[TriLUG] Samba-3 + PDC+LDAP Question

Mark Fowle mark at thefowles.com
Sun Sep 12 08:17:46 EDT 2004


I have three servers, one email, one ldap (plus DNS, dhcp...) and the 
3rd Samba ---   LDAP authenticates fine against the linux side, plus when
I connect to a share from the XP mahcine,  username and password 
(including root) are accepted (which means that it's reading the ldap 
(ldbm) and for the root password (vi tdbsam) -- but when I try to join 
the XP machine to the domain, it fails - the logs say it can't 
authenitcate the user. I think it's because it is trying to read the 
smbpasswd file. I have added root to LDAP and the passdb.tdb file -- but 
I get the same results.

I had this all working, then they decided last minute to change the 
domain names an the hostnames of all the machines --- (this means I 
broke something) :-(

Thanks,
Mark


Matt Pusateri wrote:

>>Thanks - I will try that on Monday and let you know.  I know what you
>>mean - I have RTFM'd everything I could find on the web and nothing
>>worked exactly as described unless you had the same os, kernel,
>>packages, room temperature... :-)
>>
>>Thanks,
>>Mark
>>
>>
>>Marty Ferguson wrote:
>>
>>    
>>
>>>Mark Fowle wrote:
>>>
>>>      
>>>
>>>>Has anyone worked with the Samba 3/PDC+LDAP configuration?  I have a
>>>>configuration where I have LDAP on one server and
>>>>samba on the other - both sides see each other, at least until I have
>>>>to join a windows XP machine to the domain - then it suddenly
>>>>can't find either  root or Administrator ---  (I don't have access to
>>>>my smb.conf file right now, otherwise I'd post it...)   I think
>>>>it's looking for the root entry in the smbpasswd file (which is
>>>>there) but I have my passdb backend setup for tdbsam
>>>>ldapsam:ldap://127.0.0.1
>>>>
>>>>If I try to mount a share from the linux server, I can give it
>>>>root/password or Administrator/password and have no problems...
>>>>
>>>>Thanks,
>>>>Mark
>>>>
>>>>        
>>>>
>>>If I were to shoot from the hip and wager a guess, I would say that
>>>the XP machine may kicking off the
>>>master-browser election across the SMB domain, and probably has the
>>>highest Master Browser "os level"
>>>
>>>There's some GUI interface you can use on the windows boxes to block
>>>them from ever attempting
>>>to start an election.  It's been quite a while, and I don't remember
>>>how I did it, but as I recall, I had
>>>similar symptoms a couple of years ago, and this technique of
>>>disabling master-browser campaigning worked..
>>>
>>>After all, it's windows.  Just keep experimenting untill something
>>>works.  But don't bother to write it down, because
>>>the next time, the same methods won't procure the same results :)
>>>
>>>Marty
>>>      
>>>
>
>Mark could you describe your setup a little better.  It seams you have two
>linux boxes one serving Samba and the other LDAP?  Which box can do what?
>  
>



More information about the TriLUG mailing list