# [RESOLVED]Can't join Windows 7 to Samba 3 Domain Controller

## carpenike

Hi all,

I've followed the guide here:

http://en.gentoo-wiki.com/wiki/Samba/Primary_Domain_Controller

This is a server that has been running LDAP and Samba for the last year or so; linux clients authenticate against LDAP and windows clients have been accessing shares on the Samba side with LDAP as the authentication backend. Today I installed Windows 7 Ultimate x64 and I'm attempting to use the samba server as a domain controller but getting an error on the Windows side that says, 

"The following error occurred attempting to join 'holthome':

The Specified Computer Account cannot be found. Contact an administrator to verify the account is in the domain. If the account has been deleted unjoin, reboot, and rejoin the domain."

I can manually run the machine add command on the server and verify that the account gets created in LDAP, but adding the PC to the domain doesn't add the LDAP entry. I get the same error above whether there is an LDAP account or not. 

Here's my smb.conf:

```
fs ~ # cat /etc/samba/smb.conf

[global]

workgroup                       =       HOLTHOME

netbios name                    =       FS

enable privileges               =       yes

server string                   =       Samba Server %v

socket options                  =       TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE

security                        =       user

encrypt passwords               =       yes

os level                        =       65

domain master                   =       yes

preferred master                =       yes

domain logons                   =       yes

#guest account                  =       guest

#map to guest                   =       bad user

hosts allow                     =       10.9.18. 127. 10.250. 10.0.10.

hosts deny                      =       0.0.0.0/0

interfaces                      =       br0 lo

bind interfaces only            =       yes

log level                       =       9

log file                        =       /var/log/samba/log.%m

max log size                    =       50

load printers                   =       no

disable spoolss                 =       yes

wins support                    =       yes

name resolve order              =       wins lmhosts host bcast

ldap passwd sync                =       yes

unix password sync              =       yes

pam password change             =       yes

smb passwd file                 =       /etc/samba/smbpasswd

passdb backend                  =       ldapsam:ldap://10.9.18.15/

#ldap admin dn                  =       cn=smbadmin,ou=Users,dc=holthome,dc=local

ldap admin dn                   =       cn=Manager,dc=holthome,dc=local

ldap suffix                     =       dc=holthome,dc=local

ldap group suffix               =       ou=Groups

ldap user suffix                =       ou=Users

ldap machine suffix             =       ou=Hosts

ldap ssl                        =       no

time server                     =       yes

logon script                    =       logon.bat OR logon.vbs OR %U.bat OR %U.vbs

logon path                      =       \\%L\profiles\%U

logon drive                     =       H:

logon home                      =       \\%L\%U\.9winprofile

add user script                 =       /usr/sbin/smbldap-useradd -m "%u"

ldap delete dn                  =       Yes

delete user script              =       /usr/sbin/smbldap-userdel "%u"

add machine script              =       /usr/sbin/smbldap-useradd -w "%u"

add group script                =       /usr/sbin/smbldap-groupadd -p "%g"

delete group script             =       /usr/sbin/smbldap-groupdel "%g"

add user to group script        =       /usr/sbin/smbldap-groupmod -m "%u" "%g"

delete user from group script   =       /usr/sbin/smbldap-groupmod -x "%u" "%g"

set primary group script        =       /usr/sbin/smbldap-usermod -g "%g" "%u"

null passwords                  =       no

hide unreadable                 =       yes

hide dot files                  =       no

local master                    =       yes

nt acl support                  =       yes

[tmp]

path                            =       /tmp

comment                         =       Temporary Directory

writeable                       =       yes

guest ok                        =       yes

browseable                      =       yes

public                          =       yes

[data]

path                            =       /mnt/data

comment                         =       All Data Files

writeable                       =       yes

guest ok                        =       no

browseable                      =       no

valid users                     =       ryan

force group                     =       family

inherit permissions             =       yes

inherit acls                    =       yes

force create mode               =       0770

force directory mode            =       0770

[homes]

comment                         =       Home Directories

browseable                      =       no

valid users                     =       %S

writeable                       =       yes

read only                       =       no

guest ok                        =       no

inherit permissions             =       yes

path                            =       /home/%U

[movies]

path                            =       /mnt/data/media/movies

comment                         =       Movies

writeable                       =       no

guest ok                        =       no

browseable                      =       yes

force group                     =       family

force create mode               =       0770

force directory mode            =       0770

valid users                     =       @family

[music]

path                            =       /mnt/data/media/music

comment                         =       Music

writeable                       =       yes

guest ok                        =       no

force group                     =       family

browseable                      =       yes

force create mode               =       0770

force directory mode            =       0770

valid users                     =       @family

[tv]

path                            =       /mnt/data/media/tv

comment                         =       TV Shows

writeable                       =       no

guest ok                        =       no

force group                     =       family

browseable                      =       yes

force create mode               =       0770

force directory mode            =       0770

valid users                     =       @family

[pictures]

path                            =       /mnt/data/media/pictures

comment                         =       Pictures

writeable                       =       yes

guest ok                        =       no

force group                     =       family

browseable                      =       yes

force create mode               =       0770

force directory mode            =       0770

valid users                     =       @family

[public]

path                            =       /home/public

comment                         =       Public Folder

writeable                       =       no

guest ok                        =       yes

[apps]

path                            =       /mnt/data/apps

comment                         =       Apps

writeable                       =       yes

guest ok                        =       no

force group                     =       family

browseable                      =       yes

force create mode               =       0770

force directory mode            =       0770

valid users                     =       @family

[netlogon]

path                            =       /var/lib/samba/netlogon

guest ok                        =       no

read only                       =       yes

browseable                      =       no

[profiles]

path                            =       /var/lib/samba/profiles

browseable                      =       no

writeable                       =       yes

default case                    =       lower

preserve case                   =       no

short preserve case             =       no

case sensitive                  =       no

hide files                      =       /desktop.ini/ntuser.ini/NTUSER.*/

write list                      =       @smbusers @root

create mask                     =       0600

directory mask                  =       0700

csc policy                      =       disable

profile acls                    =       yes

```

Not really sure what other logs to show... Any help would be most appreciated!Last edited by carpenike on Mon Feb 08, 2010 7:57 pm; edited 1 time in total

----------

## carpenike

Forgot to show the file versions...

```
fs ~ # emerge -pv samba samba-server

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild   R   ] net-fs/samba-libs-3.3.9  USE="ads* caps ldap pam syslog -aio -cluster -cups -debug -examples -winbind" 0 kB

[ebuild   R   ] net-fs/samba-server-3.3.9  USE="acl ads* caps ldap syslog -aio -avahi -cluster -cups -debug -doc -examples -fam -quota -swat -winbind -zeroconf" 0 kB

[ebuild   R   ] net-fs/samba-3.3.9  USE="client server" 0 kB

Total: 3 packages (3 reinstalls), Size of downloads: 0 kB

```

----------

## carpenike

Here's a log from /var/log/samba/log.rydoze

I started a tail -f right before attempting to join the domain:

```
[2010/02/08 09:06:30,  6] param/loadparm.c:lp_file_list_changed(6761)

  lp_file_list_changed()

  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Sun Feb  7 22:02:43 2010

[2010/02/08 09:06:30,  5] auth/auth_util.c:make_user_info_map(206)

  make_user_info_map: Mapping user [holthome]\[ryan] from workstation [RYDOZE]

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] auth/auth_util.c:is_trusted_domain(2173)

  is_trusted_domain: Checking for domain trust with [holthome]

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [sambaDomainName=holthome,sambaDomainName=HOLTHOME,dc=holthome,dc=local], filter => [(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=holthome))], scope => [2]

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_close(1163)

  The connection to the LDAP server was closed

[2010/02/08 09:06:30,  2] lib/smbldap.c:smbldap_open_connection(856)

  smbldap_open_connection: connection opened

[2010/02/08 09:06:30,  3] lib/smbldap.c:smbldap_connect_system(1067)

  ldap_connect_system: successful connection to the LDAP server

[2010/02/08 09:06:30,  4] lib/smbldap.c:smbldap_open(1143)

  The LDAP server is successfully connected

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  5] libsmb/trustdom_cache.c:trustdom_cache_fetch(183)

  no entry for trusted domain holthome found.

[2010/02/08 09:06:30,  5] auth/auth_util.c:make_user_info(120)

  attempting to make a user_info for ryan (ryan)

[2010/02/08 09:06:30,  5] auth/auth_util.c:make_user_info(130)

  making strings for ryan's user_info struct

[2010/02/08 09:06:30,  5] auth/auth_util.c:make_user_info(162)

  making blobs for ryan's user_info struct

[2010/02/08 09:06:30,  3] auth/auth.c:check_ntlm_password(220)

  check_ntlm_password:  Checking password for unmapped user [holthome]\[ryan]@[RYDOZE] with the new password interface

[2010/02/08 09:06:30,  3] auth/auth.c:check_ntlm_password(223)

  check_ntlm_password:  mapped user is: [holthome]\[ryan]@[RYDOZE]

[2010/02/08 09:06:30,  5] lib/util.c:dump_data(2233)

  [000] 2C 03 E6 12 A8 22 F4 72                           ,....".r

[2010/02/08 09:06:30,  8] lib/util.c:is_myname(2108)

  is_myname("holthome") returns 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [dc=holthome,dc=local], filter => [(&(uid=ryan)(objectclass=sambaSamAccount))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_sam_from_ldap(571)

  init_sam_from_ldap: Entry found for user: ryan

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [sambaDomainName=HOLTHOME,dc=holthome,dc=local], filter => [(objectclass=*)], scope => [0]

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/login_cache.c:login_cache_init(43)

  Opening cache file at /var/cache/samba/login_cache.tdb

[2010/02/08 09:06:30,  7] passdb/login_cache.c:login_cache_read(85)

  Looking up login cache for user ryan

[2010/02/08 09:06:30,  7] passdb/login_cache.c:login_cache_read(99)

  No cache entry found

[2010/02/08 09:06:30,  9] passdb/pdb_ldap.c:init_sam_from_ldap(1054)

  No cache entry, bad count = 0, bad time = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [sambaDomainName=HOLTHOME,dc=holthome,dc=local], filter => [(objectclass=*)], scope => [0]

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] lib/username.c:Get_Pwnam_alloc(133)

  Finding user ryan

[2010/02/08 09:06:30,  5] lib/username.c:Get_Pwnam_internals(77)

  Trying _Get_Pwnam(), username as lowercase is ryan

[2010/02/08 09:06:30,  5] lib/username.c:Get_Pwnam_internals(110)

  Get_Pwnam_internals did find user [ryan]!

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=10000))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 10000

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] passdb/pdb_interface.c:lookup_global_sam_rid(1513)

  lookup_global_sam_rid: looking up RID 21001.

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [dc=holthome,dc=local], filter => [(&(sambaSID=S-1-5-21-4229366992-1190580313-2091003791-21001)(objectclass=sambaSamAccount))], scope => [2]

[2010/02/08 09:06:30,  4] passdb/pdb_ldap.c:ldapsam_getsampwsid(1613)

  ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-4229366992-1190580313-2091003791-21001] count=0

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-4229366992-1190580313-2091003791-21001))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 10000

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] passdb/pdb_interface.c:pdb_default_lookup_rids(1635)

  lookup_rids: ryan:2

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  9] passdb/passdb.c:pdb_update_autolock_flag(2112)

  pdb_update_autolock_flag: Account ryan not autolocked, no check needed

[2010/02/08 09:06:30,  4] libsmb/ntlm_check.c:ntlm_password_check(290)

  ntlm_password_check: Checking NTLMv2 password with domain [holthome]

[2010/02/08 09:06:30,  4] auth/auth_sam.c:sam_account_ok(137)

  sam_account_ok: Checking SMB password for user ryan

[2010/02/08 09:06:30,  5] auth/auth_sam.c:logon_hours_ok(119)

  logon_hours_ok: user ryan allowed to logon at this time (Mon Feb  8 14:06:30 2010

  )

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 10000

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=10000))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 10000

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 10

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=10))], scope => [2]

[2010/02/08 09:06:30,  4] passdb/pdb_ldap.c:ldapsam_getgroup(2481)

  ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=10))

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 20001

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=20001))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 20001

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 20002

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=20002))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 20002

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 512

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=512))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 512

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] passdb/lookup_sid.c:gid_to_sid(1378)

  gid_to_sid: winbind failed to find a sid for gid 513

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=513))], scope => [2]

[2010/02/08 09:06:30,  2] passdb/pdb_ldap.c:init_group_from_ldap(2366)

  init_group_from_ldap: Entry found for group: 513

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/auth_util.c:make_server_info_sam(635)

  make_server_info_sam: made server info for user ryan -> ryan

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] auth/auth.c:check_ntlm_password(269)

  check_ntlm_password: sam authentication for user [ryan] succeeded

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  5] auth/auth.c:check_ntlm_password(295)

  check_ntlm_password:  PAM Account for user [ryan] succeeded

[2010/02/08 09:06:30,  2] auth/auth.c:check_ntlm_password(308)

  check_ntlm_password:  authentication for user [ryan] -> [ryan] -> [ryan] succeeded

[2010/02/08 09:06:30,  5] auth/auth_util.c:free_user_info(2103)

  attempting to free (and zero) a user_info structure

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))], scope => [2]

[2010/02/08 09:06:30,  4] passdb/pdb_ldap.c:ldapsam_getgroup(2481)

  ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

  push_conn_ctx(0) : conn_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:set_sec_ctx(324)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_nt_user_token(522)

  NT user token: (NULL)

[2010/02/08 09:06:30,  5] auth/token_util.c:debug_unix_user_token(548)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2010/02/08 09:06:30,  5] lib/smbldap.c:smbldap_search_ext(1261)

  smbldap_search_ext: base => [ou=Groups,dc=holthome,dc=local], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))], scope => [2]

[2010/02/08 09:06:30,  4] passdb/pdb_ldap.c:ldapsam_getgroup(2481)

  ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  5] auth/token_util.c:create_builtin_users(274)

  create_builtin_users: Failed to create Users

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:pop_sec_ctx(432)

  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0

[2010/02/08 09:06:30,  3] smbd/sec_ctx.c:push_sec_ctx(224)

  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1

[2010/02/08 09:06:30,  3] smbd/uid.c:push_conn_ctx(440)

```

----------

## carpenike

Turns out it was an issue with ldap. I talked to the people in #samba and they had me try using getent passwd rydoze$, which failed. Samba apparently does a sanity check with nss_ldap to see if it can find the computer that way. I added this additional line to my /etc/ldap.conf, as my computers get stored in a different OU than my users.

nss_base_passwd         ou=Hosts,dc=holthome,dc=local?one

----------

