samba - Mar 2004 - Réf. : add machine script wont add Postfix account

Hi!

I have the same problem with my PDC.

Work fine:
Modify the script for add samba attribute ( three lines)
Execute manually the entry (with smbldap-useradd.pl -w machine1)
Try to join the domain

Don't work  :
Samba call the smbldap-useradd -w %u and the script is not modified.

I use samba 3.0.2a RH 8.0 openldap 2.1.25


-----------------------------------
St?phane PURNELLE                         stephane.purnelle@corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467


|---------+--------------------------------------------------------->
|         |           Stagiair <stage@themindconnection.com>        |
|         |           Envoy? par :                                  |
|         |           samba-bounces+stephane.purnelle=corman.be@list|
|         |           s.samba.org                                   |
|         |                                                         |
|         |                                                         |
|         |           26/03/2004 16:06                              |
|         |                                                         |
|---------+--------------------------------------------------------->
 
>-----------------------------------------------------------------------------------------------|
  |                                                                             
|
  |        Pour :   samba@lists.samba.org                                       
|
  |        cc :                                                                 
|
  |        Objet :  [Samba] add machine script wont add Postfix account         
|
 
>-----------------------------------------------------------------------------------------------|




He Guys,

When we add a client pc (win2k) to our domain everything goes well
except that the add machine script wont run.
A computer will be created within the lDAP directory but not with the
add machine script.
The following is our situation.

Fedora Core1
|-samba-3.0.2-7.FC1
|-openldap-2.1.22-8

smb.conf
--------------
# Global parameters
[global]
        workgroup = T3E
        server string = domeinserver
        bind interfaces only = Yes
        passwd program = /usr/sbin/smbldap-passwd.pl %u
        passwd chat = *new*password* %n *new*password* %n *successfully*
        passwd chat debug = Yes
        passdb backend = ldapsam:ldap://localhost
        #unix password sync = Yes
        log level = 2
        log file = /var/log/samba/samba.log.%m
        time server = Yes
        socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        add user script = /usr/sbin/smbldap-useradd.pl -a -m %u
        add machine script = /usr/sbin/smbldap-useradd.pl -w %u
        delete user script = /usr/sbin/smbldap-userdel.pl -r %u
        add group script = /usr/sbin/smbldap-groupadd.pl %g
        delete group script = /usr/sbin/smbldap-groupdel.pl %g
        add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u
        domain logons = Yes
        os level = 34
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        ldap suffix = o=T3E,c=nl
        ldap admin dn = cn=Manager,o=T3E,c=nl
        ldap group suffix = ou=groups
        ldap machine suffix = ou=computers
        ldap user suffix = ou=people
        ldap ssl = no
        admin users = root
        hide unreadable = Yes
        logon path = \\%N\%U\.winprofile
        logon script = netwerk.bat
        encrypt passwords = Yes
        username map = /etc/samba/smbusers
--------------
As you see we use the smbldap-tools to execute when a client logins to
the domain.
After login the following entry will be made in LDAP:

uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
--------------
dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
uid: tmc-ontwikkelpc$
sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006
sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007
objectClass: sambaSamAccount
objectClass: account
displayName: TMC-ONTWIKKELPC$
sambaPwdCanChange: 1080312437
sambaPwdMustChange: 2147483647
sambaLMPassword: F64C97556FCFA59023753BB150C8A535
sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27
sambaPwdLastSet: 1080312437
sambaAcctFlags: [W          ]
--------------

If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we
get the following entry in the LDAP dir:

uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
--------------
dn: uid=test$,ou=computers,o=T3E,c=nl
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
cn: test$
sn: test$
uid: test$
uidNumber: 1000
gidNumber: 10012
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
--------------

This is a really different schema, and this is the one that we need.
Anyone  sees what were doing wrong?


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

On Fri, Mar 26, 2004 at 04:14:27PM +0100, stephane.purnelle@corman.be
wrote:
> 
> I have the same problem with my PDC.
> 
> Work fine:
> Modify the script for add samba attribute ( three lines)
> Execute manually the entry (with smbldap-useradd.pl -w machine1)
> Try to join the domain
> 
> Don't work  :
> Samba call the smbldap-useradd -w %u and the script is not modified.
How about this:

   add machine script = smbldap-useradd -w "%u"

(i.e. add the quotes, shouldn't matter but it sometimes does)

Also, try adding the commands below near the top of your add machine script:

  exec >> /tmp/smbldap.debug 2>&1
  set -x

And see what turns up in the debug file the next time you try to add
a machine.