Thank you Daniel That statement was commented out in the actual file and I am using ldapsam. however i still get the same error in /var/log/messages when I run winbind. The winbind starts and runs but my /var/log/messages gives me smbldap_search_domain_info: Adding domain info for UZCHS failed with NT_STATUS_UNSUCCESSFUL On 20 October 2011 08:04, Daniel Müller <mueller@xxxxxxxxxxxxxxx> wrote: > passdb backend = tdbsam? > Should be ldapsam?! > > ----------------------------------------------- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller@xxxxxxxxxxxxxxx > Internet: www.tropenklinik.de > ----------------------------------------------- > -----Ursprüngliche Nachricht----- > Von: samba-bounces@xxxxxxxxxxxxxxx [mailto:samba-bounces@xxxxxxxxxxxxxxx] > Im > Auftrag von Rumbidzayi Gadhula > Gesendet: Montag, 17. Oktober 2011 18:38 > An: samba@xxxxxxxxx > Betreff: LDAP/Samba on RHEL6 > > Hello > > have configured samba to authenticate with an LDAP backend everything works > fine including testing the configuration files until I start the net sam > provision. > Below is the > error< > http://www.tomshardware.com/forum/237835-50-samba-ldap-failing-create- > domain-users-admins#>message > I get > > lib/smbldap_util.c:310(smbldap_search_domain_info) > smbldap_search_domain_info: Adding domain info for XXXXX failed with > NT_STATUS_UNSUCCESSFUL > Adding the Domain Users group. > Unable to allocate a new gid to create Domain Users group! > Checking for Domain Admins group. > Adding the Domain Admins group. > Unable to allocate a new gid to create Domain Admins group! > Check for Administrator account. > Adding the Administrator user. > Can't create Administrator user, Domain Admins group not available! > > I have checked the logs and I can't make sense of them (I am quie green > when > it comes to LDAP and Samba). I am following the instructions from the > redhat > documentation for rhel6 > > Below is the /var/log/messages > > winbindd/idmap.c:589(idmap_alloc_init) > Oct 10 08:53:04 xxxxx winbindd[18314]: ERROR: Initialization failed for > alloc backend, deferred! > Oct 10 08:53:04 xxxxx winbindd[18314]: [2011/10/10 08:53:04.768122, 0] > winbindd/idmap.c:201(smb_register_idmap_alloc) > Oct 10 08:53:04 xxxxx winbindd[18314]: idmap_alloc module ldap already > registered! > Oct 10 08:53:04 xxxxx winbindd[18314]: [2011/10/10 08:53:04.768198, 0] > winbindd/idmap.c:201(smb_register_idmap_alloc) > Oct 10 08:53:04 xxxxx winbindd[18314]: idmap_alloc module tdb already > registered! > Oct 10 08:53:04 xxxxx winbindd[18314]: [2011/10/10 08:53:04.768264, 0] > winbindd/idmap.c:149(smb_register_idmap) > Oct 10 08:53:04 xxxxx winbindd[18314]: Idmap module passdb already > registered! > Oct 10 08:53:04 xxxxx winbindd[18314]: [2011/10/10 08:53:04.768328, 0] > winbindd/idmap.c:149(smb_register_idmap) > Oct 10 08:53:04 xxxxx winbindd[18314]: Idmap module nss already > registered! > Oct 10 08:53:04 xxxxx winbindd[18314]: [2011/10/10 08:53:04.769683, 0] > winbindd/idmap.c:589(idmap_alloc_init) > Oct 10 08:53:04 xxxxx winbindd[18314]: ERROR: Initialization failed for > alloc > > See my slapd.conf and smb.conf file, which on testing both return success. > > smb.conf > > workgroup = UZCHS > server string = Samba Server Version %v > > netbios name = uzchspdc > > > # logs split per machine > log file = /var/log/samba/log.%m > # max 50KB per log file, then rotate > max log size = 10000 > > # - - - - - - - - - - - - Standalone Server Options - - - - - - - - - - - - > # > # Security can be set to user, share(deprecated) or server(deprecated) > # > # Backend to store user information in. New installations should > # use either tdbsam or ldapsam. smbpasswd is available for backwards > # compatibility. tdbsam requires no further configuration. > > security = user > passdb backend = tdbsam > > > # - - - - - - - - - - - - Domain Members Options - - - - - - - - - - - - > # > # Security must be set to domain or ads > domain master = yes > domain logons = yes > passdb backend = ldapsam:ldap://127.0.0.1/ > ldapsam:trusted = yes > ldapsam:editposix = yes > encrypt passwords = true > > ldap admin dn = cn=smbadmin,dc=uzchs,dc=ac,dc=zw > ldap delete dn = yes > ldap user suffix = ou=users > ldap group suffix = ou=groups > ldap machine suffix = ou=computers > ldap idmap suffix = ou=idmap > ldap suffix = dc=uzchs,dc=ac,dc=zw > ldap ssl = off > > idmap backend = ldap:ldap://127.0.0.1/ > idmap uid = 5000-50000 > idmap gid = 5000-50000 > idmap alloc backend = ldap > idmap alloc config : ldap_url = ldap://127.0.0.1/ > idmap alloc config : ldap_user_dn = cn=smbadmin,dc=uzchs,dc=ac,dc=zw > idmap alloc config : ldap_base_dn = ou=idmap,dc=uzchs,dc=ac,dc=zw > > logon home = \\127.0.0.1\homes\%U > logon path = \\%L\%U\.win32_profile > logon drive = H: > os level = 34 > preferred master = yes > preferred master = yes > wins support = yes > > load printers = yes > cups options = raw > > #- - - - - - - - - - - - Share Definitions - - - - - - - - - - - - > > [homes] > comment = Home Directories > read only = No > browseable = no > writable = yes > ; valid users = %S > ; valid users = MYDOMAIN\%S > > [printers] > comment = All Printers > path = /var/spool/samba > browseable = no > ; guest ok = no > ; writable = no > printable = yes > > # Un-comment the following and create the netlogon directory for Domain > Logons > [netlogon] > ; comment = Network Logon Service > > Below is the slapd.conf: > > include /etc/openldap/schema/corba.schema > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/cosine.schema > include /etc/openldap/schema/duaconf.schema > include /etc/openldap/schema/dyngroup.schema > include /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/java.schema > include /etc/openldap/schema/misc.schema > include /etc/openldap/schema/nis.schema > include /etc/openldap/schema/openldap.schema > include /etc/openldap/schema/ppolicy.schema > include /etc/openldap/schema/collective.schema > include /etc/openldap/schema/samba.schema > > # Allow LDAPv2 client connections. This is NOT the default. > allow bind_v2 > access to * > by self write > # by users read > by dn.base="cn=smbadmin,dc=uzchs,dc=ac,dc=zw&quo t; write > by * read > > access to attrs=userPassword,sambaLMPassword,sambaNTPassword > ,sambaPwdLastSet,sambaPwdMustChange > by dn.base="cn=smbadmin,dc=uzchs,dc=ac,dc=zw&quo t; write > by self write > by anonymous auth > by * none > database bdb > suffix "dc=uzchs,dc=ac,dc=zw" > checkpoint 1024 15 > rootdn "cn=Manager,dc=uzchs,dc=ac,dc=zw" > # Cleartext passwords, especially for the rootdn, should > # be avoided. See slappasswd(8) and slapd.conf(5) for details. > # Use of strong authentication encouraged. > rootpw redhat > directory /var/lib/ldap > > # Indices to maintain for this database > index objectClass eq,pres > index ou,cn,mail,surname,givenname eq,pres,sub > index uidNumber,gidNumber,loginShell eq,pres > index uid,memberUid eq,pres,sub > index nisMapName,nisMapEntry eq,pres,sub > > # enable monitoring > database monitor > allow onlu rootdn to read the monitor > access to * > by dn.exact="cn=Manager,dc=uzchs,dc=ac,dc=zw&quo t; read > by * none > ############################## > > pdbedit -L -v gives me > > add_new_domain_info: failed to add domain dn= > sambaDomainName=UZCHS,dc=uzchs,dc=ac,dc=zw with: Invalid DN syntax > invalid DN > smbldap_search_domain_info: Adding domain info for UZCHS failed with > NT_STATUS_UNSUCCESSFUL. > > > TIA > > Rumbi > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > -- *Senior Systems Administrator UZCHS- NECTAR Ward C10, Parirenyatwa Hospital Mazoe St, Avondale Harare Tel: +263772 148 889/890 x 320 Cell:0772588210* -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba