hello, i have 1 PDC and 1 BDC using smbldap, and now i'm adding a server (as a domain member, not BDC) that will have shares to be mounted by the clients. this server also uses smbldap and, at this moment, the service is working almost normally. the problem seems to be the typical SID problem, but my new samba reports to have the same SID that the PDC and BDC have, and users can log into the domain and map shares. however, when mapping shares log file prints these lines: [2008/01/22 21:06:13, 0, effective(0, 0), real(0, 0)] passdb/passdb.c:lookup_global_sam_name(596) User nobody with invalid SID S-1-5-21-3094878921-2476751602-3662942323-501 in passdb [2008/01/22 21:06:56, 0, effective(0, 0), real(0, 0)] passdb/passdb.c:lookup_global_sam_name(596) User USER with invalid SID S-1-5-21-3094878921-2476751602-3662942323-12534 in passdb also, smbclient -L also gives the same error. i'm guessing that these error introduces latency, so shares are not mounted as fast as i would like. system ldap is working and samba check user credentials correctly against ldap, with a valid SID also... where can be the problem? any ideas? thanks in advance, toni garcia
hi, i will respond myself, so i've discovered that my samba server responds incorrectly when i issue a 'pdbedit -L -v user' the domain and Primary Group SID are not the same which report the PDC or BDC if samba is getting acount data from ldap, and ldap server is the same for both server, what i'm missing? thanks, toni El Tue, 22 Jan 2008 21:22:28 +0100 toni <tonign@xtec.net> ha escrit:> hello, > > i have 1 PDC and 1 BDC using smbldap, and now i'm adding a server (as > a domain member, not BDC) that will have shares to be mounted by the > clients. > > this server also uses smbldap and, at this moment, the service is > working almost normally. > > the problem seems to be the typical SID problem, but my new samba > reports to have the same SID that the PDC and BDC have, and users can > log into the domain and map shares. however, when mapping shares log > file prints these lines: > > [2008/01/22 21:06:13, 0, effective(0, 0), real(0, 0)] > passdb/passdb.c:lookup_global_sam_name(596) User nobody with invalid > SID S-1-5-21-3094878921-2476751602-3662942323-501 in passdb > [2008/01/22 21:06:56, 0, effective(0, 0), real(0, 0)] > passdb/passdb.c:lookup_global_sam_name(596) User USER with invalid > SID S-1-5-21-3094878921-2476751602-3662942323-12534 in passdb > > also, smbclient -L also gives the same error. > > i'm guessing that these error introduces latency, so shares are not > mounted as fast as i would like. > > system ldap is working and samba check user credentials correctly > against ldap, with a valid SID also... > > where can be the problem? any ideas? > > thanks in advance, > > toni garcia
"toni" <tonign@xtec.net> wrote in message news:20080122212228.5b9c62cb@gamma...> hello, > > i have 1 PDC and 1 BDC using smbldap, and now i'm adding a server (as a > domain member, not BDC) that will have shares to be mounted by the > clients. > > this server also uses smbldap and, at this moment, the service is > working almost normally. > > the problem seems to be the typical SID problem, but my new samba > reports to have the same SID that the PDC and BDC have, and users can > log into the domain and map shares. however, when mapping shares log > file prints these lines:I would not expect you to need smbldap on a member server. Typically, member servers authenticate against a pdc or bdc. They do not authenticate locally. One option is to load ldap on the server. Load Samba so it can configure against ldap. You can then configure the machine to use the ldap on the pdc for authentication. Chapter 7 of Samba by Example shows a few options re: setting up a member server to authenticate against a pdc.