it seems that you are true, now what is the solution?
2009/3/2 Scott Grizzard <sgrizzard@tampabay.rr.com>
> Can you do an "ldapsearch -x" from the domain controller to the
LDAP server
> using TLS? Many times it is the TLS certificates that cause connection
> problems from samba.
>
>
> On Mar 2, 2009, at 12:26 AM, Mohammad Reza Hosseini wrote:
>
> here is my smb.conf global section:
>>
>> #############################################
>> [global]
>> server string = SOFTWARE
>> workgroup = SOFTWARE
>> ; security = user
>> netbios name = S-SOFT
>>
>> passdb backend = ldapsam:ldap://ldapserver
>> ldap admin dn = cn=Directory Manager
>> ldap suffix = dc=iut,dc=ac,dc=ir
>> ldap group suffix = ou=Groups
>> ldap user suffix = ou=Users
>> ldap machine suffix = ou=Computers
>> ldap ssl = start_tls
>> ; enable privileges = yes
>> add machine script = /usr/sbin/smbldap-useradd -w "%u"
>> add user script = /usr/sbin/smbldap-useradd -m "%u"
>> ldap delete dn = Yes
>> #delete user script = /usr/sbin/smbldap-userdel "%u"
>> add group script = /usr/sbin/smbldap-groupadd -p "%g"
>> #delete group script = /usr/sbin/smbldap-groupdel "%g"
>> add user to group script = /usr/sbin/smbldap-groupmod -m
"%u" "%g"
>> delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
>> set primary group script = /usr/sbin/smbldap-usermod -g
"%g" "%u"
>> ldap passwd sync = Yes
>> log level = 1
>> syslog = 0
>> log file = /var/log/samba/%m
>> ; encrypt passwords = yes
>> os level = 69
>> max log size = 50
>> name resolve order = wins bcast hosts
>> time server = Yes
>> wins support = Yes
>> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192
>> SO_RCVBUF=8192
>> logon script = logon.bat
>> logon path =""
>> logon drive >> domain logons = Yes
>> preferred master = Yes
>> domain master = Yes
>> ; local master = yes
>> username map = /etc/samba/smbusers
>> interfaces = 127.0.0.1 eth*
>> bind interfaces only = yes
>> hosts allow = 172.16. 192.168.
>> #############################################
>>
>> 2009/3/1 Adam Williams <awilliam@mdah.state.ms.us>
>>
>> whats the smb.conf of the samba server? did you do smbpasswd -w?
>>>
>>>
>>> Mohammad Reza Hosseini wrote:
>>>
>>> hello,
>>>> I want to use a samba server and an ldap server in two
different lans.
>>>> but
>>>> win xp pc can not join to pdc domain.
>>>> i ping the ldap server and smbldap-usershow shows the users but
the "net
>>>> rpc
>>>> getsid" can not fetch sid and coputers can't be added
to ldap.
>>>> any idea?
>>>>
>>>>
>>>>
>>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
--
.::MRH::.