Results 1 to 1 of 1
Hi there, I know there are tons of stuff written about this (SMB+LDAP), but I have tried most of it, and still get quite weird results. We have a samba ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 12-05-2008 #1
- Join Date
- Dec 2008
Samba + LDAP + W2K8
I know there are tons of stuff written about this (SMB+LDAP), but I have tried most of it, and still get quite weird results.
We have a samba with LDAP acting as PDC. Basically, all auth is done on this systems for shares, accessing internal web sites etc, etc... I must say it is working config, as we were using it for last ~3 years.
Now we had to add W2K8 server for running M$ SQL 2K5 and here all problems started. All our XP machines are in domain, I tried adding one last day, and it went OK, no problems, all shares are accessible on XP.
When I try to add W2K8 server to domain I get the infamous NT_STATUS_NO_SUCH_USER error:
[2008/12/05 08:24:17, 2] auth/auth.c:check_ntlm_password(319) check_ntlm_password: Authentication for user [Administrator] -> [Administrator] FAILED with error NT_STATUS_NO_SUCH_USER <snip> [2008/12/05 08:24:18, 0] passdb/pdb_get_set.c:pdb_get_group_sid(164) pdb_get_group_sid: Failed to find Unix account for TERMINALAS$
[2008/12/05 08:58:49, 2] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [*usernameremoved*] -> [*usernameremoved*] -> [*usernameremoved*] succeeded <snip> [2008/12/05 08:58:49, 0] passdb/pdb_get_set.c:pdb_get_group_sid(164) pdb_get_group_sid: Failed to find Unix account for MSSQL2005$
So when I'm loged in as Administrator to Win machine I can't add it to domain and I can't reach shares. When I'm loged in with my username, I *CAN* reach shares on fileserver, but I still can't add system to domain. W2K8 returns most uninformative error message ever:
The following error ocured when joining domain:
The parameter is incorect.
Anyone had similar experience? We use Samba 3.0.24 and when trying to add system to domain I use my credentials, because in cn=Domain Admins I have my username included.