Hello,
First of all, I would like to say that this is my third attempt to make
Samba working as PDC. On the very beginning I had a problem with machine
account, but after group mapping and cleaning group maps, I was able to
add it from command line - using smbpasswd (according to this point, I
would like to ask: "machine" unix group is only allowed for machines?
Am
I not able to use my own like:smbmachines?).
Now I am fighting with usrmgr.exe. When I connect from domain member XP
station as root and choice one of the listed users, I have recived sth
like this in logs and usrmgr error:
[2006/05/27 15:41:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
get_domain_user_groups: primary gid of user [root] is not a Domain group !
get_domain_user_groups: You should fix it, NT doesn't like that
[2006/05/27 15:41:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user root doesn't exist. Check your
/etc/passwd and /etc/group files
[2006/05/27 15:41:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
get_domain_user_groups: primary gid of user [root] is not a Domain group !
get_domain_user_groups: You should fix it, NT doesn't like that
[2006/05/27 15:41:30, 1] smbd/service.c:make_connection_snum(648)
tws (192.168.0.102) connect to service root initially as user root
(uid=0, gid=0) (pid 4492)
[2006/05/27 15:41:32, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user tomek doesn't exist. Check your
/etc/passwd and /etc/group files
[2006/05/27 15:42:12, 1] smbd/service.c:close_cnum(836)
tws (192.168.0.102) closed connection to service root
When I use command "net group", after entering root's smb
password, I
recive groups list(with double "Domain Admins") with
"ads_connect:
Transport end point is not connected" error.
Command: "net groupmap list" shows me also double "Domain
Admins"
entries and I am not able to delete both of them, only one of them. I've
tried net groupmap delete,modify with SID,ntgroupname, also net groupmap
cleanup, but it doesn't work.
So I think that the solution is somewhere connected with a proper
defining of SID,RID or groupmaps.
Thank you,
This is my smb.conf(only general section):
#======================= Global Settings
====================================[global]
netbios name = Asterisk
server string = Asterisk PDC
workgroup = BB
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
security = user
local master = yes
domain master = yes
preferred master = yes
domain logons = yes
nt acl support = yes
time server = yes
wins support = yes
dns proxy = no
os level = 33
logon drive logon path = \\Asterisk\profiles\%U
logon script = logoon.bat
lm announce = yes
lm interval = 120
name resolve order = wins bcast
max log size = 50
log file = /var/log/samba/%m.log
debug level = 1
unix charset = ISO8859-2
dos charset = CP852
cups options = raw
load printers = yes
printcap name = cups
available = no
browseable = no
directory mask = 0777
force directory mode = 0555
create mask = 0666
force create mode = 0444
printer admin = root
passdb backend = tdbsam
null passwords = no
encrypt passwords = yes
unix password sync = no
hosts allow = 192.168.0. 127.
interfaces = 192.168.0.5 127.0.0.1
bind interfaces only = yes
username map = /etc/samba/smbusers
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
add machine script = /usr/sbin/useradd -n -g machines -d
dev/null -s /bin/false %u
