samba - Aug 2011 - Samba 3.5 + ldap backend - I can't logon under PDC

Hi , I use Samba 3.5 PDC + ldap backend . I can't put the machine if I 
don't specify
the wins server on Pc-client. I try different name resolve order , but 
nothing change ? Can you help me ?
My global is :

[global]
    workgroup = workgroup
    netbios name = SERVER
    server string = Server Samba
    wins support = yes
    browse list = Yes
    remote announce = 10.0.0.255/workgroup
    lm announce = yes
    lm interval = 30
    dns proxy = yes
    hosts allow = 127.0.0.1 10.0.0.1/255.255.255.0
    name resolve order = wins lmhosts host bcast
#   name resolve order = bcast host lmhosts wins
    interfaces = bond0 , eth1 ,lo
    bind interfaces only = no
    log file = /var/log/samba/%U.%m.log
    log level = 0 passdb:6 auth:10 vfs:5 acls:3 msdfs:3
    max log size = 5000
    syslog = 0
    panic action = /usr/share/samba/panic-action %d
    security = user
    username map = /etc/samba/usermap
    case sensitive = no
    encrypt passwords = true
    enable privileges = yes
    passdb backend = ldapsam:ldap://server:389/
    ldap admin dn = cn=admin,dc=domain,dc=com
    ldap suffix = dc=domain,dc=com
    ldap user suffix = ou=users
    ldap group suffix = ou=groups
    ldap machine suffix = ou=computers
    ldap idmap suffix = ou=idmap
    ldap ssl = off
    ldap delete dn = nomap to guest = bad user
    domain logons = yes
    domain master = yes
    local master = yes
    preferred master = yes
    os level = 255
    logon path = \\%N\profiles\%U
    logon drive = S:
    logon home = \\%N\%U
    logon script = logon.bat
    add user script = /usr/sbin/smbldap-useradd -a -m %u
    delete user script = /usr/sbin/smbldap-userdel %u
    add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
    delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
    set primary group script = /usr/sbin/smbldap-usermod -g %g %u
    add machine script  = /usr/sbin/smbldap-useradd -t 0 -w %u
    add group script = /usr/sbin/smbldap-groupadd -p %g
    delete group script = /usr/sbin/smbldap-groupdel %g
    printing = cups
    socket options = TCP_NODELAY
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    time server = yes
    null passwords = no
    idmap backend = ldap:ldap://server:389/
    obey pam restrictions = yes
    ldap passwd sync = yes
    unix password sync = no
    passwd program = /usr/sbin/smbldap-passwd %u
    passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    pam password change = yes

Am 25.08.2011 12:55, schrieb Jubacca:
> Hi , I use Samba 3.5 PDC + ldap backend . I can't put the machine if I
> don't specify
> the wins server on Pc-client. I try different name resolve order , but
> nothing change ? Can you help me ?
> My global is :
>
> [global]
> workgroup = workgroup
> netbios name = SERVER
> server string = Server Samba
> wins support = yes
> browse list = Yes
> remote announce = 10.0.0.255/workgroup
> lm announce = yes
> lm interval = 30
> dns proxy = yes
> hosts allow = 127.0.0.1 10.0.0.1/255.255.255.0
> name resolve order = wins lmhosts host bcast
> # name resolve order = bcast host lmhosts wins
> interfaces = bond0 , eth1 ,lo
> bind interfaces only = no
> log file = /var/log/samba/%U.%m.log
> log level = 0 passdb:6 auth:10 vfs:5 acls:3 msdfs:3
> max log size = 5000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> username map = /etc/samba/usermap
> case sensitive = no
> encrypt passwords = true
> enable privileges = yes
> passdb backend = ldapsam:ldap://server:389/
> ldap admin dn = cn=admin,dc=domain,dc=com
> ldap suffix = dc=domain,dc=com
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap machine suffix = ou=computers
> ldap idmap suffix = ou=idmap
> ldap ssl = off
> ldap delete dn = nomap to guest = bad user
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> os level = 255
> logon path = \\%N\profiles\%U
> logon drive = S:
> logon home = \\%N\%U
> logon script = logon.bat
> add user script = /usr/sbin/smbldap-useradd -a -m %u
> delete user script = /usr/sbin/smbldap-userdel %u
> add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
> delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
> set primary group script = /usr/sbin/smbldap-usermod -g %g %u
> add machine script = /usr/sbin/smbldap-useradd -t 0 -w %u
> add group script = /usr/sbin/smbldap-groupadd -p %g
> delete group script = /usr/sbin/smbldap-groupdel %g
> printing = cups
> socket options = TCP_NODELAY
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> time server = yes
> null passwords = no
> idmap backend = ldap:ldap://server:389/
> obey pam restrictions = yes
> ldap passwd sync = yes
> unix password sync = no
> passwd program = /usr/sbin/smbldap-passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes
Hi,

which distro you are using?

i set up my ldap pdc with nsswitch.

on ubuntu you have to install libnss-ldapd.

greets

juergen

From: Jubacca <jubacca at ngi.it>
Date: Thu, 25 Aug 2011 12:55:48 +0200
> Hi , I use Samba 3.5 PDC + ldap backend . I can't put the machine if I 
> don't specify
> the wins server on Pc-client. I try different name resolve order , but 
> nothing change ? Can you help me ?
Samba 3.X PDC is compatible for Windows NT PDC, so NetBIOS name
resolution is required for them to join to the domain.

If your PC-clients locate in different IP subnets from Samba PDC, you
have to configure them as WINS client as you said or configure LMHOSTS
file on each machines correctly.

This problem has nothing to do with setting of "name resolve order".

---
TAKAHASHI Motonobu <monyo at samba.gr.jp>