[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Can join domain but cannot login
Good day!
I badly need your help.
I can join the domain using the root but after restart i cannot login
anymore
My client is windows XP sp4.
The message was this:`
"The system cannot log you on to this domain because the system's
computer account in its primary domain
is missing or the password on that account is incorrect."
i have already disable the following in Local Security Settings
1. Domain member: Digitally encrypt or sign secure channel data (always)
2. Domain member: Digitally encrypt secure channel data (when possible)
3. Domain member: Digitally sign secure channel data (when possible)
4. Domain member: Disable machine account password changes
I can add and delete user using smbldap-useradd and smbldap-userdel
and also using webmin 1.41
Pls help me with this.
This is my config files:
#########################################
-rw-r--r-- 1 root root 2715 Dec 1 18:15 smb.conf
[global]
idmap gid = 16777216-33554431
enable privileges = Yes
passwd program = /usr/local/sbin/smbldap-passwd %u
dns proxy = no
netbios name = smbldap
ldap passwd sync = yes
idmap uid = 16777216-33554431
default = global
dos charset = 850
local master = yes
workgroup = fcb.net
os level = 34
security = User
log level = 0
log file = /var/log/samba/log.%m
max log size = 500
socket options = TCP_NODELAY
domain master = yes
encrypt passwords = yes
winbind use default domain = no
keepalive = 10
template shell = /bin/false
netbios aliases = smbldap.fcb.net
password server = smbldap
valid users = %U
domain logons = yes
encrypt passwords = yes
unix charset = ISO8859-1
password server = smbldap
# Samba-Ldap Declarations #
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=Manager,dc=fcb.net,dc=.
ldap suffix = dc=fcb.net,dc=.
ldap delete dn = yes
ldap ssl = on
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
add user script = /usr/local/sbin/smbldap-useradd -a "%u
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user to group script = /usr/local/smbldap-groupmod -m "%u" "%g"
add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
set primary group script = /usr/local/sbin/smbldap-groupmod -g
"%g" "%u"
delete user script = /usr/local/sbin/smbldap-userdel -r "%u"
delete group script = /usr/local/sbin/smbldap-groupdel '%g'
delete user from group script = /usr/local/sbin/smbldap-groupmod
-x "%u" "%g"
[netlogon]
comment = Domain Logon Service
path = /home/netlogon
browseable = No
[ISD]
comment = Information Systems Division
path = /home/isd
valid users = @isd
read only = No
create mask = 0660
directory mask = 0770
[profiles]
path = /home/samba/profiles
valid users = %U, "@Domain Admins"
##########################################
-rwxr-xr-x 1 ldap ldap 1010 Nov 28 16:29 slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
database bdb
directory /var/lib/ldap
suffix "dc=fcb.net,dc=."
rootdn "cn=Manager,dc=fcb.net,dc=."
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName eq,pres,sub
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
rootpw smbldap
access to
attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange
by dn.children="dc=fcb.net,dc=." write
by self write
by anonymous auth
by * none
access to *
by dn.children="dc=fcb.net,dc=." write
by * read
######################################
-rw-r--r-- 1 ldap ldap 851 Dec 1 17:56 ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
host 127.0.0.1
base dc=fcb.net,dc=.
#inserted nov 24, 2008
#rootbinddn cn=Manager,dc=fcb.net,dc=.
rootbinddn cn=Manager,dc=fcb.net,dc=.
nss_base_passwd dc=fcb.net,dc=.
nss_base_shadow dc=fcb.net,dc=.
nss_base_group dc=fcb.net,dc=.
#Security Options
ssl no
pam_passwd md5
bind_policy soft
TLS_CACERTDIR /etc/openldap/cacerts
########################################
-rw-r--r-- 1 root root 1119 Nov 27 13:38 smbldap.conf
SID="S-1-5-21-2796061091-2530429657-3897351620"
sambaDomain="smbldap"
slaveLDAP="127.0.0.1"
slavePort="389"
masterLDAP="127.0.0.1"
masterPort="389"
ldapTLS="0"
#verify=""
#clientcert=""
#clientkey=""
suffix="dc=fcb.net,dc=."
usersdn="ou=User,dc=fcb.net,dc=."
computersdn="ou=Computers,dc=fcb.net,dc=."
groupsdn="ou=Groups,dc=fcb.net,dc=."
binddn="cn=Manager,dc=fcb.net,dc=."
bindpasswd="smbldap"
#idmapdn="fcb,${suffix}"
#sambaUnixIdPooldn="sambaDomainName=workgroup,${suffix}"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format=""
userLoginShell="/bin/bash"
userHome="/home/samba/users/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
userSmbHome="\\smbldap\home\samba\users\%U"
userProfile="\\smbldap\home\samba\profiles\%U"
userHomeDrive="H"
userScript="%U.bat"
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
#######################################
-rw------- 1 root root 428 Nov 25 18:34 smbldap_bind.conf
slaveDN="cn=Manager,dc=fcb.net,dc=."
slavePw="smbldap"
masterDN="cn=Manager,dc=fcb.net,dc=."
masterPw="smbldap"
###############################################
-rw-r--r-- 1 root root 1658 Nov 29 15:14 /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns
bootparams: files
ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap
netgroup: files ldap
publickey: files
automount: files ldap
aliases: files
Thanks in advance!
Emil Sicad
Cebu Mitsumi Inc
Information Systems Division