# [Solved] Samba and LDAP almost there..

## Adamal

I've almost finished getting Samba and LDAP to work my last problem is this command:

net rpc join -U administrator

```
Password:

Create of workstation account failed

User specified does not have administrator privileges

Unable to join domain RUGGLES.

```

I cannot figure out why the user does not have the administrative privileges.  Here is the user info.

/var/lib/samba/sbin/smbldap-usershow.pl Administrator

```
dn: uid=Administrator,ou=People,dc=ruggles,dc=com

cn: Administrator

sn: Administrator

objectClass: inetOrgPerson,sambaSamAccount,posixAccount

gidNumber: 512

uid: Administrator

homeDirectory: /home/

sambaPwdLastSet: 0

sambaLogonTime: 0

sambaLogoffTime: 2147483647

sambaKickoffTime: 2147483647

sambaPwdCanChange: 0

sambaPwdMustChange: 2147483647

sambaHomeDrive: Z:

sambaPrimaryGroupSID: S-1-5-21-3781898859-1229200562-3947277543-512

sambaLMPassword: XXX

sambaNTPassword: XXX

sambaAcctFlags: [U          ]

loginShell: /bin/false

gecos: Netbios Domain Administrator

sambaSID: S-1-5-21-3781898859-1229200562-3947277543-1000

uidNumber: 0

```

getent passwd | grep Administrator

```
Administrator:x:0:512:Netbios Domain Administrator:/home/:/bin/false
```

Any help would be great.  Thanks.

----------

## petrjanda

 *Adamal wrote:*   

> I've almost finished getting Samba and LDAP to work my last problem is this command:
> 
> net rpc join -U administrator
> 
> ```
> ...

 

Not quite sure, but whats 

```

net groupmap list

```

saying?

----------

## Adamal

 *petrjanda wrote:*   

>  *Adamal wrote:*   I've almost finished getting Samba and LDAP to work my last problem is this command:
> 
> net rpc join -U administrator
> 
> ```
> ...

 

```
root@machine root # net groupmap list

Domain Admins (S-1-5-21-3781898859-1229200562-3947277543-512) -> Domain Admins

Domain Users (S-1-5-21-3781898859-1229200562-3947277543-513) -> Domain Users

Domain Guests (S-1-5-21-3781898859-1229200562-3947277543-514) -> Domain Guests

Administrators (S-1-5-21-3781898859-1229200562-3947277543-544) -> Administrators

users (S-1-5-21-3781898859-1229200562-3947277543-545) -> Users

Guests (S-1-5-21-3781898859-1229200562-3947277543-546) -> Guests

Power Users (S-1-5-21-3781898859-1229200562-3947277543-547) -> Power Users

Account Operators (S-1-5-21-3781898859-1229200562-3947277543-548) -> Account Operators

Server Operators (S-1-5-21-3781898859-1229200562-3947277543-549) -> Server Operators

Print Operators (S-1-5-21-3781898859-1229200562-3947277543-550) -> Print Operators

Backup Operators (S-1-5-21-3781898859-1229200562-3947277543-551) -> Backup Operators

Replicator (S-1-5-21-3781898859-1229200562-3947277543-552) -> Replicator

Domain Computers (S-1-5-21-3781898859-1229200562-3947277543-553) -> Domain Computers

```

----------

## Adamal

ok I got the admin permission thing fixed thanks to pgb.

However I am still having an issue

net rpc join -U Administrator

Password:

```
Create of workstation account failed

Unable to join domain DOMAIN.
```

The log says:

```
[2005/02/22 00:21:22, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244)

  get_md4pw: Workstation MYCOMPUTER$: no account in domain

```

so I'm guessing I need to add MYCOMPUTER to samba.  The question is how do I add a machine with samba and LDAP?  Which command adds the workstation? Is there a way I can have the workstation automatically added?

----------

## Adamal

Ok I got it working

I changed my ldap machine suffix to ou=People and modified the smbldap scripts to add computers to ou=People.

After chaning those I deleted all of my ldap data, followed the guide here: http://www.gentoo.org/doc/en/ldap-howto.xml

Then after running the guide I ran smbldap-populate.pl

After that I ran smbldap-usermod -a username for all of my users including root.

Then I ran smbpasswd on root and finally net rpc join -U Administrator

and presto chango it worked  :Smile: 

----------

## geki

what else i had to do was killing /usr/bin/nscd - just for addition.

----------

