Hello, I have installed / configured samba-ldap (compiled SAMBA_2_2 from CVS) Whe i try to change the password for the root user, there is no problem. If i try to change the password of an ordinary user, i get the error: nas:~# smbpasswd -U william New SMB password: Retype new SMB password: No user to modify! Password changed for user william. Failed to modify entry for user william. Failed to modify password entry for user william Ok, so i ran it with debugging on: -- CUT -- load_unix_unicode_map: ISO8859-1 (init_done=0, override=0) load_unicode_map: loading unicode map for codepage ISO8859-1. New SMB password: Retype new SMB password: ldap_open_connection: starting... Initializing connection to localhost on port 389 ldap_open_connection: connection opened ldap_connect_system: Binding to ldap server as "cn=root,ou=hasselt.be,o=hasselt,c=be" ldap_connect_system: succesful connection to the LDAP server ldap_search_one_user: searching for:[(&(cn=william)(objectclass=sambaAccount))] get_single_attribute: [uid] = [william] Entry found for user: william -- CUT -- Here we see that the correct user was found... But then: -- CUT -- get_single_attribute: [pwdLastSet] = [1] get_single_attribute: [logonTime] = [0] get_single_attribute: [logoffTime] = [0] get_single_attribute: [kickoffTime] = [0] get_single_attribute: [pwdCanChange] = [0] get_single_attribute: [pwdMustChange] = [0] get_single_attribute: [cn] = [william] get_single_attribute: [homeDrive] = [<does not exist>] homeDrive fell back to get_single_attribute: [smbHome] = [<does not exist>] Home server: NAS smbHome fell back to \\NAS\william get_single_attribute: [scriptPath] = [<does not exist>] scriptPath fell back to get_single_attribute: [profilePath] = [<does not exist>] Home server: NAS profilePath fell back to \\NAS\william\profile get_single_attribute: [description] = [<does not exist>] get_single_attribute: [userWorkstations] = [<does not exist>] get_single_attribute: [rid] = [500] get_single_attribute: [primaryGroupID] = [512] init_sam_from_ldap: User [william] does not ave a uid! ldap_open_connection: starting... Initializing connection to localhost on port 389 ldap_open_connection: connection opened ldap_connect_system: Binding to ldap server as "cn=root,ou=hasselt.be,o=hasselt,c=be" ldap_connect_system: succesful connection to the LDAP server ldap_search_one_user: searching for:[(&(cn=)(objectclass=sambaAccount))] No user to modify! Password changed for user william. Failed to modify entry for user william. Failed to modify password entry for user william -- CUT -- Here we all notice that it connect's again to the ldap and then searches for [(&(cn=)(objectclass=sambaAccount))]. cn= does not exist and thus return no users. Why doesn't smbpasswd put cn=william in there ??? Does anyone know a solution to this problem ??? Greetings, --- Tom Palmaers
i have a running samba with ldap for user-managment. i guess i had the same problem. can you pipe the output of the following ldapsearch -LLL "uid=william" to me? maybe i can help you marcel beltz Am Montag, 25.11.02, um 17:04 Uhr (Europe/Berlin) schrieb Tom Palmaers:> Hello, > > I have installed / configured samba-ldap (compiled SAMBA_2_2 from CVS) > > Whe i try to change the password for the root user, there is no > problem. > If i try to change the password of an ordinary user, i get the > error: > > nas:~# smbpasswd -U william > New SMB password: > Retype new SMB password: > No user to modify! > Password changed for user william. > Failed to modify entry for user william. > Failed to modify password entry for user william > > Ok, so i ran it with debugging on: > > -- CUT -- > load_unix_unicode_map: ISO8859-1 (init_done=0, override=0) > load_unicode_map: loading unicode map for codepage ISO8859-1. > New SMB password: > Retype new SMB password: > ldap_open_connection: starting... > Initializing connection to localhost on port 389 > ldap_open_connection: connection opened > ldap_connect_system: Binding to ldap server as > "cn=root,ou=hasselt.be,o=hasselt,c=be" > ldap_connect_system: succesful connection to the LDAP server > ldap_search_one_user: searching > for:[(&(cn=william)(objectclass=sambaAccount))] > get_single_attribute: [uid] = [william] > Entry found for user: william > -- CUT -- > > Here we see that the correct user was found... > > But then: > > -- CUT -- > get_single_attribute: [pwdLastSet] = [1] > get_single_attribute: [logonTime] = [0] > get_single_attribute: [logoffTime] = [0] > get_single_attribute: [kickoffTime] = [0] > get_single_attribute: [pwdCanChange] = [0] > get_single_attribute: [pwdMustChange] = [0] > get_single_attribute: [cn] = [william] > get_single_attribute: [homeDrive] = [<does not exist>] > homeDrive fell back to > get_single_attribute: [smbHome] = [<does not exist>] > Home server: NAS > smbHome fell back to \\NAS\william > get_single_attribute: [scriptPath] = [<does not exist>] > scriptPath fell back to > get_single_attribute: [profilePath] = [<does not exist>] > Home server: NAS > profilePath fell back to \\NAS\william\profile > get_single_attribute: [description] = [<does not exist>] > get_single_attribute: [userWorkstations] = [<does not exist>] > get_single_attribute: [rid] = [500] > get_single_attribute: [primaryGroupID] = [512] > init_sam_from_ldap: User [william] does not ave a uid! > ldap_open_connection: starting... > Initializing connection to localhost on port 389 > ldap_open_connection: connection opened > ldap_connect_system: Binding to ldap server as > "cn=root,ou=hasselt.be,o=hasselt,c=be" > ldap_connect_system: succesful connection to the LDAP server > ldap_search_one_user: searching > for:[(&(cn=)(objectclass=sambaAccount))] > No user to modify! > Password changed for user william. > Failed to modify entry for user william. > Failed to modify password entry for user william > -- CUT -- > > Here we all notice that it connect's again to the ldap and then > searches > for [(&(cn=)(objectclass=sambaAccount))]. > > cn= does not exist and thus return no users. Why doesn't smbpasswd put > cn=william in there ??? > > Does anyone know a solution to this problem ??? > > Greetings, > > --- > > Tom Palmaers > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > >--- marcel beltz beltz.info email: marcel@beltz.info am mittleren moos 48 fon: +49 177 736 787 1 86167 augsburg ++
On Tue, Nov 26, 2002 at 10:46:15AM +0100, Marcel Beltz wrote:> sorry, i forget, > if you want to create a user the best way ( in my opinion ) is first to > make the ldap entry without the > objectclass sambaAccount > and than to make smbpasswd -U william, this will append to your > ldap-entry the objectclass sambaAccount with all it's definitions.Adding the posixAccount stuff didn't make a difference... :-( But it's true that i don't have user accounts for those people, i just want to use virtual users stored in an ldap. If i make a posixAccount entry and i try to add the users using smbpasswd -a , it says that the user is not present in the /etc/passwd file. If i use -U it give the same old error. Greetz, --- Tom Palmaers Better Access Team