Mandriva Directory Server On Debian Etch - Page 7

20 The Client Side

I've tested this with Windows XP Pro SP2 - but it should also work with other Windows versions.

  • Be sure that no other DHCP server than the one on the server is running
  • Start Windows and log in as local administrator
  • Configure your network connection to use DHCP
  • Right click on "My Computer" and select "Properties"
  • Switch to the tab "Computer Name" and click on "Change"
  • Insert a desired computer name, mark the radio button "Domain" and enter "EXAMPLE" (without the quotes!)
  • Click on "OK" to take the changes effect
  • A few moments later you'll be asked for a username and password. Use the domain administrator account that you created at step 5.2 (e.g.: Username "Administrator" with the password "howtoforge") and click on "OK"
  • If all went ok, you'll get a welcome message
  • Restart the system
  • When the system is up again, log in with the domain administrator account that you created at step 5.2 (e.g.: Username "Administrator" with the password "howtoforge"). Be sure that you select the domain from the drop down menu!
  • Click on "Start" and afterwards on "execute". Enter "gpedit.msc" and click on "OK".
  • Browse to the Internet Explorer settings and activate "proxy settings per computer."

  • Now open the Internet Explorer, click on "Extras" and afterwards on "Internet Options". Edit the proxy settings as shown on the screenshot below.

  • Log out and in again with the domain user account that you configured at step 19.4 (e.g.: Username "olli" with the password "howtoforge"). Be sure that you select the domain from the drop down menu! Domain users won't be able to change the proxy settings.


21 Some Notes...


22 Links

Share this page:

26 Comment(s)

Add comment


From: at: 2009-05-07 23:34:28

i followed literally the first age of howto and i got this error:

May  8 03:21:20 pdc slapd[2396]: /etc/ldap/slapd.conf: line 24: unknown directive <schemacheck> outside backend info and database definitions.

i fixed commenting this line

 after fixed, retarted slapd and got:

 /etc/ldap/slapd.conf: line 47: unknown directive <checkpoint> outside backend info and database definitions.
fixed this, too, commentig it


debian lenny with all packages updated

From: at: 2009-04-12 19:21:35

Hi NOKSY Sorry to being late at your answer. I've been doing this server for about a 2 years and it's just no a normal issue setting up this server. About this error I could say that you' re missing some part of the tutorial, as I've done this server again perfectly 2 days ago. Try to read all the tutorial first, then you proceed to install it. It's very confuse, but at the end you will discover its a very functional tool that saves a lot of time.

From: at: 2008-02-26 20:31:41

Hi Álvaro,

for security reasons I configured the system that it is only accessible from the local network.

If you want to access the MMC from outside, you have to modify the settings for the https vhost (step 16.3.2). Change "Allow from" to "Allow from all". Afterwards restart the webserver (/etc/init.d/apache2 restart). Additionally you have to adjust the firewall settings that port 443 will be forwarded to the MDS.

Best regards,


From: at: 2008-02-22 19:57:46

Hi o.meyer,

 I've got some questions about your installation, but I know it that is me the wrong part, but let me understand something: When I just finish to update the system, and step over to install LDAP, after the install I've got some error messages at the boot time. Is it normal? It says ldap:// - could not connect - Invalid Credentials .

Wich file do I have deal to stop this problem? Can I set my ip address to instead of

Another question is: Where I find "", I've tried to change the names using my account on . Is there any problems?

And the file that controls SAMBA and LDAP servers (smb.conf) says at the first line: workgroup = DYNDNS. Can I use that way??


Alvaro Gomes

(Ps.: Your article is a great and fantastic tool that helps a lot o people over the world, when the subject is Technology of servers. Thanks again for the article, it was great)

From: at: 2008-02-24 12:59:21

Hi Alvaro Gomes,

1.) Yes, the error messages are normal - it's an old udev-bug known since 2006 or earlier. Simply ignore it.

2.) You can change your hostname to whatever you want (in a LAN) :) Have a look at step 1.2 .

3.) Edit the workgroup as you like - but keep in mind that you have to replace some commands in this howto, that they fit to your workgroup.

Best regards,


From: at: 2008-02-25 15:11:54

Thanks for your answer, and again I did raise another question about this system, please don't take me on the wrong way, what I just trying to do is get this solution (for me specially) on the framework, so this way we could install this solution in big scale (production)

Well, about the management of the LDAP Server based on Mandriva directory server, I wish I could have the management out of the site, so this way we can control everything (remote management). I did open the port on the firewall side (smoothwall, port 443) but I'm still stucked c'ause when I try to access it I've got the message: Forbidden. I tried to review the configuration, but nothing yet...Could you help me on this issue:? Thanks again

 Best regards,


Álvaro Gomes

From: at: 2008-03-07 03:14:02

Just passing by to say that tool is fantastic!!!! I've good things coming up here; think to the possibility to come to Brazil and make like a partnership program with us.....We'll work with a lot of big companies and I think to implement this tool.....Acctually I've been asked about this tool, and its great the fact we could make a very powerfull server with a lot of resources, using low hardware and high space.......Well, anyway I would like to say that you're invite come to Brazil anytime.......


My Best regards,


From: at: 2008-03-02 01:02:20

Thanks for this solution Oliver,

 This help me a lot..........Feel free if you need anything (like test some solution, whatever) to contact me anytime

My best regards, 

From: at: 2008-04-06 05:06:13

Hi Oliver, how's everything?

I 've got taked a look at my memory status and its seems that processing jobs be a little bit up, is that normal? I 've got a 3.0 GB virtualized memory and its seems to be anormal, and please if you have a suggestion please show me A.S.A.P. Thanks...

From: at: 2008-05-30 18:48:25

It seems to have some kind of error at the end of this installation. Before, I've finished everything just fine, but in about 2 days ago, I didn't get my server done in any way I tried. Its seems to be a error on the Samba Schema or something. I wish I had that log to show you.....if you notice something, please let me know, ok?

Thanks a lot 

From: at: 2008-06-01 19:53:17

Could you take a look at this output from my server and tell me what could be wrong?? This output came from the last step of MDS Server Setup, and its killing me !! Thanks man, I'll really appreciate your help on this....

PS: I've tried to send you a PM, but it says that I don't have 3 counts on my posts, I really didn't get that, but, whatever, you should ignore this comment and just send me a answer by mail, thanks!

No option 'bindgroup' in section: 'dns'
Traceback (most recent call last):
  File "/var/lib/python-support/python2.4/mmc/", line 339, in agentService
    if (func()):
  File "/var/lib/python-support/python2.4/mmc/plugins/network/", line 50, in activate
    config = NetworkConfig("network")
  File "/var/lib/python-support/python2.4/mmc/support/", line 81, in __init__
  File "/var/lib/python-support/python2.4/mmc/plugins/network/", line 340, in readConf
    self.bindGroup = self.get("dns", "bindgroup")
  File "", line 520, in get
    raise NoOptionError(option, section)
NoOptionError: No option 'bindgroup' in section: 'dns'
Error while trying to load plugin samba
{'info': 'no global superior knowledge', 'desc': 'Server is unwilling to perform'}
Traceback (most recent call last):
  File "/var/lib/python-support/python2.4/mmc/", line 339, in agentService
    if (func()):
  File "/var/lib/python-support/python2.4/mmc/plugins/samba/", line 129, in activate
    samba.addOu(ouName, path)
  File "/var/lib/python-support/python2.4/mmc/plugins/base/", line 1718, in addOu
  File "/usr/lib/python2.4/site-packages/ldap/", line 163, in add_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "/usr/lib/python2.4/site-packages/ldap/", line 405, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib/python2.4/site-packages/ldap/", line 409, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "/usr/lib/python2.4/site-packages/ldap/", line 415, in result3
    rtype, rdata, rmsgid, serverctrls = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "/usr/lib/python2.4/site-packages/ldap/", line 94, in _ldap_call
    result = func(*args,**kwargs)
UNWILLING_TO_PERFORM: {'info': 'no global superior knowledge', 'desc': 'Server is unwilling to perform'}

From: at: 2009-02-05 09:52:28

Hi all,

I'm following this "Howto" step by step, but when i  enter this command :

chown -R :"Domain Users" /home/samba/

I have this error message : chown : ':Domain Users' : Invalid group


Do you have an idea please ?



From: Alder at: 2009-05-29 09:19:14

Simply delete schemacheck on. 

my system debian lenny with all packages updated

From: Alder at: 2009-05-29 09:20:41

Try this 

chown -R "Domain Users" /home/samba/

debian lenny

From: Peter at: 2009-08-16 01:31:30

I got stuck on this and need some help:

/etc/ldap/slapd.conf is missing in my system. I get slapd.d in /etc/ldap/ but nothig like slapd.conf. Can anyone help ?

From: Anonymous at: 2009-10-23 06:35:17

I can't authenticate any mail user 

telnet x.x.x.x 110

USER user

PASS pass

-ERR Authentication Failed

 My dovecot-ldap.conf

hosts = x.x.x.x
auth_bind = yes
#auth_bind = no
ldap_version = 3
base = dc=test,dc=local
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,mailbox=mail,mailuserquota=quota=maildir:storage
user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
default_pass_scheme = CRYPT
user_global_gid = mail


Any ideas? :)


From: at: 2010-02-08 00:02:11

 Hi Oliver,

 Sorry to botther you putting this comment asking for help, but since Dovecot had a upgraded version, the last line at /etc/dovecot/dovecot-ldap.conf that says "user_global_gid=mail" its not longer usefull, as I've trying to put dovecot to run and I receive this message (at log file): Error: Error in configuration file /etc/dovecot/dovecot-ldap.conf line 11: Unknown setting: user_global_gid.

Do you have any ideas about this problem? If is there any help you could give me on this problem, I'd be appreciated...

Also, when I try to connect using the Microsoft outlook client mail, its just not working either...I know its because dovecot its not runnig, but since I commented in the line "user_global_gid=mail" and get dovecot running again, the service still not working......




From: carlitus at: 2011-10-25 16:41:19

Hi folks! I know, this howto is pretty old but still applicable. Let me give my 2 cents...

I installed it on Debian Lenny, and works great. But you should edit /etc/apt/preferences and add this, before installing required packages:

Package: *
Pin: origin
Pin-Priority: 1001;
This should give priority to MDS packages, and force it to install bind9 from MDS repository instead Lenny's package. If bind9 .deb from Lenny sources is installed, you'll get DNS failures, bind9 will not load internal DNS zones because it doesn't have ldap support. 
Sorry if I did some grammar mistakes, this is not my native language and I need more English lessons. :)

From: jmark at: 2009-01-15 10:28:55

Hi there,

i've tried this tutorial and everything goes right until i reboot my system. After the reboot i was no longer able to log on to the system. I use the latest release of debian. Can someone pointing me how to fix this our a resolution?

P.S: other thing, the package dcc-client is not available on debian 4.01r6? is this important? how to get in?

Thanks in advance..... 

From: at: 2009-06-15 05:02:16

Well, it's an old comment but still relevant:

Do not add password required to your auth-* file. You'll lock yourself out from SSH and some other services.

Also, you need to do step 5.4 after step 6 or you will end up with an unknown group "Domain Users" (as noted on the first page comments).

From: at: 2009-08-16 15:34:26

i would notify a typo:

 add group script = /usr/sbin/ambldap-groupadd -p "%g"

should be

 add group script = /usr/sbin/smbldap-groupadd -p "%g"

From: Anonymous at: 2009-11-24 08:07:52

hi, i have the same error message "chown: invalid group: `:Domain Users ".

could you post the right typo please?

From: Mike at: 2009-10-14 09:22:44

I get 2 errors:

 1) #net -U Administrator rpc rights grant 'DOMAIN\Domain Admins' SeMachineAccountPrivilege

Enter Administrator's password:
Could not connect to server
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE


2) # chown -R :"Domain Users" /home/samba/

chown: invalid group: `:Domain Users


I have also done first the 6 and then the 5.4 step, but I still get the same error.


From: Anonymous at: 2009-10-15 12:55:33

ok I found the solution. It had to do with the localhost configuration and some syntax errors

From: Anonymous at: 2010-03-25 12:17:04

about : chown: invalid group: `:Domain Users

Try this:

# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/libnss-ldap.secret (mode 600)
# Use 'echo -n "mypassword" > /etc/libnss-ldap.secret' instead
# of an editor to create the file.

1. delete /etc/libnss-ldap.secret

2. echo -n "mypassword" > /etc/libnss-ldap.secred


From: yosemity at: 2010-06-16 17:04:34

in /etc/libnss-ldap.conf

change ldapi:// to ldap://