I just migrated my SMB pdc to a new server (was running 3.0.21c, now
3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin
seem to work. But if I attempt to join a windows system to the domain I
get "The following error occured while attempting to join to domain
"DOMAINNAME": The user name could not be found". The machine
name is
getting loaded into ldap.
LDAP seems to be fine, getent passwd/group returns all the ldap users;
net groupmap list returns all the groups. I can shell in with ldap accounts/
I copied the old server's /etc/samba to the new server and I set the new
servers SID to be that of the old server.
Also, I have a logon script on my BDC and my PDC. The BDC script runs
on the client boot up, but the PDC one isn't running.
Any ideas?
SMB.CONF
[global]
workgroup = DOMAINNAME
netbios name = HOME
server string = HOME
passdb backend = ldapsam:ldap://ldap.domain
username map = /etc/samba/smbusers
printcap name = cups
enable privileges = Yes
log level = 2
add user script = /usr/local/sbin/smbldap-useradd -m '%u'
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add user to group script = /usr/local/sbin/smbldap-groupmod -m
'%u' '%g'
delete user from group script = /usr/local/sbin/smbldap-groupmod
-x '%u' '%g'
set primary group script = /usr/local/sbin/smbldap-usermod -g
'%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
logon script = scripts\logon.bat
# logon path = \\%L\Profiles\%U
logon path logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins server = 172.30.30.25
ldap suffix = ou=Accounts,dc=company,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Posix,ou=Groups
ldap idmap suffix = ou=idmap
ldap admin dn = cn=Manager,dc=company,dc=com
ldap ssl = no
ldap passwd sync = No
# idmap uid = 15000-20000
# idmap gid = 15000-20000
printing = cups
map acl inherit = Yes
here's my log.smbd when I tried to add the computer:
[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
smbldap_open_connection: connection opened
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
check_ntlm_password: authentication for user [Administrator] ->
[root] -> [root] succeeded
[2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
Closing connections
[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
smbldap_open_connection: connection opened
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
check_ntlm_password: authentication for user [Administrator] ->
[root] -> [root] succeeded
[2006/06/23 11:28:29, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
Returning domain sid for domain DOMAINNAME ->
S-1-5-21-3186883984-1813041273-1898769360
[2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
Closing connections
thanks in advance.
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
anyone ? Matt Ingram wrote:> I just migrated my SMB pdc to a new server (was running 3.0.21c, now > 3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin > seem to work. But if I attempt to join a windows system to the domain > I get "The following error occured while attempting to join to domain > "DOMAINNAME": The user name could not be found". The machine name is > getting loaded into ldap. > > LDAP seems to be fine, getent passwd/group returns all the ldap users; > net groupmap list returns all the groups. I can shell in with ldap > accounts/ > > I copied the old server's /etc/samba to the new server and I set the > new servers SID to be that of the old server. > > Also, I have a logon script on my BDC and my PDC. The BDC script runs > on the client boot up, but the PDC one isn't running. > > Any ideas? > > SMB.CONF > [global] > workgroup = DOMAINNAME > netbios name = HOME > server string = HOME > passdb backend = ldapsam:ldap://ldap.domain > username map = /etc/samba/smbusers > printcap name = cups > enable privileges = Yes > log level = 2 > add user script = /usr/local/sbin/smbldap-useradd -m '%u' > delete user script = /usr/local/sbin/smbldap-userdel %u > add group script = /usr/local/sbin/smbldap-groupadd -p '%g' > delete group script = /usr/local/sbin/smbldap-groupdel '%g' > add user to group script = /usr/local/sbin/smbldap-groupmod -m > '%u' '%g' > delete user from group script = > /usr/local/sbin/smbldap-groupmod -x '%u' '%g' > set primary group script = /usr/local/sbin/smbldap-usermod -g > '%g' '%u' > add machine script = /usr/local/sbin/smbldap-useradd -w '%u' > logon script = scripts\logon.bat > # logon path = \\%L\Profiles\%U > logon path > logon drive = H: > logon home = \\%L\%U > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > wins server = 172.30.30.25 > ldap suffix = ou=Accounts,dc=company,dc=com > ldap machine suffix = ou=Computers > ldap user suffix = ou=People > ldap group suffix = ou=Posix,ou=Groups > ldap idmap suffix = ou=idmap > ldap admin dn = cn=Manager,dc=company,dc=com > ldap ssl = no > ldap passwd sync = No > # idmap uid = 15000-20000 > # idmap gid = 15000-20000 > printing = cups > map acl inherit = Yes > > > here's my log.smbd when I tried to add the computer: > > [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all old resources. > [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all old resources. > [2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722) > smbldap_open_connection: connection opened > [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215) > init_group_from_ldap: Entry found for group: 512 > [2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307) > check_ntlm_password: authentication for user [Administrator] -> > [root] -> [root] succeeded > [2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614) > Closing connections > [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all old resources. > [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all old resources. > [2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722) > smbldap_open_connection: connection opened > [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215) > init_group_from_ldap: Entry found for group: 512 > [2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307) > check_ntlm_password: authentication for user [Administrator] -> > [root] -> [root] succeeded > [2006/06/23 11:28:29, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) > Returning domain sid for domain DOMAINNAME -> > S-1-5-21-3186883984-1813041273-1898769360 > [2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614) > Closing connections > > thanks in advance. > > > >-- Matt Ingram Intermediate Unix Administrator, IS Canadian Bank Note Company, Limited \m/
Possibly Parallel Threads
- samba pdc acting weird
- The user name could not be found when joining a samba domain
- Joining a domain with a non-administrator account
- A device attached to the system is not functioning (smbd -V 3.5.x)
- Can't join pc to domain with smbldap-tools but can with smbpasswd