Ubuntu Server 7.10: OpenLDAP + SAMBA Domain Controller

[tombutcher1990]

hey ricky

right, i've been following guide version 2 on your website, but i have come unstuck a bit!

i got to the end of step 13 and when i reboot it hangs on the "starting kernel log daemon" part.

i tried hard rebooting it but still nowt.

i also tried adding more RAM to the machine as i read somewhere that if you don't have enough memory then the system can hang.


any ideas? do i have to start over? cos that wudn't be good!

[rickyjones]

hey ricky

right, i've been following guide version 2 on your website, but i have come unstuck a bit!

i got to the end of step 13 and when i reboot it hangs on the "starting kernel log daemon" part.

i tried hard rebooting it but still nowt.

i also tried adding more RAM to the machine as i read somewhere that if you don't have enough memory then the system can hang.


any ideas? do i have to start over? cos that wudn't be good!

SLAPD needs to start first. In the directory /etc/rc2.d you'll see several files, one of them is "XXslapd" where "XX" is a number. You'll need to move this file so that the "XX" number is "09" (that's "zero nine").

End result should be: 09slapd

Then reboot. This will resolve the hanging issue.

Sincerely,
Richard

[ahardo]

i wld say to thank you Ricky, your tutorial is work for me, but i have some problem bout logon script = allusers.bat, it doesnt work, when windows users log in to server, drive letter H: is not shown to the windows explorer, can u help me for this issue ? iv tried to change ldaphome path to mine (net use h: "\\angke68.bariel.com\media\storage\ldaphome\%user name%) but is still not work, Help me pls..

regards
arya

[rickyjones]

i wld say to thank you Ricky, your tutorial is work for me, but i have some problem bout logon script = allusers.bat, it doesnt work, when windows users log in to server, drive letter H: is not shown to the windows explorer, can u help me for this issue ? iv tried to change ldaphome path to mine (net use h: "\\angke68.bariel.com\media\storage\ldaphome\%user name%) but is still not work, Help me pls..

regards
arya

Does it give you an error message?
Can you manually map the network drive from the client?
Can you browse network shares from the client?

Sincerely,
Richard

[vuko]

hy i get an error on login from windows xp sp2
domain dos not exist

[rickyjones]

hy i get an error on login from windows xp sp2
domain dos not exist

How is the client configured? Is DNS properly configured on the client? Is the server functioning correctly?

Thanks,
Richard

[ahardo]

the server is running with no error, and windows computers can join to the server without problem, i guess with command "use net h: \\angke68.bariel.com\media\storage\ldaphome\%usern ame%" it will make a new drive letter h:\ in the windows computers when some user login, and i cant map the network drive manualy from windows.. the ldaphome and shared folder is available to access but it always prompt user name and password when windows restart. i am sorry if you not understand, my english language so bad

regards
arya

[Belnoctourne]

Hey Richard great guide having some problems, I cant get windows computers to join to the domain, I've got the computer accounts added, dns works (nslookup from a windows box for blackbeard.yarrrg.net returns 10.0.0.1) I had to edit my bind file to add known services so I added the following lines

Code:

_ldap._tcp.yarrrg.net.                  SRV 0 0 389 blackbeard.yarrrg.net.
_kerberos._tcp.yarrrg.net.              SRV 0 0 88 blackbeard.yarrrg.net.
_ldap._tcp.dc._msdcs.yarrrg.net.        SRV 0 0 389 blackbeard.yarrrg.net.
_kerberos._tcp.dc._msdcs.yarrrg.net.    SRV 0 0 88 blackbeard.yarrrg.net.

now when I get the error message when attempting to join I get the following

Code:

Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

DNS was successfully queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain yarrrg.net:

The query was for the SRV record for _ldap._tcp.dc._msdcs.yarrrg.net

The following AD DCs were identified by the query:

blackbeard.yarrrg.net

Common causes of this error include:

- Host (A) records that map the name of the AD DCs to its IP addresses are missing or contain incorrect addresses.

- Active Directory Domain Controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.

the box running ldap is also a nat router I dont think the iptables rules should be causing a problem but iptables -L displays the following

Code:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
ACCEPT     0    --  anywhere             anywhere
ACCEPT     0    --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:49160:49300
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:1723
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webmin
DROP       tcp  --  anywhere             anywhere            tcp dpts:0:1400
DROP       udp  --  anywhere             anywhere            udp dpts:0:1400
moblock_in  0    --  anywhere             anywhere            state NEW

Chain FORWARD (policy DROP)
target     prot opt source               destination
DROP       0    --  anywhere             10.0.0.0/24
ACCEPT     0    --  10.0.0.0/24          anywhere
ACCEPT     0    --  anywhere             10.0.0.0/24
moblock_fw  0    --  anywhere             anywhere            state NEW

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
moblock_out  0    --  anywhere             anywhere            state NEW

no idea what to do at this point I have copied your config files exactly while of course making the necessary changes I can post those if you'd like, I could really use a hand here lack of ability to do domain logins is becoming an issue

Thanks
Shawn Dixson

[ahardo]

hi ricky i got an error message when i tried to execute allusers.bat in windows xp sp2

'\\Angke68\UserFolder\Arya'
CMD.EXE was started with the above path as the current directory.
UNC paths are not supported. Defaulting to Windows directory.
Current time at \\angke68.bariel.com is 4/15/2008 1:36 PM

System error 1314 has occurred.

A required privilege is not held by the client.

The network connection could not be found.

More help is available by typing NET HELPMSG 2250.

Enter the user name for 'angke68.bariel.com':

Best Regards
arya

[tombutcher1990]

SLAPD needs to start first. In the directory /etc/rc2.d you'll see several files, one of them is "XXslapd" where "XX" is a number. You'll need to move this file so that the "XX" number is "09" (that's "zero nine").

End result should be: 09slapd

Then reboot. This will resolve the hanging issue.

Sincerely,
Richard

sorry but how exactly do i do this?

i'm running this server setup with a GUI as well btw.

so, how exactly do i go about doing this?

cos at the moment it hangs on boot and doesn't get far enough for me to input any code (as far as i can tell)