HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   OpenLDAP + Samba Domain Controller On Ubuntu 7.10 (http://www.howtoforge.com/forums/showthread.php?t=19568)

agarcia71 18th January 2008 01:59

OpenLDAP + Samba Domain Controller On Ubuntu 7.10
 
hi guys:

this is my 3rd day, I tryng to setup my ldap server with this howto. I follow all the steps like the howto

My problem is this: when I run this command
Code:

admon@ldap$ net getlocalsid
got this error:

Code:

[2008/01/17 18:42:30, 0] lib/smbldap.c:smbldap_connect_system(982)
  failed to bind to server ldap://localhost/ with dn="cn=admin,dc=ddiscovery,dc=local" Error: Can't contact LDAP server
        (unknown)

after a few seconds appears the SID

I don't know what I'm doing wrong:

this is my smb.conf

Code:


[global]

workgroup = DDISCOVERY
server string = Domain Server (Samba, Ubuntu)
dns proxy = no
passdb backend = ldapsam:ldap://localhost/

obey pam restrictions = no
#Begin: Custom LDAP Entries
ldap admin dn = cn=admin,dc=ddiscovery,dc=local
ldap suffix = dc=ddiscovery, dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
; Do ldap passwd sync
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
domain logons = yes
# End: Custom LDAP Entries

  invalid users = root
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n Retype\snew\sUNIX\spassword:* %n\n passwd:*password\supdated\ssuccessfully* .
logon path =

# Other parameters have default configuration

I'll apreciate any help!!!


PD: sorry abount my english.

o.meyer 18th January 2008 13:51

Hi agarcia71,

please paste the output of

Code:

cat /etc/smbldap-tools/smbldap_bind.conf
Best regards,

Olli

agarcia71 19th January 2008 02:02

Hi o.meyer

We found that the daemons smb and nmbd starts but they are didn't listen, and when we restart both daemons again we got this error:

Code:

admon@ldap$ sudo /etc/init.d/samba restart
 * Stopping Samba daemons...
start-stop-daemon: warning: failed to kill 3865: No such process           
                                                                                                  [OK]
 * Starting Samba daemons                                                              [OK]
admon@ldap$

Thanks

aGarcia71

agarcia71 19th January 2008 02:08

Hi o.meyer

We think the problem is on smb.conf because after restoring the original configuration for smb.conf the daemons work.

But we still don't found the solution.

agarcia71 22nd January 2008 00:05

Help !!!
 
Plz Help:

This is netstat before doing the smb.conf modification:

Code:

admon@ldap:/etc/samba$ sudo netstat -puta
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name 
tcp        0      0 *:ldap                  *:*                    LISTEN    4888/slapd         
tcp        0      0 *:netbios-ssn          *:*                    LISTEN    5464/smbd         
tcp        0      0 *:microsoft-ds          *:*                    LISTEN    5464/smbd         
tcp6      0      0 *:ldap                  *:*                    LISTEN    4888/slapd         
tcp6      0      0 *:ssh                  *:*                    LISTEN    3826/sshd         
tcp6      0      0 ldap:ssh                ::ffff:10.2.7.1%8:53139 ESTABLISHED4895/sshd: admon [p
udp        0      0 ldap:netbios-ns        *:*                                5462/nmbd         
udp        0      0 *:netbios-ns            *:*                                5462/nmbd         
udp        0      0 ldap:netbios-dgm        *:*                                5462/nmbd         
udp        0      0 *:netbios-dgm          *:*                                5462/nmbd


doing the step 5 when I restart the samba daemon got this error:

Code:

admon@ldap:/etc/samba$ sudo /etc/init.d/samba restart
 * Stopping Samba daemons...                                                                                                start-stop-daemon: warning: failed to kill 5279: No such process            [ OK ]                                                                                                                   
 * Starting Samba daemons                                                              [ OK ]

Then I run next command:
Code:

admon@ldap:/etc/samba$ sudo netstat -puta
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name 
tcp        0      0 *:ldap                  *:*                    LISTEN    4888/slapd         
tcp        0      0 localhost:36848        localhost:ldap          TIME_WAIT  -                 
tcp6      0      0 *:ldap                  *:*                    LISTEN    4888/slapd         
tcp6      0      0 *:ssh                  *:*                    LISTEN    3826/sshd         
tcp6      0      0 ldap:ssh                ::ffff:10.2.7.1%8:53139 ESTABLISHED4895/sshd: admon [p
udp        0      0 ldap:netbios-ns        *:*                                5320/nmbd         
udp        0      0 *:netbios-ns            *:*                                5320/nmbd         
udp        0      0 ldap:netbios-dgm        *:*                                5320/nmbd         
udp        0      0 *:netbios-dgm          *:*                                5320/nmbd         
admon@ldap:/etc/samba$

I Can't see the smb daemon running :(

This is again my smb.conf
Code:

[global]

workgroup = DDISCOVERY
server string = Domain Server (Samba, Ubuntu)
dns proxy = no
passdb backend = ldapsam:ldap://localhost/

obey pam restrictions = no
#Begin: Custom LDAP Entries
ldap admin dn = cn=admin,dc=ddiscovery,dc=local
ldap suffix = dc=ddiscovery, dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
; Do ldap passwd sync
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
domain logons = yes
# End: Custom LDAP Entries

  invalid users = root
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n Retype\snew\sUNIX\spassword:* %n\n passwd:*password\supdated\ssuccessfully* .
logon path =

# Other parameters have default configuration
I still don't know what is the problem, please helpme

Best regards,

aGarcia71:confused:

o.meyer 22nd January 2008 14:40

Hi agarcia71,

please try this global section:

Code:

[global]
        workgroup = DDISCOVERY
        netbiosname = PDC-SRV-DDISCOVERY
        preferred master = yes
        os level = 65
        wins support = yes
        enable privileges = yes
        timeserver = yes
        socket options = SO_KEEPALIVE IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        log level = 3
        null passwords = yes
        # unix charset = ISO8859-1
        name resolve order = bcast host
        domain logons = yes
        domain master = yes
        printing = cups
        printcap name = cups
        logon path = \\%N\profiles\%u
        logon script = logon.bat
        logon drive = H:
        map acl inherit = yes
        nt acl support = yes
        passdb backend = ldapsam:ldap://127.0.0.1/
        obey pam restrictions = no

        ldap admin dn = cn=admin,dc=ddiscovery,dc=local
        ldap suffix = dc=ddiscovery,dc=local
        ldap group suffix = ou=Groups
        ldap user suffix = ou=Users
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Users
        ldap passwd sync = yes
        ldap delete dn = yes

        passwd program = /usr/sbin/smbldap-passwd -u %u
        passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n

        add user script = /usr/sbin/smbldap-useradd -m "%u"
        add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
        set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
        add group script = /usr/sbin/ambldap-groupadd -p "%g"
        add machine script = /usr/sbin/smbldap-useradd -w "%u"

        delete user script = /usr/sbin/smbldap-userdel "%u"
        delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
        delete group script = /usr/sbin/smbldap-groupdel "%g"

Best regards,

Olli

agarcia71 23rd January 2008 00:09

Hi o.meyer:

Just Copy & paste, exactly you said, but It doesn't work :S

Thanks for your help, i will keep looking.

o.meyer 23rd January 2008 13:04

Hi agarcia71,

please test your samba configuration with the command

Code:

testparm
This will show you possible errors in the configuration.

Best regards,

Olli

agarcia71 23rd January 2008 23:25

Quote:

Originally Posted by o.meyer
Hi agarcia71,

please test your samba configuration with the command

Code:

testparm
This will show you possible errors in the configuration.

Best regards,

Olli

Hi o.meyer

Guess what!!!, Finally, the server is working, I Just follow all the steps from the howto, and it works!!!. But don't askme what whas the problem, because I don't know, i just follow the instruccions once more.
Now I can connect the XP clients to the domain, now i have another problems:

previusly, I setup a user, configure the workstation, that users didn't exist on the workstation, I get in, but the user is didn't created on the workstation. its that make sense ?.

Sorry, about my english, I tryng to explain better I can.

alshira 7th May 2008 17:05

Vista login in domain
 
When i tried to join a Vista PC in domain show the following message:
The join operation was not successful. This could be because an existing computer account having name "name_of_machine" was previously created using a different set of credentials. Use a different computer name, or contact your administrator to remove any state conflict account. The error was: Access id Denied

Thanks for the help that you can bring me.


All times are GMT +2. The time now is 21:23.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.