 17:38:51 localhost slapd[8515]: search_candidates:
base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2
Jul 4 17:38:51 localhost slapd[8515]: =>
bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" )
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read: failed (-30990)
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=0,
first=0, last=0
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates
(objectClass)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=97,
first=144, last=256
Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid)
Jul 4 17:38:51 localhost slapd[8515]: => key_read
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates
Jul 4 17:38:51 localhost slapd[8515]: <= bdb_equality_candidates: id=1,
first=243, last=243
Jul 4 17:38:51 localhost slapd[8515]: bdb_search_candidates: id=1 first=243
last=243
Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry:
dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp"
Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: conn=37 op=1 p=3
Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: msgid=2 tag=101
err=0
.... and on and on repeating it self 2 more seconds ...
--end------------------
I'm not much of an expert on LDAP, actually quite the opposite. I can't
really tell if there's something really wrong here or not.
My configuration files are the following:
-- smb.conf -----------------
[global]
netbios name = GICOMM
workgroup = GICOMMNET
server string = GICOMM (Servidor de Comunicaciones)
passdb backend = ldapsam:ldap://127.0.0.1
username map = /et/samba/smbusers
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
smb ports = 139
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
os level = 255
dns proxy = yes
;wins support = Yes
security = user
encrypt passwords = yes
ldap suffix = dc=gicomm,dc=iberica,dc=esp
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,dc=gicomm,dc=iberica,dc=esp
ldap ssl = no
ldap delete dn = no
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap passwd sync = Yes
add user script = /usr/sbin/smbldap-useradd -a -m -A 1 -D \"H:\" -E
\"%u.bat\" "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/sbin/smbldap-usermod -x "%u"
"%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%u"
template home dir = /etc/skel
template shell = /bin/sh
username map = /etc/samba/users.map
logon script = logon.bat
logon drive = H:
hide dot files = yes
[homes]
...
--end----------------------
And my slapd.conf file:
--slapd.conf---------------------------
allow bind_v2
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/samba.schema
schemacheck on
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd.args
loglevel 1
modulepath /usr/lib/ldap
moduleload back_bdb
backend bdb
checkpoint 512 30
database bdb
suffix "dc=gicomm,dc=iberica,dc=esp"
rootdn "cn=admin,dc=gicomm,dc=iberica,dc=esp"
rootpw im_not_telling :-D
directory "/var/lib/ldap"
index objectClass eq
index uid,cn,sn,givenname,mail eq,sub
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
lastmod on
access to *
by dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" write
by dn="uid=root,ou=Users,dc=gicomm,dc=iberica,dc=esp" write
by self write
by * read
--end----------------
As you can see, my slapd.conf ACL is not very restrictive.
I've checked other posts and tested accordinglly, but I stil can't join
nor
from a linux workstation nor a W2K workstation.
Well, that's basicly it.
I'd appreciate any help.
Thanx!!
David
El Lunes, 4 de Julio de 2005 18:33, escribi?:> Hi Fabio! > Thanks for the quick response!! > > El Lunes, 4 de Julio de 2005 17:12, escribi?: > > Hi! > > I manage a PDC with the same configuration. > > I suggest you to check SID in LDAP? directory and smbldap configuration. > > > > "net groupmap list" shows errors? > > I've tried it again, just to make sure, and it doesn't show any errors... > except that last time I so such a configuration samba groups maped > correctly to their posix group name, and now I only get gidNumbers?? I've > double checked my nsswitch.conf and libnss-ldap.conf files and I can't see > what's wrong: > > -- begin -------------------- > > # net groupmap list > Gerencia (S-1-5-21-1243414039-471885888-144306045-21015) -> 10007 > Ventas y Comerciales (S-1-5-21-1243414039-471885888-144306045-21025) -> > 10012 Contabilidad (S-1-5-21-1243414039-471885888-144306045-5007) -> 10005 > Recambios (S-1-5-21-1243414039-471885888-144306045-21021) -> 10010 Chapa y > Pintura (S-1-5-21-1243414039-471885888-144306045-21009) -> 10004 > Administracion (S-1-5-21-2139989288-483860436-2398042574-21003) -> 10001 > Imperial de AutomBritFujiyama Motor > (S-1-5-21-1243414039-471885888-144306045-21013) -> 10006 > Vook Rent a Car (S-1-5-21-1243414039-471885888-144306045-21027) -> 10013 > British Car (S-1-5-21-2139989288-483860436-2398042574-21007) -> 10003 > Talleres y Mecanicos (S-1-5-21-1243414039-471885888-144306045-21023) -> > 10011 Todos (S-1-5-21-2139989288-483860436-2398042574-21029) -> 10014 > London Taxi Company (S-1-5-21-1243414039-471885888-144306045-21019) -> > 10009 Informatica (S-1-5-21-2139989288-483860436-2398042574-21031) -> 10015 > Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) -> 512 Domain > Users (S-1-5-21-2139989288-483860436-2398042574-513) -> 513 Domain Guests > (S-1-5-21-2139989288-483860436-2398042574-514) -> 514 Domain Computers > (S-1-5-21-2139989288-483860436-2398042574-515) -> 515 Administrators > (S-1-5-32-544) -> 544 > Account Operators (S-1-5-32-548) -> 548 > Print Operators (S-1-5-32-550) -> 550 > Backup Operators (S-1-5-32-551) -> 551 > Replicators (S-1-5-32-552) -> 552 > > -- end ------------------------ > > -- nsswitch.conf ------------------------- > passwd: files ldap > group: files ldap > shadow: files ldap > ... > -- end ------------------------------ > > -- libnss-ldap.conf ------------------- > base dc=gicomm,dc=iberica,dc=esp > uri ldap://127.0.0.1/ > ldap_version 3 > rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp > scope sub > -- end ------------------------------ > > The SID I get from "net getlocalsid" is: > > SID for domain GICOMM is: S-1-5-21-2139989288-483860436-2398042574 > > > And I've compared it to the entries in my LDAP directory and they seem > correct. > > Examples: > > User XXX has : > sambaPrimaryGroupSID: S-1-5-21-2139989288-483860436-2398042574-513 > sambaSID: S-1-5-21-2139989288-483860436-2398042574-3204 > > Any ideas? > > THANX a LOT!!! > David
Thanks Louis, I'm checking it out. I'll undo my setting and try again with your reciepe. Thanks for the tip. David El Martes, 5 de Julio de 2005 13:33, Louis van Belle escribi?:> I run this setup, my config is posted lastweek. > > >-----Oorspronkelijk bericht----- > >Van: samba-bounces+louis=van-belle.nl@lists.samba.org > >[mailto:samba-bounces+louis=van-belle.nl@lists.samba.org] > >Namens David Szanto > >Verzonden: maandag 4 juli 2005 18:04 > >Aan: samba@lists.samba.org > >Onderwerp: [Samba] Samba3+LDAP: Can't join domain. > > > >Hi everyone!! > >I'm having a bit of trouble join a Samba 3 PDC with LDAP > >authentication. > >First some tips on what system I'm using: > >- Debian Sarge > >- Samba 3.0.14a-Debian > >- OpenLDAP 2.2.24 : Protocol v.3 > > > > > >Well, Now I'll explain the problem and show you some log output. > > > >When ever I try to join the domain I get the following error: > >--begin--------------------- > ># net rpc join GICOMMNET > >Creation of workstation account failed > >Unable to join domain GICOMMNET. > >--end--------------------- > > > >So, I check my logs to see what's wrong and I see this in the > >Samba log: > >--begin--------------------- > >[2005/07/04 17:29:36, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244) > > get_md4pw: Workstation DAVIDSZANTO$: no account in domain > >Error: modifications require authentication > >at /usr/share/perl5/smbldap_tools.pm line 1005, <DATA> line 283. > >[2005/07/04 17:29:39, 0] > >rpc_server/srv_samr_nt.c:_samr_create_user(2324) > > _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w > >"davidszanto$"' gave 1 > >--end-------------------- > > > >So I check if everything alright with my smbldap-useradd > >command, and I try > >creating the account manually using exactly the same command. > >Everything > >works fine. The account is created and machine davidszanto$ > >is created. > > > >So then I scratch my head a bit, and while I'm loosing most of > >my hair I try > >something a bit easier. Let's see if I can recover the user > >list or the > >group list. I use the "net user -I 192.168.xxx.xxx" and it > >works fine. I > >get the whole list and smae with groups. So, if everything > >looks fine, > >where's the mistake? > > > >I try joining again and this time I check the slapd log as > >well and I get the > >biggest transaction log record in history!! : > >--begin------------------ > >Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got > >connid=35 > >Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=35 > >Jul 4 17:38:49 localhost slapd[8515]: do_bind > >Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i > >berica,dc=esp> > >Jul 4 17:38:49 localhost slapd[8515]: do_bind: version=3 > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128 > >Jul 4 17:38:49 localhost slapd[8515]: do_bind: v3 bind: > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i > >berica,dc=esp" > >Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: > >conn=35 op=0 p=3 > >Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: > >msgid=1 tag=97 > >err=0 > >Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got > >connid=35 > >Jul 4 17:38:49 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=35 > >Jul 4 17:38:49 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:49 localhost slapd[8515]: do_search > >Jul 4 17:38:49 localhost slapd[8515]: >>> dnPrettyNormal: <> > >Jul 4 17:38:49 localhost slapd[8515]: <<< dnPrettyNormal: <>, <> > >Jul 4 17:38:49 localhost slapd[8515]: => send_search_entry: dn="" > >Jul 4 17:38:49 localhost slapd[8515]: <= send_search_entry > >Jul 4 17:38:49 localhost slapd[8515]: send_ldap_result: > >conn=35 op=1 p=3 > >Jul 4 17:38:49 localhost slapd[8515]: send_ldap_response: > >msgid=2 tag=101 > >err=0 > >Jul 4 17:38:49 localhost slapd[8515]: connection_get(10): got > >connid=35 > >Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=35 > >Jul 4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:50 localhost slapd[8515]: do_search > >Jul 4 17:38:50 localhost slapd[8515]: >>> dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:50 localhost slapd[8515]: <<< dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:50 localhost slapd[8515]: => bdb_search > >Jul 4 17:38:50 localhost slapd[8515]: > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp") > >Jul 4 17:38:50 localhost slapd[8515]: search_candidates: > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2 > >Jul 4 17:38:50 localhost slapd[8515]: => > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" ) > >Jul 4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:50 localhost slapd[8515]: => key_read > >Jul 4 17:38:50 localhost slapd[8515]: <= bdb_index_read: > >failed (-30990) > >Jul 4 17:38:50 localhost slapd[8515]: <> >bdb_equality_candidates: id=0, > >first=0, last=0 > >Jul 4 17:38:50 localhost slapd[8515]: => bdb_equality_candidates (uid) > >Jul 4 17:38:50 localhost slapd[8515]: => key_read > >Jul 4 17:38:50 localhost slapd[8515]: <= bdb_index_read: > >failed (-30990) > >Jul 4 17:38:50 localhost slapd[8515]: <> >bdb_equality_candidates: id=0, > >first=0, last=0 > >Jul 4 17:38:50 localhost slapd[8515]: bdb_search_candidates: > >id=0 first=1 > >last=0 > >Jul 4 17:38:50 localhost slapd[8515]: bdb_search: no candidates > >Jul 4 17:38:50 localhost slapd[8515]: send_ldap_result: > >conn=35 op=2 p=3 > >Jul 4 17:38:50 localhost slapd[8515]: send_ldap_response: > >msgid=3 tag=101 > >err=0 > >Jul 4 17:38:50 localhost smbd[8612]: [2005/07/04 17:38:50, 0] > >rpc_server/srv_netlog_nt.c:get_md4pw(244) > >Jul 4 17:38:50 localhost smbd[8612]: get_md4pw: Workstation > >DAVIDSZANTO$: > >no account in domain > >Jul 4 17:38:50 localhost slapd[8515]: connection_get(10): got > >connid=35 > >Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=35 > >Jul 4 17:38:50 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=0 > >(Success) > >Jul 4 17:38:50 localhost slapd[8515]: connection_read(10): > >input error=-2 > >id=35, closing. > >Jul 4 17:38:50 localhost slapd[8515]: connection_closing: > >readying conn=35 > >sd=10 for close > >Jul 4 17:38:50 localhost slapd[8515]: connection_close: conn=35 sd=10 > >Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got > >connid=36 > >Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=36 > >Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:51 localhost slapd[8515]: do_bind > >Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i > >berica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: do_bind: version=3 > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128 > >Jul 4 17:38:51 localhost slapd[8515]: do_bind: v3 bind: > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i > >berica,dc=esp" > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: > >conn=36 op=0 p=3 > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: > >msgid=1 tag=97 > >err=0 > >Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got > >connid=36 > >Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=36 > >Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:51 localhost slapd[8515]: do_search > >Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: <> > >Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: <>, <> > >Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry: dn="" > >Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: > >conn=36 op=1 p=3 > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: > >msgid=2 tag=101 > >err=0 > >Jul 4 17:38:51 localhost slapd[8515]: connection_get(10): got > >connid=36 > >Jul 4 17:38:51 localhost slapd[8515]: connection_read(10): > >checking for input > >on id=36 > >Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 10 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:51 localhost slapd[8515]: do_search > >Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_search > >Jul 4 17:38:51 localhost slapd[8515]: > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp") > >Jul 4 17:38:51 localhost slapd[8515]: search_candidates: > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2 > >Jul 4 17:38:51 localhost slapd[8515]: => > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" ) > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read: > >failed (-30990) > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=0, > >first=0, last=0 > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=1, > >first=243, last=243 > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=97, > >first=144, last=256 > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=97, > >first=144, last=256 > >Jul 4 17:38:51 localhost slapd[8515]: bdb_search_candidates: > >id=1 first=243 > >last=243 > >Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry: > >dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp" > >Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: > >conn=36 op=2 p=3 > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: > >msgid=3 tag=101 > >err=0 > >Jul 4 17:38:51 localhost smbd[8613]: nss_ldap: reconnecting > >to LDAP server... > >Jul 4 17:38:51 localhost slapd[8515]: connection_get(14): got > >connid=37 > >Jul 4 17:38:51 localhost slapd[8515]: connection_read(14): > >checking for input > >on id=37 > >Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:51 localhost slapd[8515]: do_bind > >Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: > ><cn=admin,dc=gicomm,dc=iberica,dc=esp>, <cn=admin,dc=gicomm,dc=i > >berica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: do_bind: version=3 > >dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" method=128 > >Jul 4 17:38:51 localhost slapd[8515]: do_bind: v3 bind: > >"cn=admin,dc=gicomm,dc=iberica,dc=esp" to "cn=admin,dc=gicomm,dc=i > >berica,dc=esp" > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: > >conn=37 op=0 p=3 > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: > >msgid=1 tag=97 > >err=0 > >Jul 4 17:38:51 localhost slapd[8515]: connection_get(14): got > >connid=37 > >Jul 4 17:38:51 localhost slapd[8515]: connection_read(14): > >checking for input > >on id=37 > >Jul 4 17:38:51 localhost slapd[8515]: ber_get_next on fd 14 > >failed errno=11 > >(Resource temporarily unavailable) > >Jul 4 17:38:51 localhost slapd[8515]: do_search > >Jul 4 17:38:51 localhost slapd[8515]: >>> dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: <<< dnPrettyNormal: > ><dc=gicomm,dc=iberica,dc=esp>, <dc=gicomm,dc=iberica,dc=esp> > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_search > >Jul 4 17:38:51 localhost slapd[8515]: > >bdb_dn2entry("dc=gicomm,dc=iberica,dc=esp") > >Jul 4 17:38:51 localhost slapd[8515]: search_candidates: > >base="dc=gicomm,dc=iberica,dc=esp" (0x00000001) scope=2 > >Jul 4 17:38:51 localhost slapd[8515]: => > >bdb_dn2idl( "dc=gicomm,dc=iberica,dc=esp" ) > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read: > >failed (-30990) > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=0, > >first=0, last=0 > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates > >(objectClass) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 97 candidates > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=97, > >first=144, last=256 > >Jul 4 17:38:51 localhost slapd[8515]: => bdb_equality_candidates (uid) > >Jul 4 17:38:51 localhost slapd[8515]: => key_read > >Jul 4 17:38:51 localhost slapd[8515]: <= bdb_index_read 1 candidates > >Jul 4 17:38:51 localhost slapd[8515]: <> >bdb_equality_candidates: id=1, > >first=243, last=243 > >Jul 4 17:38:51 localhost slapd[8515]: bdb_search_candidates: > >id=1 first=243 > >last=243 > >Jul 4 17:38:51 localhost slapd[8515]: => send_search_entry: > >dn="uid=davidszanto,ou=Users,dc=gicomm,dc=iberica,dc=esp" > >Jul 4 17:38:51 localhost slapd[8515]: <= send_search_entry > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_result: > >conn=37 op=1 p=3 > >Jul 4 17:38:51 localhost slapd[8515]: send_ldap_response: > >msgid=2 tag=101 > >err=0 > > > >.... and on and on repeating it self 2 more seconds ... > >--end------------------ > > > >I'm not much of an expert on LDAP, actually quite the > >opposite. I can't > >really tell if there's something really wrong here or not. > > My configuration files are the following: > > > >-- smb.conf ----------------- > >[global] > > > >netbios name = GICOMM > >workgroup = GICOMMNET > >server string = GICOMM (Servidor de Comunicaciones) > > > >passdb backend = ldapsam:ldap://127.0.0.1 > >username map = /et/samba/smbusers > >log file = /var/log/samba/%m.log > >max log size = 50 > >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > >smb ports = 139 > > > >preferred master = yes > >domain master = yes > >local master = yes > >domain logons = yes > >os level = 255 > >dns proxy = yes > >;wins support = Yes > >security = user > >encrypt passwords = yes > > > >ldap suffix = dc=gicomm,dc=iberica,dc=esp > >ldap machine suffix = ou=Computers > >ldap user suffix = ou=Users > >ldap group suffix = ou=Groups > >ldap idmap suffix = ou=Idmap > >ldap admin dn = cn=admin,dc=gicomm,dc=iberica,dc=esp > >ldap ssl = no > >ldap delete dn = no > >ldap filter = (&(uid=%u)(objectclass=sambaSamAccount)) > >ldap passwd sync = Yes > > > >add user script = /usr/sbin/smbldap-useradd -a -m -A 1 -D \"H:\" -E > >\"%u.bat\" "%u" > >delete user script = /usr/sbin/smbldap-userdel "%u" > >add machine script = /usr/sbin/smbldap-useradd -w "%u" > >add group script = /usr/sbin/smbldap-groupadd -p "%g" > >delete group script = /usr/sbin/smbldap-groupdel "%g" > >add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > >delete user from group script = /usr/sbin/smbldap-usermod -x "%u" "%g" > >set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > >template home dir = /etc/skel > >template shell = /bin/sh > >username map = /etc/samba/users.map > > > >logon script = logon.bat > >logon drive = H: > >hide dot files = yes > > > >[homes] > >... > >--end---------------------- > > > >And my slapd.conf file: > >--slapd.conf--------------------------- > >allow bind_v2 > > > >include /etc/ldap/schema/core.schema > >include /etc/ldap/schema/cosine.schema > >include /etc/ldap/schema/nis.schema > >include /etc/ldap/schema/inetorgperson.schema > >include /etc/ldap/schema/samba.schema > > > >schemacheck on > >pidfile /var/run/slapd/slapd.pid > >argsfile /var/run/slapd.args > >loglevel 1 > > > >modulepath /usr/lib/ldap > >moduleload back_bdb > > > >backend bdb > >checkpoint 512 30 > > > >database bdb > > > >suffix "dc=gicomm,dc=iberica,dc=esp" > >rootdn "cn=admin,dc=gicomm,dc=iberica,dc=esp" > >rootpw im_not_telling :-D > > > >directory "/var/lib/ldap" > > > >index objectClass eq > >index uid,cn,sn,givenname,mail eq,sub > >index uidNumber eq > >index gidNumber eq > >index memberUid eq > >index sambaSID eq > >index sambaPrimaryGroupSID eq > >index sambaDomainName eq > >index default sub > > > >lastmod on > > > >access to * > > by dn="cn=admin,dc=gicomm,dc=iberica,dc=esp" write > > by dn="uid=root,ou=Users,dc=gicomm,dc=iberica,dc=esp" write > > by self write > > by * read > > > >--end---------------- > > > >As you can see, my slapd.conf ACL is not very restrictive. > > > >I've checked other posts and tested accordinglly, but I stil > >can't join nor > >from a linux workstation nor a W2K workstation. > > > >Well, that's basicly it. > >I'd appreciate any help. > >Thanx!! > >David > >-- > >To unsubscribe from this list go to the following URL and read the > >instructions: https://lists.samba.org/mailman/listinfo/samba
Jason Greene schrieb:> Hi all, > > My logon.bat file runs but none of the drives get mapped. > > Here is my logon.bat file > > net time \\%L /set /yes > net use o: \\%L\data > net use j: \\%L\pca > net use g: \\%L\peachtreenow try to execute in cmd (windows command line), after you log on, and you will know what is wrong. -- Tomek WPKG - automated software deployment http://wpkg.org
On Tuesday 05 July 2005 11:15, Jason Greene wrote:> Hi all, > > My logon.bat file runs but none of the drives get mapped. > > Here is my logon.bat file%L is a macro that can be used in your smb.conf file, beyond Samba it is not known. You will need to change that to:> > net time \\%L /set /yes > net use o: \\%L\data > net use j: \\%L\pca > net use g: \\%L\peachtreenet time %LOGONSERVER% /set /yes net use o: %LOGONSERVER%\data net use j: %LOGONSERVER%\pca net use g: %LOGONSERVER%\peachtree You can find the Windows environment macros that can be used by opening up a cmd shell on a Windows client, then execute: set An example from my XP Pro client is: ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\jht\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=MAGGOT ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=H: HOMEPATH=\ HOMESHARE=\\merlin\jht LOGONSERVER=\\MERLIN NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\SSH Communications Security\SSH Secure Shell PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0806 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\jht\LOCALS~1\Temp TMP=C:\DOCUME~1\jht\LOCALS~1\Temp USERDOMAIN=MIDEARTH USERNAME=jht USERPROFILE=C:\Documents and Settings\jht windir=C:\WINDOWS You can use these macros in your logon script by appropriately dereferencing them, for example: echo %LOGONSERVER% prints: \\MERLIN - John T.> > > Is this setup wrong? > > -- > Regards. > > In Christ, > > Jason Greene > > Angelus Press > IT Manager > 2915 Forest Avenue > Kansas City, MO 64109-1516 > 1.800.966.7337 x306 > 1.816.753.3557 (fax) > www.angeluspress.org-- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production.
Now that makes sence and it works Thank you!! Jason John H Terpstra wrote:>On Tuesday 05 July 2005 11:15, Jason Greene wrote: > > >>Hi all, >> >>My logon.bat file runs but none of the drives get mapped. >> >>Here is my logon.bat file >> >> > >%L is a macro that can be used in your smb.conf file, beyond Samba it is not >known. > >You will need to change that to: > > > >>net time \\%L /set /yes >>net use o: \\%L\data >>net use j: \\%L\pca >>net use g: \\%L\peachtree >> >> > >net time %LOGONSERVER% /set /yes >net use o: %LOGONSERVER%\data >net use j: %LOGONSERVER%\pca >net use g: %LOGONSERVER%\peachtree > >You can find the Windows environment macros that can be used by opening up a >cmd shell on a Windows client, then execute: set > >An example from my XP Pro client is: > > >ALLUSERSPROFILE=C:\Documents and Settings\All Users >APPDATA=C:\Documents and Settings\jht\Application Data >CLIENTNAME=Console >CommonProgramFiles=C:\Program Files\Common Files >COMPUTERNAME=MAGGOT >ComSpec=C:\WINDOWS\system32\cmd.exe >FP_NO_HOST_CHECK=NO >HOMEDRIVE=H: >HOMEPATH=\ >HOMESHARE=\\merlin\jht >LOGONSERVER=\\MERLIN >NUMBER_OF_PROCESSORS=1 >OS=Windows_NT >Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program >Files\SSH Communications Security\SSH Secure Shell >PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH >PROCESSOR_ARCHITECTURE=x86 >PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 6, GenuineIntel >PROCESSOR_LEVEL=6 >PROCESSOR_REVISION=0806 >ProgramFiles=C:\Program Files >PROMPT=$P$G >SESSIONNAME=Console >SystemDrive=C: >SystemRoot=C:\WINDOWS >TEMP=C:\DOCUME~1\jht\LOCALS~1\Temp >TMP=C:\DOCUME~1\jht\LOCALS~1\Temp >USERDOMAIN=MIDEARTH >USERNAME=jht >USERPROFILE=C:\Documents and Settings\jht >windir=C:\WINDOWS > > >You can use these macros in your logon script by appropriately dereferencing >them, for example: > > echo %LOGONSERVER% > >prints: > \\MERLIN > >- John T. > > > >>Is this setup wrong? >> >>-- >>Regards. >> >>In Christ, >> >>Jason Greene >> >>Angelus Press >>IT Manager >>2915 Forest Avenue >>Kansas City, MO 64109-1516 >>1.800.966.7337 x306 >>1.816.753.3557 (fax) >>www.angeluspress.org >> >> > > >
Hello, Jason Greene schrieb:> Hi all, > > My logon.bat file runs but none of the drives get mapped. > > Here is my logon.bat file > > net time \\%L /set /yes > net use o: \\%L\data > net use j: \\%L\pca > net use g: \\%L\peachtree > > > Is this setup wrong? >%L is only only in the smb.conf usefull. In Login-Scripts you have to use the Servername \\server\share. You can also test \\%LOGONSERVER%\share. matze
On Tuesday 05 July 2005 14:26, Matthias Spork wrote:> Hello, > > Jason Greene schrieb: > > Hi all, > > > > My logon.bat file runs but none of the drives get mapped. > > > > Here is my logon.bat file > > > > net time \\%L /set /yes > > net use o: \\%L\data > > net use j: \\%L\pca > > net use g: \\%L\peachtree > > > > > > Is this setup wrong? > > %L is only only in the smb.conf usefull. In Login-Scripts you have to > use the Servername \\server\share. You can also test \\%LOGONSERVER%\share.No. %LOGONSERVER% already has the leading \\, so do not add them a second time. Instead, just use: %LOGONSERVER%\share - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production.
Hi Louis, Sorry I took so long to answer... El Mi?rcoles, 6 de Julio de 2005 08:40, Louis van Belle escribi?:> Hi david, > > nice thats it's working, > > 1 question, i made some bad changes some days ago > in my libnss_ldap.conf or pam_ldap.conf > > could you send me a copy of these ?No problem. Here they go. --libnss-ldap.conf-------------------------------- base dc=gicomm,dc=iberica,dc=esp uri ldap://127.0.0.1/ ldap_version 3 rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp scope sub --end------------------------------------------------ --pam_ldap.conf---------------------------------- host 127.0.0.1 base dc=gicomm,dc=iberica,dc=esp ldap_version 3 rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=es pam_filter objectclass=posixAccount pam_login_attribute uid --end------------------------------------------------> i would help me great.I hope so. :-) It's a very simple configuration. There aren't many changes from the original file.> > thanx. > > LouisCheers, David
> > Please realize that you are posting to a mailinglist. > Your last two postings did not contain information > for people other than Louis.You're absolutely right. I apologize. And I promise to be more carefull next time on. Cheers, David