Good day!

I badly need your help. I can join the domain using the root but after restart i cannot login anymore My client is windows XP sp4.

The message was this:`

"The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect."

i have already disable the following in Local Security Settings 1. Domain member: Digitally encrypt or sign secure channel data (always) 2. Domain member: Digitally encrypt secure channel data (when possible) 3. Domain member: Digitally sign secure channel data (when possible) 4. Domain member: Disable machine account password changes

I can add and delete user using smbldap-useradd and smbldap-userdel and also using webmin 1.41

Pls help me with this.

This is my config files:

######################################### -rw-r--r-- 1 root root 2715 Dec 1 18:15 smb.conf

[global] idmap gid = 16777216-33554431 enable privileges = Yes passwd program = /usr/local/sbin/smbldap-passwd %u dns proxy = no netbios name = smbldap ldap passwd sync = yes idmap uid = 16777216-33554431 default = global dos charset = 850 local master = yes workgroup = fcb.net os level = 34 security = User log level = 0 log file = /var/log/samba/log.%m max log size = 500 socket options = TCP_NODELAY domain master = yes encrypt passwords = yes winbind use default domain = no keepalive = 10 template shell = /bin/false netbios aliases = smbldap.fcb.net password server = smbldap valid users = %U domain logons = yes encrypt passwords = yes unix charset = ISO8859-1 password server = smbldap

# Samba-Ldap Declarations # passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=Manager,dc=fcb.net,dc=. ldap suffix = dc=fcb.net,dc=. ldap delete dn = yes ldap ssl = on ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups add user script = /usr/local/sbin/smbldap-useradd -a "%u add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add user to group script = /usr/local/smbldap-groupmod -m "%u" "%g" add group script = /usr/local/sbin/smbldap-groupadd -p '%g' set primary group script = /usr/local/sbin/smbldap-groupmod -g "%g" "%u"

delete user script = /usr/local/sbin/smbldap-userdel -r "%u" delete group script = /usr/local/sbin/smbldap-groupdel '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"

[netlogon] comment = Domain Logon Service path = /home/netlogon browseable = No

[ISD] comment = Information Systems Division path = /home/isd valid users = @isd read only = No create mask = 0660 directory mask = 0770

[profiles] path = /home/samba/profiles valid users = %U, "@Domain Admins"

########################################## -rwxr-xr-x 1 ldap ldap 1010 Nov 28 16:29 slapd.conf

include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/samba.schema

allow bind_v2

pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args

database bdb directory /var/lib/ldap

suffix "dc=fcb.net,dc=." rootdn "cn=Manager,dc=fcb.net,dc=."

index objectClass,uidNumber,gidNumber eq index cn,sn,uid,displayName eq,pres,sub index memberUid,mail,givenname eq,subinitial index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq

rootpw smbldap access to attrs=userPassword,sambaLMPassword,sambaNTPassword,shadowLastChange by dn.children="dc=fcb.net,dc=." write by self write by anonymous auth by * none

access to * by dn.children="dc=fcb.net,dc=." write by * read

###################################### -rw-r--r-- 1 ldap ldap 851 Dec 1 17:56 ldap.conf

# # LDAP Defaults #

# See ldap.conf(5) for details # This file should be world readable but not world writable.

#BASE dc=example, dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12 #TIMELIMIT 15 #DEREF never host 127.0.0.1 base dc=fcb.net,dc=.

#inserted nov 24, 2008 #rootbinddn cn=Manager,dc=fcb.net,dc=.

rootbinddn cn=Manager,dc=fcb.net,dc=.

nss_base_passwd dc=fcb.net,dc=. nss_base_shadow dc=fcb.net,dc=. nss_base_group dc=fcb.net,dc=.

#Security Options ssl no pam_passwd md5

bind_policy soft

TLS_CACERTDIR /etc/openldap/cacerts

######################################## -rw-r--r-- 1 root root 1119 Nov 27 13:38 smbldap.conf

SID="S-1-5-21-2796061091-2530429657-3897351620" sambaDomain="smbldap" slaveLDAP="127.0.0.1" slavePort="389" masterLDAP="127.0.0.1" masterPort="389" ldapTLS="0"

#verify="" #clientcert="" #clientkey=""

suffix="dc=fcb.net,dc=." usersdn="ou=User,dc=fcb.net,dc=." computersdn="ou=Computers,dc=fcb.net,dc=." groupsdn="ou=Groups,dc=fcb.net,dc=." binddn="cn=Manager,dc=fcb.net,dc=." bindpasswd="smbldap"

#idmapdn="fcb,${suffix}" #sambaUnixIdPooldn="sambaDomainName=workgroup,${suffix}"

scope="sub" hash_encrypt="SSHA" crypt_salt_format="" userLoginShell="/bin/bash" userHome="/home/samba/users/%U" userHomeDirectoryMode="700" userGecos="System User" defaultUserGid="513" defaultComputerGid="515" skeletonDir="/etc/skel"

userSmbHome="\smbldap\home\samba\users%U" userProfile="\smbldap\home\samba\profiles%U" userHomeDrive="H" userScript="%U.bat"

with_smbpasswd="0" smbpasswd="/usr/bin/smbpasswd"

with_slappasswd="0" slappasswd="/usr/sbin/slappasswd"

####################################### -rw------- 1 root root 428 Nov 25 18:34 smbldap_bind.conf

slaveDN="cn=Manager,dc=fcb.net,dc=." slavePw="smbldap" masterDN="cn=Manager,dc=fcb.net,dc=." masterPw="smbldap"

############################################### -rw-r--r-- 1 root root 1658 Nov 29 15:14 /etc/nsswitch.conf

passwd: files ldap shadow: files ldap group: files ldap

hosts: files dns

bootparams: files ethers: files netmasks: files networks: files protocols: files ldap rpc: files services: files ldap netgroup: files ldap publickey: files automount: files ldap aliases: files

Thanks in advance!

Emil Sicad Cebu Mitsumi Inc Information Systems Division