Fedora directory users - Jul 2005 - Samba and FDS 7.1 on Fedora Core 4 Error

Hi Everyone
I have installed FSD and console seems working fine:
I can log, adding entries, etc.
Following the Samba-Howto (http://people.redhat.com/astokes/samba_rhds.pdf)
I encountered problems with net groupmap command:
____________________________________________________________________________
 [root@fedorac4 setup]# net groupmap add rid=512 ntgroup="Domain
Admins"
unixgroup="Domain Admins" --debuglevel=10
[2005/07/19 12:09:44, 5] lib/debug.c:debug_dump_status(366)
  INFO: Current debug levels:
    all: True/10
    tdb: False/0
    printdrivers: False/0
    lanman: False/0
    smb: False/0
    rpc_parse: False/0
    rpc_srv: False/0
    rpc_cli: False/0
    passdb: False/0
    sam: False/0
    auth: False/0
    winbind: False/0
    vfs: False/0
    idmap: False/0
    quota: False/0
    acls: False/0
[2005/07/19 12:09:44, 3] param/loadparm.c:lp_load(3916)
  lp_load: refreshing parameters
[2005/07/19 12:09:44, 3] param/loadparm.c:init_globals(1321)
  Initialising global parameters
[2005/07/19 12:09:44, 3] param/params.c:pm_process(573)
  params.c:pm_process() - Processing configuration file 
"/etc/samba/smb.conf"
[2005/07/19 12:09:44, 3] param/loadparm.c:do_section(3418)
  Processing section "[global]"
  doing parameter workgroup = FEDORAC4
  doing parameter username map = /etc/samba/smbusers
  doing parameter enable privileges = yes
  doing parameter server string = Samba Server %v
  doing parameter security = user
  doing parameter encrypt passwords = Yes
  doing parameter min passwd length = 3
[2005/07/19 12:09:44, 1] param/loadparm.c:lp_do_parameter(3159)
  WARNING: The "min passwd length" option is deprecated
  doing parameter obey pam restrictions = No
  doing parameter ldap passwd sync = Yes
  doing parameter passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
  doing parameter ldap passwd sync = Yes
  doing parameter log level = 0
  doing parameter syslog = 0
  doing parameter log file = /var/log/samba/log.%m
  doing parameter max log size = 100000
  doing parameter time server = Yes
  doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  doing parameter mangling method = hash2
  doing parameter Dos charset = 850
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS-2LE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS-2LE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-16LE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-16LE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS-2BE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS-2BE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-16BE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-16BE
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF8
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF8
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-8
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-8
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset ASCII
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset ASCII
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset 646
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset 646
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset ISO-8859-1
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset ISO-8859-1
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS2-HEX
[2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS2-HEX
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
  doing parameter Unix charset = ISO8859-1
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
  doing parameter logon script = logon.bat
  doing parameter logon drive = H:
  doing parameter logon home   doing parameter logon path   doing parameter
domain logons = Yes
  doing parameter os level = 65
  doing parameter preferred master = Yes
  doing parameter domain master = Yes
  doing parameter wins support = Yes
  doing parameter passdb backend = ldapsam:ldap://fedorac4.localdomain
  doing parameter ldap admin dn = cn=Directory Manager
  doing parameter ldap suffix = dc=localdomain
  doing parameter ldap group suffix = ou=Groups
  doing parameter ldap user suffix = ou=People
  doing parameter ldap machine suffix = ou=Computers
  doing parameter ldap idmap suffix = ou=Users
  doing parameter add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
  doing parameter ldap delete dn = Yes
  doing parameter add machine script = /opt/IDEALX/sbin/smbldap-useradd 
-w "%u"
  doing parameter add group script = /opt/IDEALX/sbin/smbldap-groupadd 
-p "%g"
  doing parameter add user to group script = 
/opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
  doing parameter delete user from group script = 
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
  doing parameter set primary group script = 
/opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
  doing parameter printer admin = @"Print Operators"
  doing parameter load printers = Yes
  doing parameter create mask = 0640
  doing parameter directory mask = 0750
  doing parameter nt acl support = No
  doing parameter printing = cups
  doing parameter printcap name = cups
  doing parameter deadtime = 10
  doing parameter guest account = nobody
  doing parameter map to guest = Bad User
  doing parameter dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
  doing parameter show add printer wizard = yes
  doing parameter preserve case = yes
  doing parameter short preserve case = yes
  doing parameter case sensitive = no
[2005/07/19 12:09:44, 4] param/loadparm.c:lp_load(3947)
  pm_process() returned Yes
[2005/07/19 12:09:44, 7] param/loadparm.c:lp_servicenumber(4057)
  lp_servicenumber: couldn''t find homes
[2005/07/19 12:09:44, 10] param/loadparm.c:set_server_role(3865)
  set_server_role: role = ROLE_DOMAIN_PDC
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
  Substituting charset ''UTF-8'' for LOCALE
[2005/07/19 12:09:44, 5] lib/util.c:init_names(278)
  Netbios name list:-
  my_netbios_names[0]="FEDORAC4"
[2005/07/19 12:09:44, 2] lib/interface.c:add_interface(81)
  added interface ip=10.0.0.162 bcast=10.255.255.255 nmask=255.0.0.0
[2005/07/19 12:09:44, 10] intl/lang_tdb.c:lang_tdb_init(135)
  lang_tdb_init: /usr/lib/samba/it_IT.UTF-8.msg: No such file or directory
Can''t lookup UNIX group Domain Admins
[2005/07/19 12:09:44, 2] utils/net.c:main(897)
  return code = -1
_________________________________________________________________________________

This is the global section of smb.conf I use:
[global]
        workgroup = FEDORAC4
        username map = /etc/samba/smbusers
        enable privileges = yes
        server string = Samba Server %v
        security = user
        encrypt passwords = Yes
        min passwd length = 3
        obey pam restrictions = No
        ldap passwd sync = Yes
        passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
        ldap passwd sync = Yes
        log level = 0
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 100000
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        mangling method = hash2
        Dos charset = 850
        Unix charset = ISO8859-1
        logon script = logon.bat
        logon drive = H:
        logon home         logon path         domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        passdb backend = ldapsam:ldap://fedorac4.localdomain
        ldap admin dn = cn=Directory Manager
        ldap suffix = dc=localdomain
        ldap group suffix = ou=Groups
        ldap user suffix = ou=People
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Users
        add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
        ldap delete dn = Yes
        add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"
        add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g"
        add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m 
"%u" "%g"
        delete user from group script = 
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
        set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g 
"%g" "%u"
        printer admin = @"Print Operators"
        load printers = Yes
        create mask = 0640
        directory mask = 0750
        nt acl support = No
        printing = cups
        printcap name = cups
        deadtime = 10
        guest account = nobody
        map to guest = Bad User
        dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
        show add printer wizard = yes
        preserve case = yes
        short preserve case = yes
        case sensitive = no
___________________________________________________________________________________

The problem seems to be Samba...
Any idea?
regards
Leon


_ <http://people.redhat.com/astokes/samba_rhds.pdf>_

On Tue, 2005-07-19 at 12:35 +0200, Leonardo Pugliesi
wrote:
> Hi Everyone
> I have installed FSD and console seems working fine:
> I can log, adding entries, etc.
> Following the Samba-Howto (http://people.redhat.com/astokes/samba_rhds.pdf)
> I encountered problems with net groupmap command:
>
____________________________________________________________________________
>  [root@fedorac4 setup]# net groupmap add rid=512 ntgroup="Domain
Admins"
> unixgroup="Domain Admins" --debuglevel=10
> [2005/07/19 12:09:44, 5] lib/debug.c:debug_dump_status(366)
>   INFO: Current debug levels:
>     all: True/10
>     tdb: False/0
>     printdrivers: False/0
>     lanman: False/0
>     smb: False/0
>     rpc_parse: False/0
>     rpc_srv: False/0
>     rpc_cli: False/0
>     passdb: False/0
>     sam: False/0
>     auth: False/0
>     winbind: False/0
>     vfs: False/0
>     idmap: False/0
>     quota: False/0
>     acls: False/0
> [2005/07/19 12:09:44, 3] param/loadparm.c:lp_load(3916)
>   lp_load: refreshing parameters
> [2005/07/19 12:09:44, 3] param/loadparm.c:init_globals(1321)
>   Initialising global parameters
> [2005/07/19 12:09:44, 3] param/params.c:pm_process(573)
>   params.c:pm_process() - Processing configuration file 
> "/etc/samba/smb.conf"
> [2005/07/19 12:09:44, 3] param/loadparm.c:do_section(3418)
>   Processing section "[global]"
>   doing parameter workgroup = FEDORAC4
>   doing parameter username map = /etc/samba/smbusers
>   doing parameter enable privileges = yes
>   doing parameter server string = Samba Server %v
>   doing parameter security = user
>   doing parameter encrypt passwords = Yes
>   doing parameter min passwd length = 3
> [2005/07/19 12:09:44, 1] param/loadparm.c:lp_do_parameter(3159)
>   WARNING: The "min passwd length" option is deprecated
>   doing parameter obey pam restrictions = No
>   doing parameter ldap passwd sync = Yes
>   doing parameter passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>   doing parameter ldap passwd sync = Yes
>   doing parameter log level = 0
>   doing parameter syslog = 0
>   doing parameter log file = /var/log/samba/log.%m
>   doing parameter max log size = 100000
>   doing parameter time server = Yes
>   doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
>   doing parameter mangling method = hash2
>   doing parameter Dos charset = 850
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UCS-2LE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UCS-2LE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UTF-16LE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UTF-16LE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UCS-2BE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UCS-2BE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UTF-16BE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UTF-16BE
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UTF8
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UTF8
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UTF-8
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UTF-8
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset ASCII
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset ASCII
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset 646
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset 646
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset ISO-8859-1
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset ISO-8859-1
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103)
>   Attempting to register new charset UCS2-HEX
> [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111)
>   Registered charset UCS2-HEX
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
>   doing parameter Unix charset = ISO8859-1
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
>   doing parameter logon script = logon.bat
>   doing parameter logon drive = H:
>   doing parameter logon home >   doing parameter logon path >   doing
parameter domain logons = Yes
>   doing parameter os level = 65
>   doing parameter preferred master = Yes
>   doing parameter domain master = Yes
>   doing parameter wins support = Yes
>   doing parameter passdb backend = ldapsam:ldap://fedorac4.localdomain
>   doing parameter ldap admin dn = cn=Directory Manager
>   doing parameter ldap suffix = dc=localdomain
>   doing parameter ldap group suffix = ou=Groups
>   doing parameter ldap user suffix = ou=People
>   doing parameter ldap machine suffix = ou=Computers
>   doing parameter ldap idmap suffix = ou=Users
>   doing parameter add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
>   doing parameter ldap delete dn = Yes
>   doing parameter add machine script = /opt/IDEALX/sbin/smbldap-useradd 
> -w "%u"
>   doing parameter add group script = /opt/IDEALX/sbin/smbldap-groupadd 
> -p "%g"
>   doing parameter add user to group script = 
> /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
>   doing parameter delete user from group script = 
> /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>   doing parameter set primary group script = 
> /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
>   doing parameter printer admin = @"Print Operators"
>   doing parameter load printers = Yes
>   doing parameter create mask = 0640
>   doing parameter directory mask = 0750
>   doing parameter nt acl support = No
>   doing parameter printing = cups
>   doing parameter printcap name = cups
>   doing parameter deadtime = 10
>   doing parameter guest account = nobody
>   doing parameter map to guest = Bad User
>   doing parameter dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
>   doing parameter show add printer wizard = yes
>   doing parameter preserve case = yes
>   doing parameter short preserve case = yes
>   doing parameter case sensitive = no
> [2005/07/19 12:09:44, 4] param/loadparm.c:lp_load(3947)
>   pm_process() returned Yes
> [2005/07/19 12:09:44, 7] param/loadparm.c:lp_servicenumber(4057)
>   lp_servicenumber: couldn''t find homes
> [2005/07/19 12:09:44, 10] param/loadparm.c:set_server_role(3865)
>   set_server_role: role = ROLE_DOMAIN_PDC
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81)
>   Substituting charset ''UTF-8'' for LOCALE
> [2005/07/19 12:09:44, 5] lib/util.c:init_names(278)
>   Netbios name list:-
>   my_netbios_names[0]="FEDORAC4"
> [2005/07/19 12:09:44, 2] lib/interface.c:add_interface(81)
>   added interface ip=10.0.0.162 bcast=10.255.255.255 nmask=255.0.0.0
> [2005/07/19 12:09:44, 10] intl/lang_tdb.c:lang_tdb_init(135)
>   lang_tdb_init: /usr/lib/samba/it_IT.UTF-8.msg: No such file or directory
> Can''t lookup UNIX group Domain Admins
> [2005/07/19 12:09:44, 2] utils/net.c:main(897)
>   return code = -1
>
_________________________________________________________________________________
> 
> This is the global section of smb.conf I use:
> [global]
>         workgroup = FEDORAC4
>         username map = /etc/samba/smbusers
>         enable privileges = yes
>         server string = Samba Server %v
>         security = user
>         encrypt passwords = Yes
>         min passwd length = 3
>         obey pam restrictions = No
>         ldap passwd sync = Yes
>         passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>         ldap passwd sync = Yes
>         log level = 0
>         syslog = 0
>         log file = /var/log/samba/log.%m
>         max log size = 100000
>         time server = Yes
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         mangling method = hash2
>         Dos charset = 850
>         Unix charset = ISO8859-1
>         logon script = logon.bat
>         logon drive = H:
>         logon home >         logon path >         domain logons = Yes
>         os level = 65
>         preferred master = Yes
>         domain master = Yes
>         wins support = Yes
>         passdb backend = ldapsam:ldap://fedorac4.localdomain
>         ldap admin dn = cn=Directory Manager
>         ldap suffix = dc=localdomain
>         ldap group suffix = ou=Groups
>         ldap user suffix = ou=People
>         ldap machine suffix = ou=Computers
>         ldap idmap suffix = ou=Users
>         add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
>         ldap delete dn = Yes
>         add machine script = /opt/IDEALX/sbin/smbldap-useradd -w
"%u"
>         add group script = /opt/IDEALX/sbin/smbldap-groupadd -p
"%g"
>         add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m 
> "%u" "%g"
>         delete user from group script = 
> /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>         set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g 
> "%g" "%u"
>         printer admin = @"Print Operators"
>         load printers = Yes
>         create mask = 0640
>         directory mask = 0750
>         nt acl support = No
>         printing = cups
>         printcap name = cups
>         deadtime = 10
>         guest account = nobody
>         map to guest = Bad User
>         dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
>         show add printer wizard = yes
>         preserve case = yes
>         short preserve case = yes
>         case sensitive = no
>
___________________________________________________________________________________
> 
> The problem seems to be Samba...
> Any idea?
> regards
> Leon
> 
> 
> _ <http://people.redhat.com/astokes/samba_rhds.pdf>_
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
First thing, follow the article at
http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that
one closely updated as I find problems.

For this issue what is the output of :

ldapsearch -x -Z ''(cn=Domain*)''

Thanks,
Adam

Adam Stokes ha scritto:
>First thing, follow the article at
>http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that
>one closely updated as I find problems.
>
>For this issue what is the output of :
>
>ldapsearch -x -Z ''(cn=Domain*)''
>  
>
Ok, I have read everything (html and pdf version)

ldapsearch result:

[root@fedorac4 fedora-ds]# ldapsearch -x -Z ''(cn=Domain*)''
ldap_start_tls: Protocol error (2)
        additional info: unsupported extended operation
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (cn=Domain*)
# requesting: ALL
#

# Domain Admins, Groups, localdomain
dn: cn=Domain Admins,ou=Groups,dc=localdomain
objectClass: posixGroup
objectClass: top
cn: Domain Admins
gidNumber: 2512

# Domain Users, Groups, localdomain
dn: cn=Domain Users,ou=Groups,dc=localdomain
objectClass: posixGroup
objectClass: top
cn: Domain Users
gidNumber: 2513

# Domain Guests, Groups, localdomain
dn: cn=Domain Guests,ou=Groups,dc=localdomain
objectClass: posixGroup
objectClass: top
cn: Domain Guests
gidNumber: 2514

# Domain Computers, Groups, localdomain
dn: cn=Domain Computers,ou=Groups,dc=localdomain
objectClass: posixGroup
objectClass: top
cn: Domain Computers
gidNumber: 2515

# search result
search: 3
result: 0 Success

# numResponses: 5
# numEntries: 4

tsl_error is not important, I think
Leon

On Tue, 2005-07-19 at 15:31 +0200, Leonardo Pugliesi
wrote:
> Adam Stokes ha scritto:
> 
> >First thing, follow the article at
> >http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that
> >one closely updated as I find problems.
> >
> >For this issue what is the output of :
> >
> >ldapsearch -x -Z ''(cn=Domain*)''
> >  
> >
> 
> Ok, I have read everything (html and pdf version)
> 
> ldapsearch result:
> 
> [root@fedorac4 fedora-ds]# ldapsearch -x -Z
''(cn=Domain*)''
> ldap_start_tls: Protocol error (2)
>         additional info: unsupported extended operation
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope sub
> # filter: (cn=Domain*)
> # requesting: ALL
> #
> 
> # Domain Admins, Groups, localdomain
> dn: cn=Domain Admins,ou=Groups,dc=localdomain
> objectClass: posixGroup
> objectClass: top
> cn: Domain Admins
> gidNumber: 2512
> 
> # Domain Users, Groups, localdomain
> dn: cn=Domain Users,ou=Groups,dc=localdomain
> objectClass: posixGroup
> objectClass: top
> cn: Domain Users
> gidNumber: 2513
> 
> # Domain Guests, Groups, localdomain
> dn: cn=Domain Guests,ou=Groups,dc=localdomain
> objectClass: posixGroup
> objectClass: top
> cn: Domain Guests
> gidNumber: 2514
> 
> # Domain Computers, Groups, localdomain
> dn: cn=Domain Computers,ou=Groups,dc=localdomain
> objectClass: posixGroup
> objectClass: top
> cn: Domain Computers
> gidNumber: 2515
> 
> # search result
> search: 3
> result: 0 Success
> 
> # numResponses: 5
> # numEntries: 4
> 
> tsl_error is not important, I think
> Leon
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
Ok I know what the problem is, its my fault :( when I was testing this I
always run the following :

getent group

This should display
Domain Admins:x:2512:
Domain Users:x:2513:
Domain Guests:x:2514:
Domain Computers:x:2515:

So, if that doesn''t display those groups after adding them to the ldap
server run the following (on fedora)

authconfig

Configure user information to use LDAP, this will configure PAM
correctly and then you should be able to proceed.

Ill get that added right away

Adam Stokes ha scritto:
>Ok I know what the problem is, its my fault :( when I was testing this I
>always run the following :
>
>getent group
>
>This should display
>Domain Admins:x:2512:
>Domain Users:x:2513:
>Domain Guests:x:2514:
>Domain Computers:x:2515:
>
>So, if that doesn''t display those groups after adding them to the
ldap
>server run the following (on fedora)
>
>authconfig
>
>Configure user information to use LDAP, this will configure PAM
>correctly and then you should be able to proceed.
>
>Ill get that added right away
>
>  
>
OK, now working...
net groupmapping result:
Successfully added group Domain Admins to the mapping db
thanks a lot
Leon

Leonardo Pugliesi ha scritto:
> Adam Stokes ha scritto:
>
>> Ok I know what the problem is, its my fault :( when I was testing this
I
>> always run the following :
>>
>> getent group
>>
>> This should display
>> Domain Admins:x:2512:
>> Domain Users:x:2513:
>> Domain Guests:x:2514:
>> Domain Computers:x:2515:
>>
>> So, if that doesn''t display those groups after adding them to
the ldap
>> server run the following (on fedora)
>>
>> authconfig
>>
>> Configure user information to use LDAP, this will configure PAM
>> correctly and then you should be able to proceed.
>>
>> Ill get that added right away
>>
>>  
>>
> OK, now working...
> net groupmapping result:
> Successfully added group Domain Admins to the mapping db
> thanks a lot
> Leon
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
i managed to execute net groupmap add etc., but i have problems in the 
next step of how-to:
i added the entry of "Administrator" as shown in the how-to but on
smbpasswd -a Administrator i get the following error:
________________________________________________
[root@fedorac4 ~]# smbpasswd -a Administrator
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: Failed to add user dn= 
uid=Administrator,ou=People,dc=localdomain with: Already exists

ldapsam_add_sam_account: failed to modify/add user with uid = 
Administrator (dn = uid=Administrator,ou=People,dc=localdomain)
Failed to add entry for user Administrator.
Failed to modify password entry for user Administrator
[root@fedorac4 ~]#
________________________________________________

the ldapsearch -x -Z shows the entry in this way:
_____________________________________

# Administrator, People, localdomain
dn: uid=Administrator,ou=People,dc=localdomain
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator@localdomain
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin

# search result
search: 3
result: 0 Success

# numResponses: 16
# numEntries: 15
[root@fedorac4 ~]#
_____________________________________

some hints?

thank you
Leon

On Wed, 2005-07-20 at 16:32 +0200, Leonardo Pugliesi
wrote:
> Leonardo Pugliesi ha scritto:
> 
> > Adam Stokes ha scritto:
> >
> >> Ok I know what the problem is, its my fault :( when I was testing
this I
> >> always run the following :
> >>
> >> getent group
> >>
> >> This should display
> >> Domain Admins:x:2512:
> >> Domain Users:x:2513:
> >> Domain Guests:x:2514:
> >> Domain Computers:x:2515:
> >>
> >> So, if that doesn''t display those groups after adding
them to the ldap
> >> server run the following (on fedora)
> >>
> >> authconfig
> >>
> >> Configure user information to use LDAP, this will configure PAM
> >> correctly and then you should be able to proceed.
> >>
> >> Ill get that added right away
> >>
> >>  
> >>
> > OK, now working...
> > net groupmapping result:
> > Successfully added group Domain Admins to the mapping db
> > thanks a lot
> > Leon
> >
> > -- 
> > Fedora-directory-users mailing list
> > Fedora-directory-users@redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> i managed to execute net groupmap add etc., but i have problems in the 
> next step of how-to:
> i added the entry of "Administrator" as shown in the how-to but
on
> smbpasswd -a Administrator i get the following error:
> ________________________________________________
> [root@fedorac4 ~]# smbpasswd -a Administrator
> New SMB password:
> Retype new SMB password:
> ldapsam_modify_entry: Failed to add user dn= 
> uid=Administrator,ou=People,dc=localdomain with: Already exists
> 
> ldapsam_add_sam_account: failed to modify/add user with uid = 
> Administrator (dn = uid=Administrator,ou=People,dc=localdomain)
> Failed to add entry for user Administrator.
> Failed to modify password entry for user Administrator
> [root@fedorac4 ~]#
> ________________________________________________
> 
> the ldapsearch -x -Z shows the entry in this way:
> _____________________________________
> 
> # Administrator, People, localdomain
> dn: uid=Administrator,ou=People,dc=localdomain
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator@localdomain
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
> 
> # search result
> search: 3
> result: 0 Success
> 
> # numResponses: 16
> # numEntries: 15
> [root@fedorac4 ~]#
> _____________________________________
> 
> some hints?
> 
> thank you
> Leon
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
Leon,

I think since you have an administrator account set already, do

smbpasswd Adminsitrator

the ''-a'' switch tells samba to add that user without it will
just change
the password and add the appropriate entries to directory server

Adam Stokes ha scritto:
>On Wed, 2005-07-20 at 16:32 +0200, Leonardo Pugliesi wrote:
>  
>
>>Leonardo Pugliesi ha scritto:
>>
>>    
>>
>>>Adam Stokes ha scritto:
>>>
>>>      
>>>
>>>>Ok I know what the problem is, its my fault :( when I was
testing this I
>>>>always run the following :
>>>>
>>>>getent group
>>>>
>>>>This should display
>>>>Domain Admins:x:2512:
>>>>Domain Users:x:2513:
>>>>Domain Guests:x:2514:
>>>>Domain Computers:x:2515:
>>>>
>>>>So, if that doesn''t display those groups after adding
them to the ldap
>>>>server run the following (on fedora)
>>>>
>>>>authconfig
>>>>
>>>>Configure user information to use LDAP, this will configure PAM
>>>>correctly and then you should be able to proceed.
>>>>
>>>>Ill get that added right away
>>>>
>>>> 
>>>>
>>>>        
>>>>
>>>OK, now working...
>>>net groupmapping result:
>>>Successfully added group Domain Admins to the mapping db
>>>thanks a lot
>>>Leon
>>>
>>>-- 
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users@redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>>      
>>>
>>i managed to execute net groupmap add etc., but i have problems in the 
>>next step of how-to:
>>i added the entry of "Administrator" as shown in the how-to
but on
>>smbpasswd -a Administrator i get the following error:
>>________________________________________________
>>[root@fedorac4 ~]# smbpasswd -a Administrator
>>New SMB password:
>>Retype new SMB password:
>>ldapsam_modify_entry: Failed to add user dn= 
>>uid=Administrator,ou=People,dc=localdomain with: Already exists
>>
>>ldapsam_add_sam_account: failed to modify/add user with uid = 
>>Administrator (dn = uid=Administrator,ou=People,dc=localdomain)
>>Failed to add entry for user Administrator.
>>Failed to modify password entry for user Administrator
>>[root@fedorac4 ~]#
>>________________________________________________
>>
>>the ldapsearch -x -Z shows the entry in this way:
>>_____________________________________
>>
>># Administrator, People, localdomain
>>dn: uid=Administrator,ou=People,dc=localdomain
>>uid: Administrator
>>cn: Samba Admin
>>givenName: Samba
>>sn: Admin
>>mail: Administrator@localdomain
>>objectClass: person
>>objectClass: organizationalPerson
>>objectClass: inetOrgPerson
>>objectClass: posixAccount
>>objectClass: top
>>loginShell: /bin/bash
>>uidNumber: 0
>>gidNumber: 0
>>homeDirectory: /root
>>gecos: Samba Admin
>>
>># search result
>>search: 3
>>result: 0 Success
>>
>># numResponses: 16
>># numEntries: 15
>>[root@fedorac4 ~]#
>>_____________________________________
>>
>>some hints?
>>
>>thank you
>>Leon
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users@redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>    
>>
>
>Leon,
>
>I think since you have an administrator account set already, do
>
>smbpasswd Adminsitrator
>
>the ''-a'' switch tells samba to add that user without it
will just change
>the password and add the appropriate entries to directory server
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users@redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>  
>
if i use "smbpasswd Administrator" i get:
_______________________________
[root@fedorac4 ~]# smbpasswd Administrator
New SMB password:
Retype new SMB password:
Failed to find entry for user administrator.
Failed to modify password entry for user administrator
[root@fedorac4 ~]#
_______________________________
so it seems that i can''t add Administrator because the entry alredy 
exists, but i can''t modify it because it doesn''t exists.....
am i missing something :-)

thanx

> >Leon,
> >
> >I think since you have an administrator account set already, do
> >
> >smbpasswd Adminsitrator
> >
> >the ''-a'' switch tells samba to add that user without
it will just change
> >the password and add the appropriate entries to directory server
> >
> >--
> >Fedora-directory-users mailing list
> >Fedora-directory-users@redhat.com
> >https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >  
> >
> if i use "smbpasswd Administrator" i get:
> _______________________________
> [root@fedorac4 ~]# smbpasswd Administrator
> New SMB password:
> Retype new SMB password:
> Failed to find entry for user administrator.
> Failed to modify password entry for user administrator
> [root@fedorac4 ~]#
> _______________________________
> so it seems that i can''t add Administrator because the entry
alredy
> exists, but i can''t modify it because it doesn''t
exists.....
> am i missing something :-)
> 
> thanx
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba
logs?

Adam Stokes ha scritto:
>>>Leon,
>>>
>>>I think since you have an administrator account set already, do
>>>
>>>smbpasswd Adminsitrator
>>>
>>>the ''-a'' switch tells samba to add that user
without it will just change
>>>the password and add the appropriate entries to directory server
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users@redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>> 
>>>
>>>      
>>>
>>if i use "smbpasswd Administrator" i get:
>>_______________________________
>>[root@fedorac4 ~]# smbpasswd Administrator
>>New SMB password:
>>Retype new SMB password:
>>Failed to find entry for user administrator.
>>Failed to modify password entry for user administrator
>>[root@fedorac4 ~]#
>>_______________________________
>>so it seems that i can''t add Administrator because the entry
alredy
>>exists, but i can''t modify it because it doesn''t
exists.....
>>am i missing something :-)
>>
>>thanx
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users@redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>    
>>
>
>What does your smb.conf look like? Also is there anything in the samba
>logs?
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users@redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>  
>
This is smb.conf (global section):

[global]
   workgroup = FEDORAC4
        username map = /etc/samba/smbusers
	enable privileges = yes
        server string = Samba Server %v
   	security = user
        encrypt passwords = Yes
        min passwd length = 3
        obey pam restrictions = No
        ldap passwd sync = Yes
        #unix password sync = Yes
        passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
        #passwd chat = "Changing password for*\nNew password*" %n\n
"*Retype new password*" %n\n"
        ldap passwd sync = Yes
        log level = 0
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 100000
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        mangling method = hash2
        Dos charset = 850
        Unix charset = ISO8859-1
        logon script = logon.bat
        logon drive = H:
        logon home         logon path         domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        passdb backend = ldapsam:ldap://fedorac4.localdomain
        #passdb backend = ldap:ldap://fedorac4.localdomain
        # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
        ldap admin dn = cn=Directory Manager
        ldap suffix = dc=localdomain
        ldap group suffix = ou=Groups
        ldap user suffix = ou=People
        ldap machine suffix = ou=Computers
        ldap idmap suffix = ou=Users
        #ldap ssl = start tls
        add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
        ldap delete dn = Yes
        #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u"
        add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"
        add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" 
        #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
        add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m
"%u" "%g"
        delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x
"%u" "%g"
        set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g
"%g" "%u"


samba logs is empty
Leon

On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi
wrote:
> Adam Stokes ha scritto:
> 
> >>>Leon,
> >>>
> >>>I think since you have an administrator account set already, do
> >>>
> >>>smbpasswd Adminsitrator
> >>>
> >>>the ''-a'' switch tells samba to add that user
without it will just change
> >>>the password and add the appropriate entries to directory
server
> >>>
> >>>--
> >>>Fedora-directory-users mailing list
> >>>Fedora-directory-users@redhat.com
> >>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>if i use "smbpasswd Administrator" i get:
> >>_______________________________
> >>[root@fedorac4 ~]# smbpasswd Administrator
> >>New SMB password:
> >>Retype new SMB password:
> >>Failed to find entry for user administrator.
> >>Failed to modify password entry for user administrator
> >>[root@fedorac4 ~]#
> >>_______________________________
> >>so it seems that i can''t add Administrator because the
entry alredy
> >>exists, but i can''t modify it because it doesn''t
exists.....
> >>am i missing something :-)
> >>
> >>thanx
> >>
> >>--
> >>Fedora-directory-users mailing list
> >>Fedora-directory-users@redhat.com
> >>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>    
> >>
> >
> >What does your smb.conf look like? Also is there anything in the samba
> >logs?
> >
> >--
> >Fedora-directory-users mailing list
> >Fedora-directory-users@redhat.com
> >https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >  
> >
> This is smb.conf (global section):
> 
> [global]
>    workgroup = FEDORAC4
>         username map = /etc/samba/smbusers
> 	enable privileges = yes
>         server string = Samba Server %v
>    	security = user
>         encrypt passwords = Yes
>         min passwd length = 3
>         obey pam restrictions = No
>         ldap passwd sync = Yes
>         #unix password sync = Yes
>         passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>         #passwd chat = "Changing password for*\nNew password*"
%n\n "*Retype new password*" %n\n"
>         ldap passwd sync = Yes
>         log level = 0
>         syslog = 0
>         log file = /var/log/samba/log.%m
>         max log size = 100000
>         time server = Yes
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         mangling method = hash2
>         Dos charset = 850
>         Unix charset = ISO8859-1
>         logon script = logon.bat
>         logon drive = H:
>         logon home >         logon path >         domain logons = Yes
>         os level = 65
>         preferred master = Yes
>         domain master = Yes
>         wins support = Yes
>         passdb backend = ldapsam:ldap://fedorac4.localdomain
>         #passdb backend = ldap:ldap://fedorac4.localdomain
>         # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
> 	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
>         ldap admin dn = cn=Directory Manager
>         ldap suffix = dc=localdomain
>         ldap group suffix = ou=Groups
>         ldap user suffix = ou=People
>         ldap machine suffix = ou=Computers
>         ldap idmap suffix = ou=Users
>         #ldap ssl = start tls
>         add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
>         ldap delete dn = Yes
>         #delete user script = /opt/IDEALX/sbin/smbldap-userdel
"%u"
>         add machine script = /opt/IDEALX/sbin/smbldap-useradd -w
"%u"
>         add group script = /opt/IDEALX/sbin/smbldap-groupadd -p
"%g"
>         #delete group script = /opt/IDEALX/sbin/smbldap-groupdel
"%g"
>         add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m
"%u" "%g"
>         delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod
-x "%u" "%g"
>         set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g
"%g" "%u"
> 
> 
> samba logs is empty
> Leon
> 
> 
> 
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some
of the administration maybe they created the admin account?

Adam Stokes ha scritto:
>On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
>  
>
>>Adam Stokes ha scritto:
>>
>>    
>>
>>>>>Leon,
>>>>>
>>>>>I think since you have an administrator account set already,
do
>>>>>
>>>>>smbpasswd Adminsitrator
>>>>>
>>>>>the ''-a'' switch tells samba to add that
user without it will just change
>>>>>the password and add the appropriate entries to directory
server
>>>>>
>>>>>--
>>>>>Fedora-directory-users mailing list
>>>>>Fedora-directory-users@redhat.com
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>if i use "smbpasswd Administrator" i get:
>>>>_______________________________
>>>>[root@fedorac4 ~]# smbpasswd Administrator
>>>>New SMB password:
>>>>Retype new SMB password:
>>>>Failed to find entry for user administrator.
>>>>Failed to modify password entry for user administrator
>>>>[root@fedorac4 ~]#
>>>>_______________________________
>>>>so it seems that i can''t add Administrator because the
entry alredy
>>>>exists, but i can''t modify it because it
doesn''t exists.....
>>>>am i missing something :-)
>>>>
>>>>thanx
>>>>
>>>>--
>>>>Fedora-directory-users mailing list
>>>>Fedora-directory-users@redhat.com
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>>
>>>>        
>>>>
>>>What does your smb.conf look like? Also is there anything in the
samba
>>>logs?
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users@redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>> 
>>>
>>>      
>>>
>>This is smb.conf (global section):
>>
>>[global]
>>   workgroup = FEDORAC4
>>        username map = /etc/samba/smbusers
>>	enable privileges = yes
>>        server string = Samba Server %v
>>   	security = user
>>        encrypt passwords = Yes
>>        min passwd length = 3
>>        obey pam restrictions = No
>>        ldap passwd sync = Yes
>>        #unix password sync = Yes
>>        passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>>        #passwd chat = "Changing password for*\nNew password*"
%n\n "*Retype new password*" %n\n"
>>        ldap passwd sync = Yes
>>        log level = 0
>>        syslog = 0
>>        log file = /var/log/samba/log.%m
>>        max log size = 100000
>>        time server = Yes
>>        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>>        mangling method = hash2
>>        Dos charset = 850
>>        Unix charset = ISO8859-1
>>        logon script = logon.bat
>>        logon drive = H:
>>        logon home >>        logon path >>        domain
logons = Yes
>>        os level = 65
>>        preferred master = Yes
>>        domain master = Yes
>>        wins support = Yes
>>        passdb backend = ldapsam:ldap://fedorac4.localdomain
>>        #passdb backend = ldap:ldap://fedorac4.localdomain
>>        # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
>>	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
>>        ldap admin dn = cn=Directory Manager
>>        ldap suffix = dc=localdomain
>>        ldap group suffix = ou=Groups
>>        ldap user suffix = ou=People
>>        ldap machine suffix = ou=Computers
>>        ldap idmap suffix = ou=Users
>>        #ldap ssl = start tls
>>        add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
>>        ldap delete dn = Yes
>>        #delete user script = /opt/IDEALX/sbin/smbldap-userdel
"%u"
>>        add machine script = /opt/IDEALX/sbin/smbldap-useradd -w
"%u"
>>        add group script = /opt/IDEALX/sbin/smbldap-groupadd -p
"%g"
>>        #delete group script = /opt/IDEALX/sbin/smbldap-groupdel
"%g"
>>        add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m
"%u" "%g"
>>        delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>>        set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g
"%g" "%u"
>>
>>
>>samba logs is empty
>>Leon
>>
>>
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users@redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>    
>>
>
>Not sure at this point, looks like you are using idealx scripts for some
>of the administration maybe they created the admin account?
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users@redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>  
>
the entry "Administrator.... " has been  created with the ldif2ldap 
method, as shown in the how-to.
the problem, in my opinion, is that if i use "smbldap-usershow 
Administrator" i get the right entry:

_____________________________
[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator
dn: uid=Administrator,ou=People,dc=localdomain
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator@localdomain
objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
_____________________________

if i use "ldapsearch -x -Z ''(uid=Administrator)'' i get
the right entry,
i suppose the same entry found with the other command:
____________________
[root@fedorac4 ~]# ldapsearch -x -Z ''(uid=Administrator)''
ldap_start_tls: Protocol error (2)
        additional info: unsupported extended operation
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=Administrator)
# requesting: ALL
#

# Administrator, People, localdomain
dn: uid=Administrator,ou=People,dc=localdomain
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator@localdomain
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@fedorac4 ~]#
_________________________________________-

i suppose the two command give me the same entry because sghould be 
querying the same database......

if i use pdbedit -u Administrator
i get
_________________
[root@fedorac4 ~]# pdbedit -u Administrator
Username not found!
[root@fedorac4 ~]#
_________________

so if only samba related commands seem not to work properly perhaps the 
problem is in samba configuration,
but in the guides downloaded from the website i didn''t found how to 
configure the part of the file for what concern the scripts of entries 
managemant such as adding users, machine, etc......
what should i do now?

bye leon

On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi
wrote:
> Adam Stokes ha scritto:
> 
> >On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
> >  
> >
> >>Adam Stokes ha scritto:
> >>
> >>    
> >>
> >>>>>Leon,
> >>>>>
> >>>>>I think since you have an administrator account set
already, do
> >>>>>
> >>>>>smbpasswd Adminsitrator
> >>>>>
> >>>>>the ''-a'' switch tells samba to add
that user without it will just change
> >>>>>the password and add the appropriate entries to
directory server
> >>>>>
> >>>>>--
> >>>>>Fedora-directory-users mailing list
> >>>>>Fedora-directory-users@redhat.com
>
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>
> >>>>>
> >>>>>
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>>if i use "smbpasswd Administrator" i get:
> >>>>_______________________________
> >>>>[root@fedorac4 ~]# smbpasswd Administrator
> >>>>New SMB password:
> >>>>Retype new SMB password:
> >>>>Failed to find entry for user administrator.
> >>>>Failed to modify password entry for user administrator
> >>>>[root@fedorac4 ~]#
> >>>>_______________________________
> >>>>so it seems that i can''t add Administrator because
the entry alredy
> >>>>exists, but i can''t modify it because it
doesn''t exists.....
> >>>>am i missing something :-)
> >>>>
> >>>>thanx
> >>>>
> >>>>--
> >>>>Fedora-directory-users mailing list
> >>>>Fedora-directory-users@redhat.com
>
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>What does your smb.conf look like? Also is there anything in
the samba
> >>>logs?
> >>>
> >>>--
> >>>Fedora-directory-users mailing list
> >>>Fedora-directory-users@redhat.com
> >>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>This is smb.conf (global section):
> >>
> >>[global]
> >>   workgroup = FEDORAC4
> >>        username map = /etc/samba/smbusers
> >>	enable privileges = yes
> >>        server string = Samba Server %v
> >>   	security = user
> >>        encrypt passwords = Yes
> >>        min passwd length = 3
> >>        obey pam restrictions = No
> >>        ldap passwd sync = Yes
> >>        #unix password sync = Yes
> >>        passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
> >>        #passwd chat = "Changing password for*\nNew
password*" %n\n "*Retype new password*" %n\n"
> >>        ldap passwd sync = Yes
> >>        log level = 0
> >>        syslog = 0
> >>        log file = /var/log/samba/log.%m
> >>        max log size = 100000
> >>        time server = Yes
> >>        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >>        mangling method = hash2
> >>        Dos charset = 850
> >>        Unix charset = ISO8859-1
> >>        logon script = logon.bat
> >>        logon drive = H:
> >>        logon home > >>        logon path > >>   
domain logons = Yes
> >>        os level = 65
> >>        preferred master = Yes
> >>        domain master = Yes
> >>        wins support = Yes
> >>        passdb backend = ldapsam:ldap://fedorac4.localdomain
> >>        #passdb backend = ldap:ldap://fedorac4.localdomain
> >>        # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
> >>	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
> >>        ldap admin dn = cn=Directory Manager
> >>        ldap suffix = dc=localdomain
> >>        ldap group suffix = ou=Groups
> >>        ldap user suffix = ou=People
> >>        ldap machine suffix = ou=Computers
> >>        ldap idmap suffix = ou=Users
> >>        #ldap ssl = start tls
> >>        add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
> >>        ldap delete dn = Yes
> >>        #delete user script = /opt/IDEALX/sbin/smbldap-userdel
"%u"
> >>        add machine script = /opt/IDEALX/sbin/smbldap-useradd -w
"%u"
> >>        add group script = /opt/IDEALX/sbin/smbldap-groupadd -p
"%g"
> >>        #delete group script = /opt/IDEALX/sbin/smbldap-groupdel
"%g"
> >>        add user to group script =
/opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
> >>        delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
> >>        set primary group script = /opt/IDEALX/sbin/smbldap-usermod
-g "%g" "%u"
> >>
> >>
> >>samba logs is empty
> >>Leon
> >>
> >>
> >>
> >>
> >>--
> >>Fedora-directory-users mailing list
> >>Fedora-directory-users@redhat.com
> >>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>    
> >>
> >
> >Not sure at this point, looks like you are using idealx scripts for
some
> >of the administration maybe they created the admin account?
> >
> >--
> >Fedora-directory-users mailing list
> >Fedora-directory-users@redhat.com
> >https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >  
> >
> the entry "Administrator.... " has been  created with the
ldif2ldap
> method, as shown in the how-to.
> the problem, in my opinion, is that if i use "smbldap-usershow 
> Administrator" i get the right entry:
> 
> _____________________________
> [root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator
> dn: uid=Administrator,ou=People,dc=localdomain
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator@localdomain
> objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
> userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
> _____________________________
> 
> if i use "ldapsearch -x -Z ''(uid=Administrator)'' i
get the right entry,
> i suppose the same entry found with the other command:
> ____________________
> [root@fedorac4 ~]# ldapsearch -x -Z ''(uid=Administrator)''
> ldap_start_tls: Protocol error (2)
>         additional info: unsupported extended operation
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope sub
> # filter: (uid=Administrator)
> # requesting: ALL
> #
> 
> # Administrator, People, localdomain
> dn: uid=Administrator,ou=People,dc=localdomain
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator@localdomain
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
> 
> # search result
> search: 3
> result: 0 Success
> 
> # numResponses: 2
> # numEntries: 1
> [root@fedorac4 ~]#
> _________________________________________-
> 
> i suppose the two command give me the same entry because sghould be 
> querying the same database......
> 
> if i use pdbedit -u Administrator
> i get
> _________________
> [root@fedorac4 ~]# pdbedit -u Administrator
> Username not found!
> [root@fedorac4 ~]#
> _________________
> 
> so if only samba related commands seem not to work properly perhaps the 
> problem is in samba configuration,
> but in the guides downloaded from the website i didn''t found how
to
> configure the part of the file for what concern the scripts of entries 
> managemant such as adding users, machine, etc......
> what should i do now?
> 
> bye leon
> 
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is what the administrator entry should look like :

[root@directory alias]# ldapsearch -x -ZZ
''(uid=administrator)''
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=administrator)
# requesting: ALL
#

# Administrator, People, gsslab.rdu.redhat.com
dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com
uid: Administrator
cn: Samba Administrator
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: sambaSamAccount
loginShell: /bin/bish
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Administrator
sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000
sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001
displayName: Samba Administrator
sambaPwdCanChange: 1120750967
sambaPwdMustChange: 2147483647
sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC
sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
 00000000
sambaPwdLastSet: 1120750967
sambaAcctFlags: [U          ]

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

So it looks like perhaps the administrator account needs the objectclass
sambaSamAccount added to the entry manually then you should be able to
proceed

Adam Stokes ha scritto:
>On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
>  
>
>>Adam Stokes ha scritto:
>>
>>    
>>
>>>On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
>>> 
>>>
>>>      
>>>
>>>>Adam Stokes ha scritto:
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>>>>>Leon,
>>>>>>>
>>>>>>>I think since you have an administrator account set
already, do
>>>>>>>
>>>>>>>smbpasswd Adminsitrator
>>>>>>>
>>>>>>>the ''-a'' switch tells samba to add
that user without it will just change
>>>>>>>the password and add the appropriate entries to
directory server
>>>>>>>
>>>>>>>--
>>>>>>>Fedora-directory-users mailing list
>>>>>>>Fedora-directory-users@redhat.com
>>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>    
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>>if i use "smbpasswd Administrator" i get:
>>>>>>_______________________________
>>>>>>[root@fedorac4 ~]# smbpasswd Administrator
>>>>>>New SMB password:
>>>>>>Retype new SMB password:
>>>>>>Failed to find entry for user administrator.
>>>>>>Failed to modify password entry for user administrator
>>>>>>[root@fedorac4 ~]#
>>>>>>_______________________________
>>>>>>so it seems that i can''t add Administrator
because the entry alredy
>>>>>>exists, but i can''t modify it because it
doesn''t exists.....
>>>>>>am i missing something :-)
>>>>>>
>>>>>>thanx
>>>>>>
>>>>>>--
>>>>>>Fedora-directory-users mailing list
>>>>>>Fedora-directory-users@redhat.com
>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>  
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>What does your smb.conf look like? Also is there anything in
the samba
>>>>>logs?
>>>>>
>>>>>--
>>>>>Fedora-directory-users mailing list
>>>>>Fedora-directory-users@redhat.com
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>This is smb.conf (global section):
>>>>
>>>>[global]
>>>>  workgroup = FEDORAC4
>>>>       username map = /etc/samba/smbusers
>>>>	enable privileges = yes
>>>>       server string = Samba Server %v
>>>>  	security = user
>>>>       encrypt passwords = Yes
>>>>       min passwd length = 3
>>>>       obey pam restrictions = No
>>>>       ldap passwd sync = Yes
>>>>       #unix password sync = Yes
>>>>       passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>>>>       #passwd chat = "Changing password for*\nNew
password*" %n\n "*Retype new password*" %n\n"
>>>>       ldap passwd sync = Yes
>>>>       log level = 0
>>>>       syslog = 0
>>>>       log file = /var/log/samba/log.%m
>>>>       max log size = 100000
>>>>       time server = Yes
>>>>       socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
>>>>       mangling method = hash2
>>>>       Dos charset = 850
>>>>       Unix charset = ISO8859-1
>>>>       logon script = logon.bat
>>>>       logon drive = H:
>>>>       logon home >>>>       logon path
>>>>       domain logons = Yes
>>>>       os level = 65
>>>>       preferred master = Yes
>>>>       domain master = Yes
>>>>       wins support = Yes
>>>>       passdb backend = ldapsam:ldap://fedorac4.localdomain
>>>>       #passdb backend = ldap:ldap://fedorac4.localdomain
>>>>       # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
>>>>	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
>>>>       ldap admin dn = cn=Directory Manager
>>>>       ldap suffix = dc=localdomain
>>>>       ldap group suffix = ou=Groups
>>>>       ldap user suffix = ou=People
>>>>       ldap machine suffix = ou=Computers
>>>>       ldap idmap suffix = ou=Users
>>>>       #ldap ssl = start tls
>>>>       add user script = /opt/IDEALX/sbin/smbldap-useradd -m
"%u"
>>>>       ldap delete dn = Yes
>>>>       #delete user script = /opt/IDEALX/sbin/smbldap-userdel
"%u"
>>>>       add machine script = /opt/IDEALX/sbin/smbldap-useradd -w
"%u"
>>>>       add group script = /opt/IDEALX/sbin/smbldap-groupadd -p
"%g"
>>>>       #delete group script = /opt/IDEALX/sbin/smbldap-groupdel
"%g"
>>>>       add user to group script =
/opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
>>>>       delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>>>>       set primary group script =
/opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
>>>>
>>>>
>>>>samba logs is empty
>>>>Leon
>>>>
>>>>
>>>>
>>>>
>>>>--
>>>>Fedora-directory-users mailing list
>>>>Fedora-directory-users@redhat.com
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>>
>>>>        
>>>>
>>>Not sure at this point, looks like you are using idealx scripts for
some
>>>of the administration maybe they created the admin account?
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users@redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>> 
>>>
>>>      
>>>
>>the entry "Administrator.... " has been  created with the
ldif2ldap
>>method, as shown in the how-to.
>>the problem, in my opinion, is that if i use "smbldap-usershow 
>>Administrator" i get the right entry:
>>
>>_____________________________
>>[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator
>>dn: uid=Administrator,ou=People,dc=localdomain
>>uid: Administrator
>>cn: Samba Admin
>>givenName: Samba
>>sn: Admin
>>mail: Administrator@localdomain
>>objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top
>>loginShell: /bin/bash
>>uidNumber: 0
>>gidNumber: 0
>>homeDirectory: /root
>>gecos: Samba Admin
>>userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
>>_____________________________
>>
>>if i use "ldapsearch -x -Z ''(uid=Administrator)''
i get the right entry,
>>i suppose the same entry found with the other command:
>>____________________
>>[root@fedorac4 ~]# ldapsearch -x -Z
''(uid=Administrator)''
>>ldap_start_tls: Protocol error (2)
>>        additional info: unsupported extended operation
>># extended LDIF
>>#
>># LDAPv3
>># base <> with scope sub
>># filter: (uid=Administrator)
>># requesting: ALL
>>#
>>
>># Administrator, People, localdomain
>>dn: uid=Administrator,ou=People,dc=localdomain
>>uid: Administrator
>>cn: Samba Admin
>>givenName: Samba
>>sn: Admin
>>mail: Administrator@localdomain
>>objectClass: person
>>objectClass: organizationalPerson
>>objectClass: inetOrgPerson
>>objectClass: posixAccount
>>objectClass: top
>>loginShell: /bin/bash
>>uidNumber: 0
>>gidNumber: 0
>>homeDirectory: /root
>>gecos: Samba Admin
>>
>># search result
>>search: 3
>>result: 0 Success
>>
>># numResponses: 2
>># numEntries: 1
>>[root@fedorac4 ~]#
>>_________________________________________-
>>
>>i suppose the two command give me the same entry because sghould be 
>>querying the same database......
>>
>>if i use pdbedit -u Administrator
>>i get
>>_________________
>>[root@fedorac4 ~]# pdbedit -u Administrator
>>Username not found!
>>[root@fedorac4 ~]#
>>_________________
>>
>>so if only samba related commands seem not to work properly perhaps the 
>>problem is in samba configuration,
>>but in the guides downloaded from the website i didn''t found
how to
>>configure the part of the file for what concern the scripts of entries 
>>managemant such as adding users, machine, etc......
>>what should i do now?
>>
>>bye leon
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users@redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>    
>>
>
>This is what the administrator entry should look like :
>
>[root@directory alias]# ldapsearch -x -ZZ
''(uid=administrator)''
># extended LDIF
>#
># LDAPv3
># base <> with scope sub
># filter: (uid=administrator)
># requesting: ALL
>#
>
># Administrator, People, gsslab.rdu.redhat.com
>dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com
>uid: Administrator
>cn: Samba Administrator
>objectClass: account
>objectClass: posixAccount
>objectClass: top
>objectClass: sambaSamAccount
>loginShell: /bin/bish
>uidNumber: 0
>gidNumber: 0
>homeDirectory: /root
>gecos: Samba Administrator
>sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000
>sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001
>displayName: Samba Administrator
>sambaPwdCanChange: 1120750967
>sambaPwdMustChange: 2147483647
>sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC
>sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6
>sambaPasswordHistory:
>00000000000000000000000000000000000000000000000000000000
> 00000000
>sambaPwdLastSet: 1120750967
>sambaAcctFlags: [U          ]
>
># search result
>search: 3
>result: 0 Success
>
># numResponses: 2
># numEntries: 1
>
>So it looks like perhaps the administrator account needs the objectclass
>sambaSamAccount added to the entry manually then you should be able to
>proceed
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users@redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>  
>
i removed all the references to smbldap-tools in the smb.conf and now 
things seems to work better...
i beg your pardon for this mistake but i thought that samba would 
interact with ldap through that tools.
now, for example, when i join a machine to the domain who is in charge 
of adding the correct entry in ldap database without smbladp-tools?

thanks,
leon

On Thu, 2005-07-21 at 17:05 +0200, Leonardo Pugliesi
wrote:
> Adam Stokes ha scritto:
> 
> >On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
> >  
> >
> >>Adam Stokes ha scritto:
> >>
> >>    
> >>
> >>>On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
> >>> 
> >>>
> >>>      
> >>>
> >>>>Adam Stokes ha scritto:
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>>>>>Leon,
> >>>>>>>
> >>>>>>>I think since you have an administrator account
set already, do
> >>>>>>>
> >>>>>>>smbpasswd Adminsitrator
> >>>>>>>
> >>>>>>>the ''-a'' switch tells samba
to add that user without it will just change
> >>>>>>>the password and add the appropriate entries to
directory server
> >>>>>>>
> >>>>>>>--
> >>>>>>>Fedora-directory-users mailing list
> >>>>>>>Fedora-directory-users@redhat.com
>
>>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>    
> >>>>>>>
> >>>>>>>         
> >>>>>>>
> >>>>>>>              
> >>>>>>>
> >>>>>>if i use "smbpasswd Administrator" i get:
> >>>>>>_______________________________
> >>>>>>[root@fedorac4 ~]# smbpasswd Administrator
> >>>>>>New SMB password:
> >>>>>>Retype new SMB password:
> >>>>>>Failed to find entry for user administrator.
> >>>>>>Failed to modify password entry for user
administrator
> >>>>>>[root@fedorac4 ~]#
> >>>>>>_______________________________
> >>>>>>so it seems that i can''t add Administrator
because the entry alredy
> >>>>>>exists, but i can''t modify it because it
doesn''t exists.....
> >>>>>>am i missing something :-)
> >>>>>>
> >>>>>>thanx
> >>>>>>
> >>>>>>--
> >>>>>>Fedora-directory-users mailing list
> >>>>>>Fedora-directory-users@redhat.com
>
>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>>  
> >>>>>>
> >>>>>>       
> >>>>>>
> >>>>>>            
> >>>>>>
> >>>>>What does your smb.conf look like? Also is there
anything in the samba
> >>>>>logs?
> >>>>>
> >>>>>--
> >>>>>Fedora-directory-users mailing list
> >>>>>Fedora-directory-users@redhat.com
>
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>
> >>>>>
> >>>>>
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>>This is smb.conf (global section):
> >>>>
> >>>>[global]
> >>>>  workgroup = FEDORAC4
> >>>>       username map = /etc/samba/smbusers
> >>>>	enable privileges = yes
> >>>>       server string = Samba Server %v
> >>>>  	security = user
> >>>>       encrypt passwords = Yes
> >>>>       min passwd length = 3
> >>>>       obey pam restrictions = No
> >>>>       ldap passwd sync = Yes
> >>>>       #unix password sync = Yes
> >>>>       passwd program = /opt/IDEALX/sbin/smbldap-passwd -u
%u
> >>>>       #passwd chat = "Changing password for*\nNew
password*" %n\n "*Retype new password*" %n\n"
> >>>>       ldap passwd sync = Yes
> >>>>       log level = 0
> >>>>       syslog = 0
> >>>>       log file = /var/log/samba/log.%m
> >>>>       max log size = 100000
> >>>>       time server = Yes
> >>>>       socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
> >>>>       mangling method = hash2
> >>>>       Dos charset = 850
> >>>>       Unix charset = ISO8859-1
> >>>>       logon script = logon.bat
> >>>>       logon drive = H:
> >>>>       logon home > >>>>       logon path
> >>>>       domain logons = Yes
> >>>>       os level = 65
> >>>>       preferred master = Yes
> >>>>       domain master = Yes
> >>>>       wins support = Yes
> >>>>       passdb backend = ldapsam:ldap://fedorac4.localdomain
> >>>>       #passdb backend = ldap:ldap://fedorac4.localdomain
> >>>>       # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
> >>>>	ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
> >>>>       ldap admin dn = cn=Directory Manager
> >>>>       ldap suffix = dc=localdomain
> >>>>       ldap group suffix = ou=Groups
> >>>>       ldap user suffix = ou=People
> >>>>       ldap machine suffix = ou=Computers
> >>>>       ldap idmap suffix = ou=Users
> >>>>       #ldap ssl = start tls
> >>>>       add user script = /opt/IDEALX/sbin/smbldap-useradd
-m "%u"
> >>>>       ldap delete dn = Yes
> >>>>       #delete user script =
/opt/IDEALX/sbin/smbldap-userdel "%u"
> >>>>       add machine script =
/opt/IDEALX/sbin/smbldap-useradd -w "%u"
> >>>>       add group script = /opt/IDEALX/sbin/smbldap-groupadd
-p "%g"
> >>>>       #delete group script =
/opt/IDEALX/sbin/smbldap-groupdel "%g"
> >>>>       add user to group script =
/opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
> >>>>       delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
> >>>>       set primary group script =
/opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
> >>>>
> >>>>
> >>>>samba logs is empty
> >>>>Leon
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>--
> >>>>Fedora-directory-users mailing list
> >>>>Fedora-directory-users@redhat.com
>
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>Not sure at this point, looks like you are using idealx scripts
for some
> >>>of the administration maybe they created the admin account?
> >>>
> >>>--
> >>>Fedora-directory-users mailing list
> >>>Fedora-directory-users@redhat.com
> >>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>the entry "Administrator.... " has been  created with the
ldif2ldap
> >>method, as shown in the how-to.
> >>the problem, in my opinion, is that if i use "smbldap-usershow
> >>Administrator" i get the right entry:
> >>
> >>_____________________________
> >>[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator
> >>dn: uid=Administrator,ou=People,dc=localdomain
> >>uid: Administrator
> >>cn: Samba Admin
> >>givenName: Samba
> >>sn: Admin
> >>mail: Administrator@localdomain
> >>objectClass:
person,organizationalPerson,inetOrgPerson,posixAccount,top
> >>loginShell: /bin/bash
> >>uidNumber: 0
> >>gidNumber: 0
> >>homeDirectory: /root
> >>gecos: Samba Admin
> >>userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
> >>_____________________________
> >>
> >>if i use "ldapsearch -x -Z
''(uid=Administrator)'' i get the right entry,
> >>i suppose the same entry found with the other command:
> >>____________________
> >>[root@fedorac4 ~]# ldapsearch -x -Z
''(uid=Administrator)''
> >>ldap_start_tls: Protocol error (2)
> >>        additional info: unsupported extended operation
> >># extended LDIF
> >>#
> >># LDAPv3
> >># base <> with scope sub
> >># filter: (uid=Administrator)
> >># requesting: ALL
> >>#
> >>
> >># Administrator, People, localdomain
> >>dn: uid=Administrator,ou=People,dc=localdomain
> >>uid: Administrator
> >>cn: Samba Admin
> >>givenName: Samba
> >>sn: Admin
> >>mail: Administrator@localdomain
> >>objectClass: person
> >>objectClass: organizationalPerson
> >>objectClass: inetOrgPerson
> >>objectClass: posixAccount
> >>objectClass: top
> >>loginShell: /bin/bash
> >>uidNumber: 0
> >>gidNumber: 0
> >>homeDirectory: /root
> >>gecos: Samba Admin
> >>
> >># search result
> >>search: 3
> >>result: 0 Success
> >>
> >># numResponses: 2
> >># numEntries: 1
> >>[root@fedorac4 ~]#
> >>_________________________________________-
> >>
> >>i suppose the two command give me the same entry because sghould be
> >>querying the same database......
> >>
> >>if i use pdbedit -u Administrator
> >>i get
> >>_________________
> >>[root@fedorac4 ~]# pdbedit -u Administrator
> >>Username not found!
> >>[root@fedorac4 ~]#
> >>_________________
> >>
> >>so if only samba related commands seem not to work properly perhaps
the
> >>problem is in samba configuration,
> >>but in the guides downloaded from the website i didn''t
found how to
> >>configure the part of the file for what concern the scripts of
entries
> >>managemant such as adding users, machine, etc......
> >>what should i do now?
> >>
> >>bye leon
> >>
> >>
> >>--
> >>Fedora-directory-users mailing list
> >>Fedora-directory-users@redhat.com
> >>https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>    
> >>
> >
> >This is what the administrator entry should look like :
> >
> >[root@directory alias]# ldapsearch -x -ZZ
''(uid=administrator)''
> ># extended LDIF
> >#
> ># LDAPv3
> ># base <> with scope sub
> ># filter: (uid=administrator)
> ># requesting: ALL
> >#
> >
> ># Administrator, People, gsslab.rdu.redhat.com
> >dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com
> >uid: Administrator
> >cn: Samba Administrator
> >objectClass: account
> >objectClass: posixAccount
> >objectClass: top
> >objectClass: sambaSamAccount
> >loginShell: /bin/bish
> >uidNumber: 0
> >gidNumber: 0
> >homeDirectory: /root
> >gecos: Samba Administrator
> >sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000
> >sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001
> >displayName: Samba Administrator
> >sambaPwdCanChange: 1120750967
> >sambaPwdMustChange: 2147483647
> >sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC
> >sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6
> >sambaPasswordHistory:
> >00000000000000000000000000000000000000000000000000000000
> > 00000000
> >sambaPwdLastSet: 1120750967
> >sambaAcctFlags: [U          ]
> >
> ># search result
> >search: 3
> >result: 0 Success
> >
> ># numResponses: 2
> ># numEntries: 1
> >
> >So it looks like perhaps the administrator account needs the
objectclass
> >sambaSamAccount added to the entry manually then you should be able to
> >proceed
> >
> >--
> >Fedora-directory-users mailing list
> >Fedora-directory-users@redhat.com
> >https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >  
> >
> i removed all the references to smbldap-tools in the smb.conf and now 
> things seems to work better...
> i beg your pardon for this mistake but i thought that samba would 
> interact with ldap through that tools.
> now, for example, when i join a machine to the domain who is in charge 
> of adding the correct entry in ldap database without smbladp-tools?
> 
> thanks,
> leon
> 
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
Unfortunately, it has to be done manually without the proper ldap
tools.. I haven''t gotten that far in testing just a preliminary how-to
for this. 

IDEALX scripts do work with openldap again I haven''t tested with FDS.
My
suggestion to you or someone who is good in C is to write a plugin for
FDS probably a Pre-operation plugin to allow for the adding/removing of
entries in the FDS db.

More information on plugins can be found :
http://directory.fedora.redhat.com/wiki/Plugins

Sorry I couldn''t be of further assistance

thanks

Adam Stokes ha scritto:
>On Thu, 2005-07-21 at 17:05 +0200, Leonardo Pugliesi wrote:
>  
>
>>Adam Stokes ha scritto:
>>
>>    
>>
>>>On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
>>> 
>>>
>>>      
>>>
>>>>Adam Stokes ha scritto:
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>>>On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>Adam Stokes ha scritto:
>>>>>>
>>>>>>  
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>>>>>Leon,
>>>>>>>>>
>>>>>>>>>I think since you have an administrator
account set already, do
>>>>>>>>>
>>>>>>>>>smbpasswd Adminsitrator
>>>>>>>>>
>>>>>>>>>the ''-a'' switch tells
samba to add that user without it will just change
>>>>>>>>>the password and add the appropriate entries
to directory server
>>>>>>>>>
>>>>>>>>>--
>>>>>>>>>Fedora-directory-users mailing list
>>>>>>>>>Fedora-directory-users@redhat.com
>>>>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>   
>>>>>>>>>
>>>>>>>>>        
>>>>>>>>>
>>>>>>>>>             
>>>>>>>>>
>>>>>>>>>                  
>>>>>>>>>
>>>>>>>>if i use "smbpasswd Administrator" i
get:
>>>>>>>>_______________________________
>>>>>>>>[root@fedorac4 ~]# smbpasswd Administrator
>>>>>>>>New SMB password:
>>>>>>>>Retype new SMB password:
>>>>>>>>Failed to find entry for user administrator.
>>>>>>>>Failed to modify password entry for user
administrator
>>>>>>>>[root@fedorac4 ~]#
>>>>>>>>_______________________________
>>>>>>>>so it seems that i can''t add
Administrator because the entry alredy
>>>>>>>>exists, but i can''t modify it because
it doesn''t exists.....
>>>>>>>>am i missing something :-)
>>>>>>>>
>>>>>>>>thanx
>>>>>>>>
>>>>>>>>--
>>>>>>>>Fedora-directory-users mailing list
>>>>>>>>Fedora-directory-users@redhat.com
>>>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>> 
>>>>>>>>
>>>>>>>>      
>>>>>>>>
>>>>>>>>           
>>>>>>>>
>>>>>>>>                
>>>>>>>>
>>>>>>>What does your smb.conf look like? Also is there
anything in the samba
>>>>>>>logs?
>>>>>>>
>>>>>>>--
>>>>>>>Fedora-directory-users mailing list
>>>>>>>Fedora-directory-users@redhat.com
>>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>    
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>>This is smb.conf (global section):
>>>>>>
>>>>>>[global]
>>>>>> workgroup = FEDORAC4
>>>>>>      username map = /etc/samba/smbusers
>>>>>>	enable privileges = yes
>>>>>>      server string = Samba Server %v
>>>>>> 	security = user
>>>>>>      encrypt passwords = Yes
>>>>>>      min passwd length = 3
>>>>>>      obey pam restrictions = No
>>>>>>      ldap passwd sync = Yes
>>>>>>      #unix password sync = Yes
>>>>>>      passwd program = /opt/IDEALX/sbin/smbldap-passwd
-u %u
>>>>>>      #passwd chat = "Changing password for*\nNew
password*" %n\n "*Retype new password*" %n\n"
>>>>>>      ldap passwd sync = Yes
>>>>>>      log level = 0
>>>>>>      syslog = 0
>>>>>>      log file = /var/log/samba/log.%m
>>>>>>      max log size = 100000
>>>>>>      time server = Yes
>>>>>>      socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
>>>>>>      mangling method = hash2
>>>>>>      Dos charset = 850
>>>>>>      Unix charset = ISO8859-1
>>>>>>      logon script = logon.bat
>>>>>>      logon drive = H:
>>>>>>      logon home >>>>>>      logon
path >>>>>>      domain logons = Yes
>>>>>>      os level = 65
>>>>>>      preferred master = Yes
>>>>>>      domain master = Yes
>>>>>>      wins support = Yes
>>>>>>      passdb backend =
ldapsam:ldap://fedorac4.localdomain
>>>>>>      #passdb backend = ldap:ldap://fedorac4.localdomain
>>>>>>      # passdb backend = ldapsam:"ldap://127.0.0.1/
ldap://slave.idealx.com"
>>>>>>	ldap filter =
(&(objectclass=sambaSamAccount)(uid=%u))
>>>>>>      ldap admin dn = cn=Directory Manager
>>>>>>      ldap suffix = dc=localdomain
>>>>>>      ldap group suffix = ou=Groups
>>>>>>      ldap user suffix = ou=People
>>>>>>      ldap machine suffix = ou=Computers
>>>>>>      ldap idmap suffix = ou=Users
>>>>>>      #ldap ssl = start tls
>>>>>>      add user script = /opt/IDEALX/sbin/smbldap-useradd
-m "%u"
>>>>>>      ldap delete dn = Yes
>>>>>>      #delete user script =
/opt/IDEALX/sbin/smbldap-userdel "%u"
>>>>>>      add machine script =
/opt/IDEALX/sbin/smbldap-useradd -w "%u"
>>>>>>      add group script =
/opt/IDEALX/sbin/smbldap-groupadd -p "%g"
>>>>>>      #delete group script =
/opt/IDEALX/sbin/smbldap-groupdel "%g"
>>>>>>      add user to group script =
/opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
>>>>>>      delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>>>>>>      set primary group script =
/opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
>>>>>>
>>>>>>
>>>>>>samba logs is empty
>>>>>>Leon
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>--
>>>>>>Fedora-directory-users mailing list
>>>>>>Fedora-directory-users@redhat.com
>>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>  
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>Not sure at this point, looks like you are using idealx
scripts for some
>>>>>of the administration maybe they created the admin account?
>>>>>
>>>>>--
>>>>>Fedora-directory-users mailing list
>>>>>Fedora-directory-users@redhat.com
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>the entry "Administrator.... " has been  created with
the ldif2ldap
>>>>method, as shown in the how-to.
>>>>the problem, in my opinion, is that if i use
"smbldap-usershow
>>>>Administrator" i get the right entry:
>>>>
>>>>_____________________________
>>>>[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow
Administrator
>>>>dn: uid=Administrator,ou=People,dc=localdomain
>>>>uid: Administrator
>>>>cn: Samba Admin
>>>>givenName: Samba
>>>>sn: Admin
>>>>mail: Administrator@localdomain
>>>>objectClass:
person,organizationalPerson,inetOrgPerson,posixAccount,top
>>>>loginShell: /bin/bash
>>>>uidNumber: 0
>>>>gidNumber: 0
>>>>homeDirectory: /root
>>>>gecos: Samba Admin
>>>>userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
>>>>_____________________________
>>>>
>>>>if i use "ldapsearch -x -Z
''(uid=Administrator)'' i get the right entry,
>>>>i suppose the same entry found with the other command:
>>>>____________________
>>>>[root@fedorac4 ~]# ldapsearch -x -Z
''(uid=Administrator)''
>>>>ldap_start_tls: Protocol error (2)
>>>>       additional info: unsupported extended operation
>>>># extended LDIF
>>>>#
>>>># LDAPv3
>>>># base <> with scope sub
>>>># filter: (uid=Administrator)
>>>># requesting: ALL
>>>>#
>>>>
>>>># Administrator, People, localdomain
>>>>dn: uid=Administrator,ou=People,dc=localdomain
>>>>uid: Administrator
>>>>cn: Samba Admin
>>>>givenName: Samba
>>>>sn: Admin
>>>>mail: Administrator@localdomain
>>>>objectClass: person
>>>>objectClass: organizationalPerson
>>>>objectClass: inetOrgPerson
>>>>objectClass: posixAccount
>>>>objectClass: top
>>>>loginShell: /bin/bash
>>>>uidNumber: 0
>>>>gidNumber: 0
>>>>homeDirectory: /root
>>>>gecos: Samba Admin
>>>>
>>>># search result
>>>>search: 3
>>>>result: 0 Success
>>>>
>>>># numResponses: 2
>>>># numEntries: 1
>>>>[root@fedorac4 ~]#
>>>>_________________________________________-
>>>>
>>>>i suppose the two command give me the same entry because sghould
be
>>>>querying the same database......
>>>>
>>>>if i use pdbedit -u Administrator
>>>>i get
>>>>_________________
>>>>[root@fedorac4 ~]# pdbedit -u Administrator
>>>>Username not found!
>>>>[root@fedorac4 ~]#
>>>>_________________
>>>>
>>>>so if only samba related commands seem not to work properly
perhaps the
>>>>problem is in samba configuration,
>>>>but in the guides downloaded from the website i didn''t
found how to
>>>>configure the part of the file for what concern the scripts of
entries
>>>>managemant such as adding users, machine, etc......
>>>>what should i do now?
>>>>
>>>>bye leon
>>>>
>>>>
>>>>--
>>>>Fedora-directory-users mailing list
>>>>Fedora-directory-users@redhat.com
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>>
>>>>        
>>>>
>>>This is what the administrator entry should look like :
>>>
>>>[root@directory alias]# ldapsearch -x -ZZ
''(uid=administrator)''
>>># extended LDIF
>>>#
>>># LDAPv3
>>># base <> with scope sub
>>># filter: (uid=administrator)
>>># requesting: ALL
>>>#
>>>
>>># Administrator, People, gsslab.rdu.redhat.com
>>>dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com
>>>uid: Administrator
>>>cn: Samba Administrator
>>>objectClass: account
>>>objectClass: posixAccount
>>>objectClass: top
>>>objectClass: sambaSamAccount
>>>loginShell: /bin/bish
>>>uidNumber: 0
>>>gidNumber: 0
>>>homeDirectory: /root
>>>gecos: Samba Administrator
>>>sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000
>>>sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001
>>>displayName: Samba Administrator
>>>sambaPwdCanChange: 1120750967
>>>sambaPwdMustChange: 2147483647
>>>sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC
>>>sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6
>>>sambaPasswordHistory:
>>>00000000000000000000000000000000000000000000000000000000
>>>00000000
>>>sambaPwdLastSet: 1120750967
>>>sambaAcctFlags: [U          ]
>>>
>>># search result
>>>search: 3
>>>result: 0 Success
>>>
>>># numResponses: 2
>>># numEntries: 1
>>>
>>>So it looks like perhaps the administrator account needs the
objectclass
>>>sambaSamAccount added to the entry manually then you should be able
to
>>>proceed
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users@redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>> 
>>>
>>>      
>>>
>>i removed all the references to smbldap-tools in the smb.conf and now 
>>things seems to work better...
>>i beg your pardon for this mistake but i thought that samba would 
>>interact with ldap through that tools.
>>now, for example, when i join a machine to the domain who is in charge 
>>of adding the correct entry in ldap database without smbladp-tools?
>>
>>thanks,
>>leon
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users@redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>    
>>
>
>Unfortunately, it has to be done manually without the proper ldap
>tools.. I haven''t gotten that far in testing just a preliminary
how-to
>for this. 
>
>IDEALX scripts do work with openldap again I haven''t tested with
FDS. My
>suggestion to you or someone who is good in C is to write a plugin for
>FDS probably a Pre-operation plugin to allow for the adding/removing of
>entries in the FDS db.
>
>More information on plugins can be found :
>http://directory.fedora.redhat.com/wiki/Plugins
>
>Sorry I couldn''t be of further assistance
>
>thanks
>
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users@redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>  
>
now i have to users configured in ldap: testuser and admnistrator (as u 
do in the how-to)
when i try to enter in a samba share with testuser i have no problems 
but if i use administrator and its password i can''t enter,
is this normal?

thanx,
leon

Help
how to insert computers in domain?
in your how-to you explained how to insert groups and users entries into 
ldap, how about machine account?
whitout them we can''t let clients joining the domain!
any suggestions?

thanx
leon