I have Samba 3.0.24 running on CentOS 4 as a PDC with an LDAP backend.
When I first set everything up, I could join workstations to the domain
automatically with the Windows Network ID Wizard. Now when I try to
join a workstation I get:
Your computer could not be joined to the domain because the
following error has occurred:
The user name could not be found.
If I add the computer name to the domain manually from the command line
or with LDAP Account Manager, then go back and join it, it works. But it
sure would be nice not to have to set up each machine manually. Any
thoughts?
[global]
unix charset = LOCALE
workgroup = glastendernet
netbios name = aster
server string = Glastender Domain Controller running %v
interfaces = eth1, lo
bind interfaces only = yes
os level = 255
preferred master = yes
local master = yes
domain master = yes
security = user
time server = yes
username map = /etc/samba/smbusers
wins support = yes
encrypt passwords = yes
pam password change = yes
name resolve order = wins bcast hosts
winbind nested groups = no
passdb backend = ldapsam:ldap://127.0.0.1/
ldap passwd sync = Yes
ldap suffix = dc=glastender,dc=com
ldap admin dn = cn=Manager,dc=glastender,dc=com
ldap ssl = no
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=People
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://127.0.0.1/
idmap uid = 10000-20000
idmap gid = 10000-20000
map acl inherit = yes
add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
#delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
add machine script = /etc/smbldap-tools/smbldap-useradd -w
"%u"
add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
#delete group script = /etc/smbldap-tools/smbldap-groupdel
"%g"
add user to group script = /etc/smbldap-tools/smbldap-groupmod
-m "%u" "%g"
delete user from group script =
/etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
set primary group script = /etc/smbldap-tools/smbldap-usermod -g
"%g" "%u"
domain logons = yes
log file = /var/log/samba/log.%m
log level = 1
syslog = 0
max log size = 50
#smb ports = 139 445
smb ports = 139
hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
# User profiles and home directories
logon drive = U:
logon path = \\%L\profiles\%U
logon script = %U.bat
large readwrite = no
read raw = no
write raw = no
printcap name = /etc/printcap
load printers = no
printing
#=========Shares====== template shell = /bin/false
winbind use default domain = no
[homes]
comment = Home Directories
browseable = no
--
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
r+++ y+++
------END GEEK CODE BLOCK------
Hi... Sorry if I was wrong. I just want to ask, did you join the machine (via windows machine) using root account? If it's true, then I guess you have to have samba password for your root. If you have made it before, try to recreate your root's samba password (with smbldap-passwd), then try to join the machine. Let me know if it failed. :) Regards, sato On 3/24/07, Jason Baker <jbaker@glastender.com> wrote:> > I have Samba 3.0.24 running on CentOS 4 as a PDC with an LDAP backend. > When I first set everything up, I could join workstations to the domain > automatically with the Windows Network ID Wizard. Now when I try to > join a workstation I get: > > Your computer could not be joined to the domain because the > following error has occurred: > The user name could not be found. > > If I add the computer name to the domain manually from the command line > or with LDAP Account Manager, then go back and join it, it works. But it > sure would be nice not to have to set up each machine manually. Any > thoughts? > > [global] > unix charset = LOCALE > workgroup = glastendernet > netbios name = aster > server string = Glastender Domain Controller running %v > interfaces = eth1, lo > bind interfaces only = yes > os level = 255 > preferred master = yes > local master = yes > domain master = yes > security = user > time server = yes > username map = /etc/samba/smbusers > wins support = yes > encrypt passwords = yes > pam password change = yes > name resolve order = wins bcast hosts > winbind nested groups = no > passdb backend = ldapsam:ldap://127.0.0.1/ > ldap passwd sync = Yes > ldap suffix = dc=glastender,dc=com > ldap admin dn = cn=Manager,dc=glastender,dc=com > ldap ssl = no > ldap group suffix = ou=Groups > ldap user suffix = ou=People > ldap machine suffix = ou=People > ldap idmap suffix = ou=Idmap > idmap backend = ldap:ldap://127.0.0.1/ > idmap uid = 10000-20000 > idmap gid = 10000-20000 > map acl inherit = yes > add user script = /etc/smbldap-tools/smbldap-useradd -m "%u" > #delete user script = /etc/smbldap-tools/smbldap-userdel "%u" > add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u" > add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g" > #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g" > add user to group script = /etc/smbldap-tools/smbldap-groupmod > -m "%u" "%g" > delete user from group script > /etc/smbldap-tools/smbldap-groupmod -x "%u" "%g" > set primary group script = /etc/smbldap-tools/smbldap-usermod -g > "%g" "%u" > domain logons = yes > log file = /var/log/samba/log.%m > log level = 1 > syslog = 0 > max log size = 50 > #smb ports = 139 445 > smb ports = 139 > hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0 > # User profiles and home directories > logon drive = U: > logon path = \\%L\profiles\%U > logon script = %U.bat > large readwrite = no > read raw = no > write raw = no > printcap name = /etc/printcap > load printers = no > printing > > #=========Shares======> template shell = /bin/false > winbind use default domain = no > > [homes] > comment = Home Directories > browseable = no > > -- > > *Jason Baker > */IT Coordinator/ > > > *Glastender Inc.* > 5400 North Michigan Road > Saginaw, Michigan 48604 USA > 800.748.0423 > Phone: 989.752.4275 ext. 228 > Fax: 989.752.4444 > www.glastender.com <http://www.glastender.com> > > -----BEGIN GEEK CODE BLOCK----- > Version: 3.1 > GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K? > w !O M !V PS PE- Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- > r+++ y+++ > ------END GEEK CODE BLOCK------ > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
On 3/23/07, Jason Baker <jbaker@glastender.com> wrote:> I have Samba 3.0.24 running on CentOS 4 as a PDC with an LDAP backend. > When I first set everything up, I could join workstations to the domain > automatically with the Windows Network ID Wizard. Now when I try to > join a workstation I get: > > Your computer could not be joined to the domain because the > following error has occurred: > The user name could not be found. > > If I add the computer name to the domain manually from the command line > or with LDAP Account Manager, then go back and join it, it works. But it > sure would be nice not to have to set up each machine manually. Any > thoughts? >Nothing helpful from me as I have the same problem but this is this has been how it has always worked for me. I actually thought that was a feature. Thanks for starting the thread. John