samba - Oct 2006 - Browse Domain users from XP client -not possible - urgent!

Hi

I am unfortunate not able to browse any users in my samba-ldap domain.

ex. if I want to add the user swi  more premissions on a samba share folder
(security-->add-> advanced-->find now--> the smbldap domain users
and
groups are not shown anymore? This same goes if i want to add a user as
local administrator on a joined XP PC  -  same problem.

We also get an error saying that we can not change security on shared
folders and files within the domain. Below share setting has worked ealier

[sharename$]
        path = /home/sharename
        public = yes
        valid users = @groupname
        writable = yes
        writelist = @groupname
        printable = no
        create mask = 0666
        force group = groupname
        directory mask = 0777

More Info


I am using and a RHES 4 update 3 kernel 2.6.9-34
samba-3.0.10-1.4E.6
samba-client-3.0.10-1.4E.6
samba-common-3.0.10-1.4E.6
openldap-devel-2.2.13-4
openldap-servers-2.2.13-4
openldap-clients-2.2.13-4
openldap-2.2.13-4

My PDC /etc/samba/smb.conf file look like this

[global]
        workgroup = DOMAINNAME
        netbios name = TNGCPH01
        username map = /etc/samba/smbusers
        server string = Samba Server %v
        security = user
        encrypt passwords = yes
        domain logons = Yes
        os level = 65
        preferred master = yes
        local master = yes
        domain master = yes
        wins support = yes
        log level = 3
        log file = /var/log/samba/%m.log
        max log size = 50

        obey pam restrictions = No
        ldap passwd sync = Yes
        passdb backend = ldapsam:ldap://127.0.0.1
        ldap admin dn = cn=Manager,dc=domainname,dc=com

# Ldap suffix

        ldap suffix = dc=clipper-group,dc=com
        ldap group suffix = ou=_GROUPS_
        ldap user suffix = ou=_USERS_
        ldap machine suffix = ou=_COMPUTERS_
        ldap idmap suffix = ou=_USERS_
        ldap ssl = no
        add user script = /usr/local/sbin/smbldap-useradd.pl -m "%u"
        ldap delete dn = Yes
        delete user script = /usr/local/sbin/smbldap-userdel.pl "%u"
        add machine script = /usr/local/sbin/smbldap-useradd.pl -w
"%u"
        add group script = /usr/local/sbin/smbldap-groupadd.pl -p "%g"
        delete group script = /usr/local/sbin/smbldap-groupdel.pl "%g"
        add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m
"%u" "%g"
        delete user from group script = /usr/local/sbin/smbldap-groupmod.pl
-x "%u" "%g"
        set primary group script = /usr/local/sbin/smbldap-usermod.pl -g
"%g" "%u"

   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   template shell = /bin/false
   winbind use default domain = no

###########Share definitions and
configuration""""""""""


[homes]
        comment = Home Directories
        valid users = %S
        browseable = No
        read only = No

[netlogon]
        path = /home/clipper/netlogon/scripts
        browseable = No
        read only = yes
#       preexec = /etc/samba/scripts/userbat.pl %U %G %L
#       postexec = /etc/samba/scripts/groupbat.pl %U %G %L


[sharename$]
        path = /home/sharename
        public = yes
        valid users = @groupname
        writable = yes
        writelist = @groupname
        printable = no
        create mask = 0666
        force group = groupname
        directory mask = 0777