thr3ads.net - samba - [Samba] net rpc vampire in release 3.2.x [Aug 2008]

If this information is useful, please help other people find it:
Share via:

Marc Aurel

2008-Aug-27 12:57 UTC

[Samba] net rpc vampire in release 3.2.x

did someone already try vampire with the 3.2.x-release?
since i upgraded from 3.0.x i get problems with the
creation of machine accounts.
when i start sucking a pdc in my ldapserver the following
errors come up with every machineaccount on the pdc:


1.)
Creating account: SP1$
/usr/sbin/smbldap-usermod: user SP1_ doesn't exist
[2008/08/27 14:09:45,  0] groupdb/mapping.c:smb_set_primary_group(312)
   smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g  
'Domain Users' 'SP1_'' gave 1

2.)
User SP1_ does not exist: create it first !


what instantly strikes is that there is an _ instead
of the $ in the pcname which cannot work.
I guess the second error comes up when the script tries to set
the correct password!? Afterwards nevertheless there are
machineaccount-passwords in the ldap-database but they seem
wrong because machineconnects fail.
everything else is flawlessly imported (users, groups, groupmemberships).
i didn't change anything in the configuration which worked
perfectly with vampire in 3.0.x


ExampleLDAPentry of the above mentioned machine after import:
-------------------------------------------------------------

dn: uid=SP1$,ou=Computers,dc=test,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: SP1$
uid: SP1$
uidNumber: 1071
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: account
entryUUID: be6e3366-087c-102d-9d48-4b401f1e60f4
creatorsName: cn=manager,dc=test,dc=com
createTimestamp: 20080827120929Z
sambaSID: S-1-5-21-378104194-1064922793-1509252994-1090
sambaPrimaryGroupSID: S-1-5-21-378104194-1064922793-1509252994-513
sambaNTPassword: 5C49A9927C59942A46F193C41446FFD5
sambaPwdLastSet: 1162907539
sambaAcctFlags: [W          ]
entryCSN: 20080827120929.102086Z#000000#000#000000
modifiersName: cn=manager,dc=test,dc=com
modifyTimestamp: 20080827120929Z


smb.conf (suck-configuration)
-----------------------------

[global]
     workgroup = PRESSFK
     netbios name = DEBIANPDC
     wins server = 192.168.200.3

     ## Dom?ne
     #########
     domain master = No
     domain logons = Yes
     passdb backend = ldapsam:ldap://127.0.0.1

     ## Benutzerverwaltung ldapsam
     #############################
     add user script = /usr/sbin/smbldap-useradd -m '%u'
     delete user script = /usr/sbin/smbldap-userdel '%u'
     add machine script = /usr/sbin/smbldap-useradd -w '%u'
     add group script = /usr/sbin/smbldap-groupadd -p '%g'
     delete group script = /usr/sbin/smbldap-groupdel '%g'
     add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
     delete user from group script = /usr/sbin/smbldap-groupmod -x '%u'
'%g'
     set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'

     ## LDAP
     #######
     ldap suffix = dc=test,dc=com
     ldap admin dn = cn=manager,dc=test,dc=com
     ldap machine suffix = ou=Computers
     ldap user suffix = ou=People
     ldap group suffix = ou=Groups
     ldap idmap suffix = ou=Idmap
     ldap passwd sync = Yes
     ldap delete dn = Yes
     ldap ssl = No

John H Terpstra

2008-Aug-27 13:20 UTC

head link

[Samba] net rpc vampire in release 3.2.x

On Wednesday 27 August 2008 07:57:25 Marc Aurel wrote:> did someone already try vampire with the 3.2.x-release?
> since i upgraded from 3.0.x i get problems with the
> creation of machine accounts.
> when i start sucking a pdc in my ldapserver the following
> errors come up with every machineaccount on the pdc:
>
>
> 1.)
> Creating account: SP1$
> /usr/sbin/smbldap-usermod: user SP1_ doesn't exist
> [2008/08/27 14:09:45,  0] groupdb/mapping.c:smb_set_primary_group(312)
>    smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g
> 'Domain Users' 'SP1_'' gave 1
>
> 2.)
> User SP1_ does not exist: create it first !
>
>
> what instantly strikes is that there is an _ instead
> of the $ in the pcname which cannot work.
> I guess the second error comes up when the script tries to set
> the correct password!? Afterwards nevertheless there are
> machineaccount-passwords in the ldap-database but they seem
> wrong because machineconnects fail.
> everything else is flawlessly imported (users, groups, groupmemberships).
> i didn't change anything in the configuration which worked
> perfectly with vampire in 3.0.x
>
>
> ExampleLDAPentry of the above mentioned machine after import:
> -------------------------------------------------------------
>
> dn: uid=SP1$,ou=Computers,dc=test,dc=com
> objectClass: top
> objectClass: account
> objectClass: posixAccount
> objectClass: sambaSamAccount
> cn: SP1$
> uid: SP1$
> uidNumber: 1071
> gidNumber: 515
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
> gecos: Computer
> structuralObjectClass: account
> entryUUID: be6e3366-087c-102d-9d48-4b401f1e60f4
> creatorsName: cn=manager,dc=test,dc=com
> createTimestamp: 20080827120929Z
> sambaSID: S-1-5-21-378104194-1064922793-1509252994-1090
> sambaPrimaryGroupSID: S-1-5-21-378104194-1064922793-1509252994-513
> sambaNTPassword: 5C49A9927C59942A46F193C41446FFD5
> sambaPwdLastSet: 1162907539
> sambaAcctFlags: [W          ]
> entryCSN: 20080827120929.102086Z#000000#000#000000
> modifiersName: cn=manager,dc=test,dc=com
> modifyTimestamp: 20080827120929Z
>
>
> smb.conf (suck-configuration)
> -----------------------------
>
> [global]
>      workgroup = PRESSFK
>      netbios name = DEBIANPDC
>      wins server = 192.168.200.3
>
>      ## Dom?ne
>      #########
>      domain master = No
>      domain logons = Yes
>      passdb backend = ldapsam:ldap://127.0.0.1
>
>      ## Benutzerverwaltung ldapsam
>      #############################
>      add user script = /usr/sbin/smbldap-useradd -m '%u'
>      delete user script = /usr/sbin/smbldap-userdel '%u'
>      add machine script = /usr/sbin/smbldap-useradd -w '%u'
>      add group script = /usr/sbin/smbldap-groupadd -p '%g'
>      delete group script = /usr/sbin/smbldap-groupdel '%g'
>      add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
>      delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u'
> '%g' set primary group script = /usr/sbin/smbldap-usermod -g
'%g' '%u'
>
>      ## LDAP
>      #######
>      ldap suffix = dc=test,dc=com
>      ldap admin dn = cn=manager,dc=test,dc=com
>      ldap machine suffix = ou=Computers
>      ldap user suffix = ou=People
>      ldap group suffix = ou=Groups
>      ldap idmap suffix = ou=Idmap
>      ldap passwd sync = Yes
>      ldap delete dn = Yes
>      ldap ssl = No
Please file a bug report on https://bugzilla.samba.org

Thanks.

- John T.

Maybe Matching Threads

Search for more apparently analagous threads

samba - Aug 2008 - net rpc vampire in release 3.2.x

[Samba] net rpc vampire in release 3.2.x

[Samba] net rpc vampire in release 3.2.x

Maybe Matching Threads