samba - Mar 2003 - Samba-LDAP PDC not calling 'add user script' # Global parameters

[global]
	        coding system = 
	        client code page = 850
	 
       code page directory = /var/lib/samba/codepages
	        workgroup
 = MICROVERSE
	        netbios name = 
	        netbios aliases = 
	  
      netbios scope = 
	        server string = Samba Server %v
	      
  interfaces = 
	        bind interfaces only = No
	        security = USER

         encrypt passwords = Yes
	        update encrypted = No
	      
  allow trusted domains = Yes
	        hosts equiv = 
	        min passwd
 length = 5
	        map to guest = Never
	        null passwords = No

         obey pam restrictions = No
	        password server = 
	      
  smb passwd file = /etc/samba/smbpasswd
	        root directory = 
	  
      pam password change = No
	        passwd program = /usr/bin/passwd

         passwd chat = *new*password* %n\n *new*password* %n\n *changed*

         passwd chat debug = No
	        username map = 
	        password
 level = 0
	        username level = 0
	        unix password sync = No

         restrict anonymous = No
	        lanman auth = Yes
	        use
 rhosts = No
	        admin log = No
	        log level = 6
	        syslog
 = 1
	        syslog only = No
	        log file = /var/log/samba/log.%m

         max log size = 50
	        timestamp logs = Yes
	        debug
 hires timestamp = No
	        debug pid = No
	        debug uid = No

         protocol = NT1
	        large readwrite = Yes
	        max protocol
 = NT1
	        min protocol = CORE
	        read bmpx = No
	        read
 raw = Yes
	        write raw = Yes
	        nt smb support = Yes
	   
     nt pipe support = Yes
	        nt status support = Yes
	        announce
 version = 4.9
	        announce as = NT
	        max mux = 50
	      
  max xmit = 16644
	        name resolve order = lmhosts host wins bcast

         max ttl = 259200
	        max wins ttl = 518400
	        min wins
 ttl = 21600
	        time server = No
	        unix extensions = No
	
        change notify timeout = 60
	        deadtime = 0
	        getwd
 cache = Yes
	        keepalive = 300
	        lpq cache time = 10
	  
      max smbd processes = 0
	        max disk size = 0
	        max open
 files = 10000
	        name cache timeout = 660
	        read size = 16384

         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	   
     stat cache size = 50
	        use mmap = Yes
	        total print jobs
 = 0
	        load printers = Yes
	        printcap name = lpstat
	   
     disable spoolss = No
	        enumports command = 
	        addprinter
 command = 
	        deleteprinter command = 
	        show add printer
 wizard = Yes
	        os2 driver map = 
	        strip dot = No
	    
    mangling method = hash
	        character set = 
	        mangled stack
 = 50
	        stat cache = Yes
	        domain admin group = Administrator
 @adm @Administrators @wheel root
	        domain guest group = 
	     
   machine password timeout = 604800
	        add user script = /usr/share/samba/scripts/smbldap-useradd.pl
 -w -d /dev/null -g Machines -s /bin/false %u
	        delete user script
 = 
	        logon script = 
	        logon path = \\%N\%U\profile
	  
      logon drive = 
	        logon home = \\%N\%U
	        domain logons
 = Yes
	        os level = 33
	        lm announce = Auto
	        lm interval
 = 60
	        preferred master = Yes
	        local master = Yes
	   
     domain master = Yes
	        browse list = Yes
	        enhanced browsing
 = Yes
	        dns proxy = No
	        wins proxy = No
	        wins server
 = 
	        wins support = No
	        wins hook = 
	        kernel oplocks
 = Yes
	        lock spin count = 3
	        lock spin time = 10
	    
    oplock break wait time = 0
	        ldap server = 127.0.0.1
	      
  ldap port = 389
	        ldap suffix = dc=microverse,dc=net
	        ldap
 filter = (&(uid=%u)(objectclass=sambaAccount))
	        ldap admin dn  cn=root,dc=microverse,dc=net
	        ldap ssl = no
	        add share
 command = 
	        change share command = 
	        delete share command
 = 
	        config file = 
	        preload = 
	        lock dir = /var/cache/samba

         pid directory = /var/run/samba
	        utmp directory = 
	   
     wtmp directory = 
	        utmp = No
	        default service = 

         message command = 
	        dfree command = 
	        valid chars
 = 
	        remote announce = 
	        remote browse sync = 
	      
  socket address = 0.0.0.0
	        homedir map = auto.home
	        time
 offset = 0
	        NIS homedir = No
	        source environment = 
	
        panic action = 
	        hide local users = No
	        host msdfs
 = No
	        winbind uid = 
	        winbind gid = 
	        template
 homedir = /home/%D/%U
	        template shell = /bin/false
	        winbind
 separator = \
	        winbind cache time = 15
	        winbind enum users
 = Yes
	        winbind enum groups = Yes
	        winbind use default domain
 = No
	        comment = 
	        path = 
	        alternate permissions
 = No
	        username = 
	        guest account = nobody
	        invalid
 users = 
	        valid users = 
	        admin users = 
	        read
 list = 
	        write list = 
	        printer admin = 
	        force
 user = 
	        force group = 
	        read only = Yes
	        create
 mask = 0744
	        force create mode = 00
	        security mask = 0777

         force security mode = 00
	        directory mask = 0755
	     
   force directory mode = 00
	        directory security mask = 0777
	 
       force directory security mode = 00
	        force unknown acl user
 = 00
	        inherit permissions = No
	        inherit acls = No
	  
      guest only = No
	        guest ok = No
	        only user = No
	
        hosts allow = 
	        hosts deny = 
	        status = Yes
	 
       nt acl support = Yes
	        profile acls = No
	        block size
 = 1024
	        max connections = 0
	        min print space = 0
	   
     strict allocate = No
	        strict sync = No
	        sync always
 = No
	        use sendfile = No
	        write cache size = 0
	      
  max print jobs = 1000
	        printable = No
	        postscript = No

         printing = cups
	        print command = lpr -r -P%p %s
	     
   lpq command = lpq -P%p
	        lprm command = lprm -P%p %j
	       
 lppause command = 
	        lpresume command = 
	        queuepause command
 = 
	        queueresume command = 
	        printer name = 
	        use
 client driver = No
	        default devmode = No
	        printer driver
 = 
	        printer driver file = /etc/samba/printers.def
	        printer
 driver location = 
	        default case = lower
	        case sensitive
 = No
	        preserve case = Yes
	        short preserve case = Yes

         mangle case = No
	        mangling char = ~
	        hide dot files
 = Yes
	        hide unreadable = No
	        delete veto files = No
	
        veto files = 
	        hide files = 
	        veto oplock files
 = 
	        map system = No
	        map hidden = No
	        map archive
 = Yes
	        mangled names = Yes
	        mangled map = 
	        browseable
 = Yes
	        blocking locks = Yes
	        csc policy = manual
	   
     fake oplocks = No
	        locking = Yes
	        oplocks = Yes
	
        level2 oplocks = Yes
	        oplock contention limit = 2
	    
    posix locking = Yes
	        strict locking = No
	        share modes
 = Yes
	        copy = 
	        include = 
	        exec = 
	       
 preexec close = No
	        postexec = 
	        root preexec = 
	   
     root preexec close = No
	        root postexec = 
	        available
 = Yes
	        volume = 
	        fstype = NTFS
	        set directory
 = No
	        wide links = Yes
	        follow symlinks = Yes
	      
  dont descend = 
	        magic script = 
	        magic output = 
	 
       delete readonly = No
	        dos filemode = No
	        dos filetimes
 = No
	        dos filetime resolution = No
	        fake directory create
 times = No
	        vfs object = 
	        vfs options = 
	        msdfs
 root = No
	
	[homes]
	        comment = Home Directories
	        read
 only = No
	        browseable = No
	
	[netlogon]
	        comment = Network
 Logon Service
	        path = /var/lib/samba/netlogon
	        guest ok
 = Yes
	
	[printers]
	        comment = All Printers
	        path = /var/spool/samba

         create mask = 0700
	        guest ok = Yes
	        printable  Yes
	        print command = lpr-cups -P %p -o raw %s -r   # using client
 side printer drivers.
	        browseable = No
	
	[print$]
	        path
 = /var/lib/samba/printers
	        write list = @adm root
	
	[pdf-generator]

         comment = PDF Generator (only valid users)
	        path = /var/tmp

         printable = Yes
	        print command = /usr/share/samba/scripts/print-pdf
 %s ~%u \\\\\\\\%L\\\\%u %m %I &
	
	[public]
	        path = /home/storeage

         read only = No
	        guest only = Yes
	        guest ok = Yes

 Samba-LDAP PDC not calling 'add user script'
	
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

For some reason I cannot fathom, Samba isn't calling the script.  Can 
anyone tell me what kinds of things  might cause Samba to behave this 
way?  Anyone know a way around it?

Jim C.

Here is a testparm dump:
> [root@enigma root]# testparm 
> Load smb config files from /etc/samba/smb.conf
> Processing section "[homes]"
> Processing section "[netlogon]"
> Processing section "[printers]"
> Processing section "[print$]"
> Processing section "[pdf-generator]"
> Processing section "[public]"
> Loaded services file OK.
> WARNING: You have some share names that are longer than 8 chars
> These may give errors while browsing or may not be accessible
> to some older clients
> Press enter to see a dump of your service definitions
> 
> # Global parameters
> [global]
>         coding system = 
>         client code page = 850
>         code page directory = /var/lib/samba/codepages
>         workgroup = MICROVERSE
>         netbios name = 
>         netbios aliases = 
>         netbios scope = 
>         server string = Samba Server %v
>         interfaces = 
>         bind interfaces only = No
>         security = USER
>         encrypt passwords = Yes
>         update encrypted = No
>         allow trusted domains = Yes
>         hosts equiv = 
>         min passwd length = 5
>         map to guest = Never
>         null passwords = No
>         obey pam restrictions = No
>         password server = 
>         smb passwd file = /etc/samba/smbpasswd
>         root directory = 
>         pam password change = No
>         passwd program = /usr/bin/passwd
>         passwd chat = *new*password* %n\n *new*password* %n\n *changed*
>         passwd chat debug = No
>         username map = 
>         password level = 0
>         username level = 0
>         unix password sync = No
>         restrict anonymous = No
>         lanman auth = Yes
>         use rhosts = No
>         admin log = No
>         log level = 6
>         syslog = 1
>         syslog only = No
>         log file = /var/log/samba/log.%m
>         max log size = 50
>         timestamp logs = Yes
>         debug hires timestamp = No
>         debug pid = No
>         debug uid = No
>         protocol = NT1
>         large readwrite = Yes
>         max protocol = NT1
>         min protocol = CORE
>         read bmpx = No
>         read raw = Yes
>         write raw = Yes
>         nt smb support = Yes
>         nt pipe support = Yes
>         nt status support = Yes
>         announce version = 4.9
>         announce as = NT
>         max mux = 50
>         max xmit = 16644
>         name resolve order = lmhosts host wins bcast
>         max ttl = 259200
>         max wins ttl = 518400
>         min wins ttl = 21600
>         time server = No
>         unix extensions = No
>         change notify timeout = 60
>         deadtime = 0
>         getwd cache = Yes
>         keepalive = 300
>         lpq cache time = 10
>         max smbd processes = 0
>         max disk size = 0
>         max open files = 10000
>         name cache timeout = 660
>         read size = 16384
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         stat cache size = 50
>         use mmap = Yes
>         total print jobs = 0
>         load printers = Yes
>         printcap name = lpstat
>         disable spoolss = No
>         enumports command = 
>         addprinter command = 
>         deleteprinter command = 
>         show add printer wizard = Yes
>         os2 driver map = 
>         strip dot = No
>         mangling method = hash
>         character set = 
>         mangled stack = 50
>         stat cache = Yes
>         domain admin group = Administrator @adm @Administrators @wheel root
>         domain guest group = 
>         machine password timeout = 604800
>         add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d
/dev/null -g Machines -s /bin/false %u
>         delete user script = 
>         logon script = 
>         logon path = \\%N\%U\profile
>         logon drive = 
>         logon home = \\%N\%U
>         domain logons = Yes
>         os level = 33
>         lm announce = Auto
>         lm interval = 60
>         preferred master = Yes
>         local master = Yes
>         domain master = Yes
>         browse list = Yes
>         enhanced browsing = Yes
>         dns proxy = No
>         wins proxy = No
>         wins server = 
>         wins support = No
>         wins hook = 
>         kernel oplocks = Yes
>         lock spin count = 3
>         lock spin time = 10
>         oplock break wait time = 0
>         ldap server = 127.0.0.1
>         ldap port = 389
>         ldap suffix = dc=microverse,dc=net
>         ldap filter = (&(uid=%u)(objectclass=sambaAccount))
>         ldap admin dn = cn=root,dc=microverse,dc=net
>         ldap ssl = no
>         add share command = 
>         change share command = 
>         delete share command = 
>         config file = 
>         preload = 
>         lock dir = /var/cache/samba
>         pid directory = /var/run/samba
>         utmp directory = 
>         wtmp directory = 
>         utmp = No
>         default service = 
>         message command = 
>         dfree command = 
>         valid chars = 
>         remote announce = 
>         remote browse sync = 
>         socket address = 0.0.0.0
>         homedir map = auto.home
What is homedir map?
>         time offset = 0
>         NIS homedir = No
>         source environment = 
>         panic action = 
>         hide local users = No
>         host msdfs = No
>         winbind uid = 
>         winbind gid = 
>         template homedir = /home/%D/%U
>         template shell = /bin/false
>         winbind separator = \
>         winbind cache time = 15
>         winbind enum users = Yes
>         winbind enum groups = Yes
>         winbind use default domain = No
>         comment = 
>         path = 
>         alternate permissions = No
>         username = 
>         guest account = nobody
>         invalid users = 
>         valid users = 
>         admin users = 
>         read list = 
>         write list = 
>         printer admin = 
>         force user = 
>         force group = 
>         read only = Yes
>         create mask = 0744
>         force create mode = 00
>         security mask = 0777
>         force security mode = 00
>         directory mask = 0755
>         force directory mode = 00
>         directory security mask = 0777
>         force directory security mode = 00
>         force unknown acl user = 00
>         inherit permissions = No
>         inherit acls = No
>         guest only = No
>         guest ok = No
>         only user = No
>         hosts allow = 
>         hosts deny = 
>         status = Yes
>         nt acl support = Yes
>         profile acls = No
>         block size = 1024
>         max connections = 0
>         min print space = 0
>         strict allocate = No
>         strict sync = No
>         sync always = No
>         use sendfile = No
>         write cache size = 0
>         max print jobs = 1000
>         printable = No
>         postscript = No
>         printing = cups
>         print command = lpr -r -P%p %s
>         lpq command = lpq -P%p
>         lprm command = lprm -P%p %j
>         lppause command = 
>         lpresume command = 
>         queuepause command = 
>         queueresume command = 
>         printer name = 
>         use client driver = No
>         default devmode = No
>         printer driver = 
>         printer driver file = /etc/samba/printers.def
>         printer driver location = 
>         default case = lower
>         case sensitive = No
>         preserve case = Yes
>         short preserve case = Yes
>         mangle case = No
>         mangling char = ~
>         hide dot files = Yes
>         hide unreadable = No
>         delete veto files = No
>         veto files = 
>         hide files = 
>         veto oplock files = 
>         map system = No
>         map hidden = No
>         map archive = Yes
>         mangled names = Yes
>         mangled map = 
>         browseable = Yes
>         blocking locks = Yes
>         csc policy = manual
>         fake oplocks = No
>         locking = Yes
>         oplocks = Yes
>         level2 oplocks = Yes
>         oplock contention limit = 2
>         posix locking = Yes
>         strict locking = No
>         share modes = Yes
>         copy = 
>         include = 
>         exec = 
>         preexec close = No
>         postexec = 
>         root preexec = 
>         root preexec close = No
>         root postexec = 
>         available = Yes
>         volume = 
>         fstype = NTFS
>         set directory = No
>         wide links = Yes
>         follow symlinks = Yes
>         dont descend = 
>         magic script = 
>         magic output = 
>         delete readonly = No
>         dos filemode = No
>         dos filetimes = No
>         dos filetime resolution = No
>         fake directory create times = No
>         vfs object = 
>         vfs options = 
>         msdfs root = No
> 
> [homes]
>         comment = Home Directories
>         read only = No
>         browseable = No
> 
> [netlogon]
>         comment = Network Logon Service
>         path = /var/lib/samba/netlogon
>         guest ok = Yes
> 
> [printers]
>         comment = All Printers
>         path = /var/spool/samba
>         create mask = 0700
>         guest ok = Yes
>         printable = Yes
>         print command = lpr-cups -P %p -o raw %s -r   # using client side
printer drivers.
>         browseable = No
> 
> [print$]
>         path = /var/lib/samba/printers
>         write list = @adm root
> 
> [pdf-generator]
>         comment = PDF Generator (only valid users)
>         path = /var/tmp
>         printable = Yes
>         print command = /usr/share/samba/scripts/print-pdf %s ~%u
\\\\\\\\%L\\\\%u %m %I &
> 
> [public]
>         path = /home/storeage
>         read only = No
>         guest only = Yes
>         guest ok = Yes

> add user script = /usr/share/samba/scripts/smbldap-useradd.pl
 >    -w -d /dev/null -g Machines -s /bin/false %u interval
 >
> For some reason I cannot fathom, Samba isn't calling the script.  Can 
> anyone tell me what kinds of things  might cause Samba to behave this 
> way?  Anyone know a way around it?
I asked about this a few months ago, from memory. One of the developers 
got back to me and said the code seemed to have disappeared for some 
bizarre reason. I think he was going to reimplement it in a better way 
or something...

(I ended up using winbind+nss instead, but I wasn't a PDC (or LDAP) so 
that probably doesn't help you...)

-- 
ANDREW FUREY <andrew@terminus.net.au> - Sysadmin/developer for Terminus.
Providing online networks of Australian lawyers (http://www.ilaw.com.au)
and Linux experts (http://www.linuxconsultants.com.au) for instant help!
Disclaimer: http://www.terminus.net.au/disclaimer.html. GCS L+++ P++ t++