[KLUG Members] Help for upgrade to Samba 3.0.1
(LDAPSAM) fm 2.2.8a anybody?
Adam Williams
members@kalamazoolinux.org
Thu, 22 Jan 2004 06:43:48 -0500
> | It might not be bad to walk away and do something else for a day and go
> | back. That trick works for me occasionally when I get mentally jammed
> | up.
> I had it at log level 10. I just wasn't seeing anything. I don't know
> if there is a difference between log level and debug.
> I'm getting something! Check out the following:
> [root@enigma root]# tail -f /var/log/samba3/log.kaliklak | grep
> Administrator
> ~ Mapped user Administrator to root
> ~ make_user_info_map: Mapping user [J9STARR]\[Administrator] from
> workstation [KALIKLAK]
> ~ attempting to make a user_info for root (Administrator)
> ~ check_ntlm_password: Checking password for unmapped user
> [J9STARR]\[Administrator]@[KALIKLAK] with the new password interface
> ~ check_ntlm_password: sam authentication for user [Administrator]
> FAILED with error NT_STATUS_NO_SUCH_USER
> ~ check_ntlm_password: Authentication for user [Administrator] ->
> [root] FAILED with error NT_STATUS_NO_SUCH_USER
> ~ No such user Administrator [J9STARR] - using guest account
What does "id Administrator" return if you run it on the PDC?
> and also there was this in another window:
> [root@enigma samba3]# tail -f /var/log/samba3/log.kaliklak | grep root
> ~ Mapped user Administrator to root
> ~ attempting to make a user_info for root (Administrator)
> ~ making strings for root's user_info struct
> ~ making blobs for root's user_info struct
> ~ check_ntlm_password: mapped user is: [J9STARR]\[root]@[KALIKLAK]
> ~ smbldap_search_suffix: searching
> for:[(&(uid=root)(objectclass=sambaSamAccount))]
> ~ ldapsam_getsampwnam: Unable to locate user [root] count=0
> ~ check_sam_security: Couldn't find user 'root' in passdb file.
> ~ check_ntlm_password: Authentication for user [Administrator] ->
> [root] FAILED with error NT_STATUS_NO_SUCH_USER
> [2004/01/22 00:20:48, 5] smbd/uid.c:change_to_root_user(218)
> ~ change_to_root_user: now uid=(0,0) gid=(0,0)
> [2004/01/22 00:20:48, 5] smbd/uid.c:change_to_root_user(218)
> ~ change_to_root_user: now uid=(0,0) gid=(0,0)
> ~ 0028 ptr_root_dir: 00000000
> Huh? "(uid=root)(objectclass=sambaSamAccount))"? Why is it looking for that?
Well, you mapped Administrator to root, yes?
> and also:
> [root@enigma samba3]# tail -f /var/log/samba3/log.kaliklak | grep J9STARR
> ~ make_user_info_map: Mapping user [J9STARR]\[Administrator] from
> workstation [KALIKLAK]
> ~ no entry for trusted domain J9STARR found.
> ~ check_ntlm_password: Checking password for unmapped user
> [J9STARR]\[Administrator]@[KALIKLAK] with the new password interface
> ~ check_ntlm_password: mapped user is: [J9STARR]\[root]@[KALIKLAK]
> ~ No such user Administrator [J9STARR] - using guest account
"using guest account", you certainly aren't going to be able to do
anything cool like joining the domain.
> one more:
> [root@enigma samba3]# tail -f /var/log/samba3/log.kaliklak | grep error
> ~ yield_connection: tdb_delete for name failed with error Record does
> not exist.
> ~ check_ntlm_password: sam authentication for user [Administrator]
> FAILED with error NT_STATUS_NO_SUCH_USER
> ~ check_ntlm_password: Authentication for user [Administrator] ->
> [root] FAILED with error NT_STATUS_NO_SUCH_USER
> NOTE: Kaliklak is the name of the client and Enigma is the server.
> J9STARR is the domain.
What does "ldapsearch uid=root" return?
> I've noticed that despite the change in max log size I made that the
> file stays right at 5K. I was trying to expand it so that I could get
> more data but I can't seem to. As it is, so much data wizes by that I
> can't hang on to it. To mark a starting point I tried this:
> echo "JIMS MARKER" >> /var/log/samba3/log.kaliklak
> But then couldn't find the text marker:
> [root@enigma samba3]# grep "JIMS MARKER" *
> [root@enigma samba3]#
It probably gets rotated away.
You log file directive looks like?
log file = /var/log/samba/log.%m
I just don't specify a max size, it seems to work.
And you have something like -
logon script = %G.bat
logon path = \\BARBEL\PROFILES\%U
logon drive = f:
logon home = \\SARDINE\HOMEDIR
- in smb.conf to cover for the possibility that an attribute isn't
specified in LDAP?