samba - Mar 2011 - Can't join Windows 7 Pro/XP to samba PDC

Hi !!!!!

I have installed samba 3.5.4 on OpenSuSE 11.3. It's configured as a
PDC with LDAP backend.The LDAP backend was populated with the help of
smbldap-tools. Here is the global section of my smb.conf

[global]
       workgroup = ARAMDA
       map to guest = Bad User
       passdb backend = ldapsam:ldap://localhost
       log level = 3
       log file = /var/log/samba.log
       printcap name = cups
       add user script = ldapsmb -a -u "%u"
       delete user script = ldapsmb -d -u "%u"
       add group script = ldapsmb -a -g "%g"
       delete group script = ldapsmb -d -g "%g"
       add user to group script = ldapsmb -j -u "%u" -g "%g"
       delete user from group script = ldapsmb -j -u "%u" -g
"%g"
       set primary group script = ldapsmb -m -u "%u" -gid
"%g"
       add machine script = /usr/sbin/smbldap-useradd -t 0 -g 1515 -w
"%u"
       logon path = \\%L\profiles\.msprofile
       logon drive = Z:
       logon home = \\%L\%U\.9xprofile
       domain logons = Yes
       os level = 65
       preferred master = Yes
       domain master = Yes
       wins support = Yes
       ldap admin dn = cn=replicasamba,dc=aramda,dc=uy
       ldap group suffix = ou=Groups
       ldap idmap suffix = ou=Idmap
       ldap machine suffix = ou=Computers
       ldap passwd sync = yes
       ldap suffix = dc=aramda,dc=uy
       ldap ssl = no
       ldap user suffix = ou=People
       add share command = /var/lib/samba/scripts/modify_samba_config.pl
       delete share command = /var/lib/samba/scripts/modify_samba_config.pl
       usershare allow guests = Yes
       hosts allow = 127.0.0.1, 172.16.1.
       cups options = raw

In the workstations with Windows 7 Pro, we try to join them to the
domain. We get a message saying that can't join them. In samba.log we
found this

[2011/03/18 10:45:46.419648,  3]
passdb/pdb_interface.c:348(pdb_default_create_user)
  _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -t
0 -g 1515 -w "cpd-sist03$"' gave 0
[2011/03/18 10:45:46.421589,  3]
passdb/pdb_interface.c:365(pdb_default_create_user)
  pdb_default_create_user: failed to create a new user structure:
NT_STATUS_NO_SUCH_USER

Any help appreciated, we seem to be in a dead end.

Andr?s

Did you try manually creating a unix "user" account for the samba 
machine?  Does "getent passwd" show that machine?

I don't have samba configured to automatically create unix user accounts 
or allocate ids in winbind, so I need to manually create unix accounts 
for users or machines.  The "ldap machine suffix" in my setup has to
be
pointed to the same container as user accounts (or a sub OU of the user 
accounts.)  I also use ldap for my "unix" (non-samba) accounts-  ssh, 
nfs, linux clients etc,  and I initially started with samba 3.0.x , so 
my setup decisions may be different from yours.





On 03/23/2011 09:29 AM, Andres Tarallo wrote:
> Hi !!!!!
>
> I have installed samba 3.5.4 on OpenSuSE 11.3. It's configured as a
> PDC with LDAP backend.The LDAP backend was populated with the help of
> smbldap-tools. Here is the global section of my smb.conf
>
> [global]
>         workgroup = ARAMDA
>         map to guest = Bad User
>         passdb backend = ldapsam:ldap://localhost
>         log level = 3
>         log file = /var/log/samba.log
>         printcap name = cups
>         add user script = ldapsmb -a -u "%u"
>         delete user script = ldapsmb -d -u "%u"
>         add group script = ldapsmb -a -g "%g"
>         delete group script = ldapsmb -d -g "%g"
>         add user to group script = ldapsmb -j -u "%u" -g
"%g"
>         delete user from group script = ldapsmb -j -u "%u" -g
"%g"
>         set primary group script = ldapsmb -m -u "%u" -gid
"%g"
>         add machine script = /usr/sbin/smbldap-useradd -t 0 -g 1515 -w
"%u"
>         logon path = \\%L\profiles\.msprofile
>         logon drive = Z:
>         logon home = \\%L\%U\.9xprofile
>         domain logons = Yes
>         os level = 65
>         preferred master = Yes
>         domain master = Yes
>         wins support = Yes
>         ldap admin dn = cn=replicasamba,dc=aramda,dc=uy
>         ldap group suffix = ou=Groups
>         ldap idmap suffix = ou=Idmap
>         ldap machine suffix = ou=Computers
>         ldap passwd sync = yes
>         ldap suffix = dc=aramda,dc=uy
>         ldap ssl = no
>         ldap user suffix = ou=People
>         add share command = /var/lib/samba/scripts/modify_samba_config.pl
>         delete share command =
/var/lib/samba/scripts/modify_samba_config.pl
>         usershare allow guests = Yes
>         hosts allow = 127.0.0.1, 172.16.1.
>         cups options = raw
>
> In the workstations with Windows 7 Pro, we try to join them to the
> domain. We get a message saying that can't join them. In samba.log we
> found this
>
> [2011/03/18 10:45:46.419648,  3]
> passdb/pdb_interface.c:348(pdb_default_create_user)
>    _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -t
> 0 -g 1515 -w "cpd-sist03$"' gave 0
> [2011/03/18 10:45:46.421589,  3]
> passdb/pdb_interface.c:365(pdb_default_create_user)
>    pdb_default_create_user: failed to create a new user structure:
> NT_STATUS_NO_SUCH_USER
>
> Any help appreciated, we seem to be in a dead end.
>
> Andr?s
>