samba - Sep 2006 - Domain Logins

Hi,

I have troubles when trying to login to my SAMBA Domain, joinung the
workstations to the domain was no problem, browsing shares is no problem, but no
damain login.

I'm running centos 4.3;

rpm -qa |grep samba
system-config-samba-1.2.21-1
samba-client-3.0.10-1.4E.9
samba-3.0.10-1.4E.9
samba-common-3.0.10-1.4E.9

rpm -qa |grep openldap
openldap-clients-2.2.13-6.4E
openldap-devel-2.2.13-6.4E
openldap-2.2.13-6.4E
openldap-servers-2.2.13-6.4E

[global]
    ; Basic server settings
    netbios name = PDC-SRV
    server string = GBW File Server
    workgroup = GBW
    # client use spnego = yes

    ; Logging
    ;log level = 0
    log level = 3 passdb:99 auth:99 winbind:2


    interfaces = 192.168.118.2/24
;    hosts allow = 192.168.0. 127. 192.168.10.

    ;Character Mapping for Mac Compatibility
    ;character set = iso8859-1
    ;client code page = 437
    ;valid chars = *
    ;mangle case = no

; should act as the domain and local master browser
    os level = 64
    preferred master = yes
    domain master = yes
    local master = yes

; SAMBA LDAP stuff
;    passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
;    passwd chat    = *new*password* %n\n *new*password* %n\n *sucessfully*
;    unix password sync = Yes
    ldap passwd sync = yes
    passdb backend = "ldapsam_compat:ldap://ldap.intern.gbw.at"
    passdb backend = "ldapsam:ldap://ldap.intern.gbw.at"
    idmap  backend = "ldap:ldap://ldap.intern.gbw.at"
    ldap suffix = dc=intern,dc=gbw,dc=at
    ldap admin dn = cn=Manager,dc=intern,dc=gbw,dc=at
    ldap machine suffix = ou=Computers
    ldap user suffix = ou=Users
    ldap group suffix = ou=Groups
    ldap ssl = No
    ldap delete dn = no

; smbldap tools
    add user script = /usr/sbin/smbldap-useradd -m "%u"
    add machine script = /usr/sbin/smbldap-useradd -t 5 -w "%u"
    add group script = /usr/sbin/smbldap-groupadd -p "%g"
    add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
    set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%u"


    ; security settings (must user security = user)
    security = user

    ; encrypted passwords are a requirement for a PDC
    encrypt passwords = yes
    ; support domain logons
    domain logons = yes

    ;domain admin group = administrator root bernhard leonard

    ; where to store user profiles?
    ; logon path = \\%N\profiles\%u
    logon path 
    ; where is a user's home directory and where should it
    ; be mounted at?
    ; logon drive = z:
    ; logon home = \\FILE_SRV\unixhomes
    logon drive     logon home 
    ; specify a generic logon script for all users
    ; this is a relative **DOS** path to the [netlogon] share
    ; logon script = logon.cmd
    logon script = logon.cmd

; necessary share for domain controller
[netlogon]
    comment = Network Logon Service
    path = /opt/smb/netlogon
    guest ok = yes
    writable = no
    share modes = no
    ; read only = yes
    ; write list = ntadmin
; share for storing user profiles
[profiles]
    path = /opt/smb/ntprofile
    read only = no
    create mask = 0600
    directory mask = 0700
    browsable = yes
    writable = yes
[home]
    comment = Home Directories
    path = /opt/home/%u
    browsable = yes
    writable = yes
[data]
    comment = Daten
    path=/opt/data
    browsable = yes
    writeable = yes
    create mask = 664
    directory mask = 775

best regards and thanks for help
bernhard

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/18/2006 07:58 AM, Bernhard P?ttinger escreveu:
> Hi,
> I have troubles when trying to login to my SAMBA Domain, 
> joinung the workstations to the domain was no problem,
> browsing shares is no problem, but no damain login.
> 
> I'm running centos 4.3;
> 
> rpm -qa |grep samba
> system-config-samba-1.2.21-1
> samba-client-3.0.10-1.4E.9
> samba-3.0.10-1.4E.9
> samba-common-3.0.10-1.4E.9
> 
> rpm -qa |grep openldap
> openldap-clients-2.2.13-6.4E
> openldap-devel-2.2.13-6.4E
> openldap-2.2.13-6.4E
> openldap-servers-2.2.13-6.4E
> 
> [global]
>     ; Basic server settings
>     netbios name = PDC-SRV
>     server string = GBW File Server
>     workgroup = GBW
>     # client use spnego = yes
> 
>     ; Logging
>     ;log level = 0
>     log level = 3 passdb:99 auth:99 winbind:2
> 
> 
>     interfaces = 192.168.118.2/24
> ;    hosts allow = 192.168.0. 127. 192.168.10.
> 
>     ;Character Mapping for Mac Compatibility
>     ;character set = iso8859-1
>     ;client code page = 437
>     ;valid chars = *
>     ;mangle case = no
> 
> ; should act as the domain and local master browser
>     os level = 64
>     preferred master = yes
>     domain master = yes
>     local master = yes
> 
> ; SAMBA LDAP stuff
> ;    passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
> ;    passwd chat    = *new*password* %n\n *new*password* %n\n *sucessfully*
> ;    unix password sync = Yes
>     ldap passwd sync = yes
>     passdb backend = "ldapsam_compat:ldap://ldap.intern.gbw.at"
>     passdb backend = "ldapsam:ldap://ldap.intern.gbw.at"
	I'm not sure about the above one. You should be using
either ldapsam _or_ ldapsam_compat.

[...]
> best regards and thanks for help
> bernhard
	Could you please attach an increased loglevel/debuglevel
so we can take a look on what's going on while you try to login? :)


	Kind regards,
- --
Felipe Augusto van de Wiel <felipe@paranacidade.org.br>
Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFD+3HCj65ZxU4gPQRAk1HAKChbCd57YE2uuT+WlIJ6xDzWLZltgCgofDa
J5GSxOn656dBwEkyA6WnTiw=lIOP
-----END PGP SIGNATURE-----