If you have an apostrophe in XP’s Computer Description field then the computer will not be recognised as part of the samba domain despite it having joined properly.
This is in samba 3.0.2a untested in more recent versions as yet.
samba
Samba 3.0.2a in gentoo
The current gentoo ebuild has some issues with the latest version of smb_ldap tools which means that the config files (there was one; now there are two) are now installed in a different location (they have moved from the previous version that gentoo installed).
For more information, have a look at this bug.
(more…)
Things I have learnt this weekend about LDAP authentication and samba
Samba LDAP initial group/user setup
According to the group mapping section of the Samba HOWTO Collection you need to set up the default groups if you are setting up Samba for LDAP. Remember to set up your smbldap_conf.pm file first and then do something like this:
/usr/share/samba/scripts/smbldap-groupadd.pl -g 512 domadm /usr/share/samba/scripts/smbldap-groupadd.pl -g 513 domuser /usr/share/samba/scripts/smbldap-groupadd.pl -g 514 domguest /usr/share/samba/scripts/smbldap-groupadd.pl -g 515 domcomps /usr/share/samba/scripts/smbldap-groupadd.pl -g 516 domconts net groupmap add rid=512 ntgroup="Domain Admins" UNIXgroup=domadm net groupmap add rid=513 ntgroup="Domain Users" UNIXgroup=domuser net groupmap add rid=514 ntgroup="Domain Guests" UNIXgroup=domguest net groupmap add rid=515 ntgroup="Domain Computers" UNIXgroup=domcomps net groupmap add rid=516 ntgroup="Domain Controllers" UNIXgroup=domconts /usr/share/samba/scripts/smbldap-useradd.pl -a -u 500 -g domadm -n -A 1 -N Domain -S Administrator Administrator /usr/share/samba/scripts/smbldap-passwd.pl Administrator
Please note that this does not set up the complete groups that Windows DC’s provide, but gives enough to start with a basic system and you can build it from there.
