18th January 2008, 01:59
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
OpenLDAP + Samba Domain Controller On Ubuntu 7.10
hi guys:
this is my 3rd day, I tryng to setup my ldap server with this howto. I follow all the steps like the howto
My problem is this: when I run this command
Code:
admon@ldap$ net getlocalsid
got this error:
Code:
[2008/01/17 18:42:30, 0] lib/smbldap.c:smbldap_connect_system(982)
failed to bind to server ldap://localhost/ with dn="cn=admin,dc=ddiscovery,dc=local" Error: Can't contact LDAP server
(unknown)
after a few seconds appears the SID
I don't know what I'm doing wrong:
this is my smb.conf
Code:
[global]
workgroup = DDISCOVERY
server string = Domain Server (Samba, Ubuntu)
dns proxy = no
passdb backend = ldapsam:ldap://localhost/
obey pam restrictions = no
#Begin: Custom LDAP Entries
ldap admin dn = cn=admin,dc=ddiscovery,dc=local
ldap suffix = dc=ddiscovery, dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
; Do ldap passwd sync
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
domain logons = yes
# End: Custom LDAP Entries
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n Retype\snew\sUNIX\spassword:* %n\n passwd:*password\supdated\ssuccessfully* .
logon path =
# Other parameters have default configuration
I'll apreciate any help!!!
PD: sorry abount my english.
|
18th January 2008, 13:51
|
|
Senior Member
|
|
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
|
|
Hi agarcia71,
please paste the output of
Code:
cat /etc/smbldap-tools/smbldap_bind.conf
Best regards,
Olli
|
19th January 2008, 02:02
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
Hi o.meyer
We found that the daemons smb and nmbd starts but they are didn't listen, and when we restart both daemons again we got this error:
Code:
admon@ldap$ sudo /etc/init.d/samba restart
* Stopping Samba daemons...
start-stop-daemon: warning: failed to kill 3865: No such process
[OK]
* Starting Samba daemons [OK]
admon@ldap$
Thanks
aGarcia71
|
19th January 2008, 02:08
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
Hi o.meyer
We think the problem is on smb.conf because after restoring the original configuration for smb.conf the daemons work.
But we still don't found the solution.
|
22nd January 2008, 00:05
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
Help !!!
Plz Help:
This is netstat before doing the smb.conf modification:
Code:
admon@ldap:/etc/samba$ sudo netstat -puta
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:ldap *:* LISTEN 4888/slapd
tcp 0 0 *:netbios-ssn *:* LISTEN 5464/smbd
tcp 0 0 *:microsoft-ds *:* LISTEN 5464/smbd
tcp6 0 0 *:ldap *:* LISTEN 4888/slapd
tcp6 0 0 *:ssh *:* LISTEN 3826/sshd
tcp6 0 0 ldap:ssh ::ffff:10.2.7.1%8:53139 ESTABLISHED4895/sshd: admon [p
udp 0 0 ldap:netbios-ns *:* 5462/nmbd
udp 0 0 *:netbios-ns *:* 5462/nmbd
udp 0 0 ldap:netbios-dgm *:* 5462/nmbd
udp 0 0 *:netbios-dgm *:* 5462/nmbd
doing the step 5 when I restart the samba daemon got this error:
Code:
admon@ldap:/etc/samba$ sudo /etc/init.d/samba restart
* Stopping Samba daemons... start-stop-daemon: warning: failed to kill 5279: No such process [ OK ]
* Starting Samba daemons [ OK ]
Then I run next command:
Code:
admon@ldap:/etc/samba$ sudo netstat -puta
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:ldap *:* LISTEN 4888/slapd
tcp 0 0 localhost:36848 localhost:ldap TIME_WAIT -
tcp6 0 0 *:ldap *:* LISTEN 4888/slapd
tcp6 0 0 *:ssh *:* LISTEN 3826/sshd
tcp6 0 0 ldap:ssh ::ffff:10.2.7.1%8:53139 ESTABLISHED4895/sshd: admon [p
udp 0 0 ldap:netbios-ns *:* 5320/nmbd
udp 0 0 *:netbios-ns *:* 5320/nmbd
udp 0 0 ldap:netbios-dgm *:* 5320/nmbd
udp 0 0 *:netbios-dgm *:* 5320/nmbd
admon@ldap:/etc/samba$
I Can't see the smb daemon running 
This is again my smb.conf
Code:
[global]
workgroup = DDISCOVERY
server string = Domain Server (Samba, Ubuntu)
dns proxy = no
passdb backend = ldapsam:ldap://localhost/
obey pam restrictions = no
#Begin: Custom LDAP Entries
ldap admin dn = cn=admin,dc=ddiscovery,dc=local
ldap suffix = dc=ddiscovery, dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
; Do ldap passwd sync
ldap passwd sync = Yes
passwd program = /usr/sbin/smbldap-passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated*
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
domain logons = yes
# End: Custom LDAP Entries
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n Retype\snew\sUNIX\spassword:* %n\n passwd:*password\supdated\ssuccessfully* .
logon path =
# Other parameters have default configuration
I still don't know what is the problem, please helpme
Best regards,
aGarcia71 
|
22nd January 2008, 14:40
|
|
Senior Member
|
|
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
|
|
Hi agarcia71,
please try this global section:
Code:
[global]
workgroup = DDISCOVERY
netbiosname = PDC-SRV-DDISCOVERY
preferred master = yes
os level = 65
wins support = yes
enable privileges = yes
timeserver = yes
socket options = SO_KEEPALIVE IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
log level = 3
null passwords = yes
# unix charset = ISO8859-1
name resolve order = bcast host
domain logons = yes
domain master = yes
printing = cups
printcap name = cups
logon path = \\%N\profiles\%u
logon script = logon.bat
logon drive = H:
map acl inherit = yes
nt acl support = yes
passdb backend = ldapsam:ldap://127.0.0.1/
obey pam restrictions = no
ldap admin dn = cn=admin,dc=ddiscovery,dc=local
ldap suffix = dc=ddiscovery,dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
ldap passwd sync = yes
ldap delete dn = yes
passwd program = /usr/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n
add user script = /usr/sbin/smbldap-useradd -m "%u"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add group script = /usr/sbin/ambldap-groupadd -p "%g"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
Best regards,
Olli
|
23rd January 2008, 00:09
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
Hi o.meyer:
Just Copy & paste, exactly you said, but It doesn't work :S
Thanks for your help, i will keep looking.
|
23rd January 2008, 13:04
|
|
Senior Member
|
|
Join Date: Aug 2007
Posts: 167
Thanks: 2
Thanked 24 Times in 23 Posts
|
|
Hi agarcia71,
please test your samba configuration with the command
This will show you possible errors in the configuration.
Best regards,
Olli
|
23rd January 2008, 23:25
|
|
HowtoForge Supporter
|
|
Join Date: Nov 2006
Posts: 18
Thanks: 2
Thanked 0 Times in 0 Posts
|
|
Quote:
|
Originally Posted by o.meyer
Hi agarcia71,
please test your samba configuration with the command
This will show you possible errors in the configuration.
Best regards,
Olli |
Hi o.meyer
Guess what!!!, Finally, the server is working, I Just follow all the steps from the howto, and it works!!!. But don't askme what whas the problem, because I don't know, i just follow the instruccions once more.
Now I can connect the XP clients to the domain, now i have another problems:
previusly, I setup a user, configure the workstation, that users didn't exist on the workstation, I get in, but the user is didn't created on the workstation. its that make sense ?.
Sorry, about my english, I tryng to explain better I can.
|
7th May 2008, 17:05
|
|
Junior Member
|
|
Join Date: May 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Vista login in domain
When i tried to join a Vista PC in domain show the following message:
The join operation was not successful. This could be because an existing computer account having name "name_of_machine" was previously created using a different set of credentials. Use a different computer name, or contact your administrator to remove any state conflict account. The error was: Access id Denied
Thanks for the help that you can bring me.
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +2. The time now is 10:12.
|
|
English | 
Deutsch
Recent comments
1 day 4 hours ago
1 day 11 hours ago
1 day 14 hours ago
1 day 16 hours ago
2 days 1 hour ago
2 days 10 hours ago
2 days 11 hours ago
2 days 14 hours ago
2 days 19 hours ago
2 days 19 hours ago