Has anyone had any luck adding machine accounts from w2k to a samba 3.0 pdc? I posted the issue last week, as I noticed others were encountering the same problem. The weird thing is I had it working on a box before. But this time I'm using pam_ldap to avoid local unix accounts, and it wont work. I copied the config over from the box that was working, made changes for the different config and it doesnt work. Samba will add the account, but then comes back with bad username and password. If I try again with the account created I get "parameter is incorrect".
I just noticed that when I try to add a machine, its acctflags get set to [DW ]. Also pwdmustchange seems to get cut in half as well. What would cause samba to make these changes? If the add machine script runs twice it just says user exists, it doesnt modify anything. So it has to be samba.
Bradley W. Langhorst
2002-Nov-26 05:36 UTC
[Samba] samba3.0+pdc+ldap adding machines to domain
On Mon, 2002-11-25 at 17:26, Samba Guy wrote:> I just noticed that when I try to add a machine, its acctflags get set to > [DW ]. Also pwdmustchange seems to get cut in half as well. What > would cause samba to make these changes? If the add machine script runs > twice it just says user exists, it doesnt modify anything. So it has to be > samba.i have no problems with this... are you using the smbldap-tools from unav? if so what do you in the add machine script? brad -- Bradley W. Langhorst <brad@langhorst.com>
Perhaps this logging will help?
2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(493)
element 17 -> now SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(493)
element 18 -> now SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(493)
element 27 -> now SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(493)
element 28 -> now SET
[2002/11/26 16:08:45, 5] rpc_server/srv_samr_nt.c:set_user_info_pw(2863)
Attempting administrator password change for user csupport5$
[2002/11/26 16:08:45, 0] lib/charcnv.c:convert_string(150)
convert_string: Required 121, available 15
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(482)
element 33 -> now CHANGED
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(482)
element 32 -> now CHANGED
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(482)
element 12 -> now CHANGED
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(482)
element 22 -> now CHANGED
[2002/11/26 16:08:45, 10] lib/account_pol.c:account_policy_get(134)
account_policy_get: maximum password age:1814400
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_set_init_flags(482)
element 11 -> now CHANGED
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 1: SET
element 2: SET
[2002/11/26 16:08:45, 5] rpc_server/srv_samr_nt.c:set_user_info_pw(2885)
Changing trust account or non-unix-user password, not updating
/etc/passwd
[2002/11/26 16:08:45, 5] rpc_server/srv_samr_nt.c:set_user_info_pw(2898)
set_user_info_pw: pdb_update_pwd()
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 13: SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 19: SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 20: SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 14: SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 24: SET
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(199)
element 25: DEFAULT
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(199)
element 3: DEFAULT
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(199)
element 5: DEFAULT
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(199)
element 6: DEFAULT
[2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(199)
2002/11/26 16:08:45, 10] passdb/pdb_get_set.c:pdb_get_init_flags(189)
element 21: SET
[2002/11/26 16:08:45, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(637)
ldapsam_search_one_user: searching
for:[(&(uid=csupport5$)(objectclass=sambaAccount))]
[2002/11/26 16:08:45, 5] passdb/pdb_ldap.c:ldapsam_open(449)
ldapsam_open: allready connected to the LDAP server
[2002/11/26 16:08:45, 5] passdb/pdb_ldap.c:ldapsam_open(449)
ldapsam_open: allready connected to the LDAP server
[2002/11/26 16:08:46, 2]
passdb/pdb_ldap.c:ldapsam_update_sam_account(1813)
successfully modified uid = csupport5$ in the LDAP database
[2002/11/26 16:08:46, 5] rpc_parse/parse_prs.c:prs_debug(81)
000000 samr_io_r_set_userinfo
[2002/11/26 16:08:46, 5] rpc_parse/parse_prs.c:prs_ntstatus(640)
0000 status: NT_STATUS_OK
[2002/11/26 16:08:46, 0] rpc_parse/parse_prs.c:prs_dump_region(67)
created /tmp/out_api_samr_rpc_58.4.prs
[2002/11/26 16:08:46, 5] rpc_server/srv_pipe.c:api_rpcTNP(1229)
api_rpcTNP: called api_samr_rpc successfully
[2002/11/26 16:08:46, 10] rpc_server/srv_pipe.c:api_rpcTNP(1241)
api_rpcTNP: rpc input buffer underflow (parse error?)
[2002/11/26 16:08:46, 5] rpc_parse/parse_prs.c:prs_uint8s(698)
021c : 00
[2002/11/26 16:08:46, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544)
free_pipe_context: destroying talloc pool of size 526