samba - May 2003 - required entries in ldap for samba...

Hi...

 I sucesfully linked my samba install with a ldap database, and smbpasswd -a
works with user adds, etc.  But - I know that in order to join the domain
from WIN2K and XP I need to provide a username/password - exactly what ldif
entries are needed in my ldap db for that?  Is it 'administrator' with
a uid of 0 - Can I use smbpasswd to make this, or ldif/ldapadd?

 Thanks....

-- 
<><  ><> <><  ><> <><  ><>
<><  ><> <><  ><> <><

Ken Kleiner
System Manager
Computer Science Department
Umass Lowell

voice : 978 934 3645
fax : 978 934 3551

cell : 603 930 5582 (emergencies only, please)

ken@cs.uml.edu

Okay.

So - a posix entry for root/uid=0/gid=0 in ldap.  Can it have a null
userPassword entry and a valid lm/nt password entry?  I assume that is best.

After I create the ldan entry, do I need to do :  

	smbpasswd -a root 

Thanks....
> 
> You need to have a user called 'root' with uid=0 and gid=0 in order
to
> join stations to the domain.
> 
> -Tori
> 
> > -----Original Message-----
> > From: samba-bounces@lists.samba.org
> > [mailto:samba-bounces@lists.samba.org] On Behalf Of Ken Kleiner
> > Sent: Friday, May 30, 2003 1:26 PM
> > To: samba@lists.samba.org
> > Subject: [Samba] required entries in ldap for samba...
> >
> >
> > Hi...
> >
> >  I sucesfully linked my samba install with a ldap database,
> > and smbpasswd -a works with user adds, etc.  But - I know
> > that in order to join the domain from WIN2K and XP I need to
> > provide a username/password - exactly what ldif entries are
> > needed in my ldap db for that?  Is it 'administrator' with a
> > uid of 0 - Can I use smbpasswd to make this, or ldif/ldapadd?
> >
> >  Thanks....
> >
> > --
> > <><  ><> <><  ><> <>< 
><> <><  ><> <><  ><> <><
> >
> > Ken Kleiner
> > System Manager
> > Computer Science Department
> > Umass Lowell
> >
> > voice : 978 934 3645
> > fax : 978 934 3551
> >
> > cell : 603 930 5582 (emergencies only, please)
> >
> > ken@cs.uml.edu
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
> 
> 
> 
> 

-- 
<><  ><> <><  ><> <><  ><>
<><  ><> <><  ><> <><

Ken Kleiner
System Manager
Computer Science Department
Umass Lowell

voice : 978 934 3645
fax : 978 934 3551

cell : 603 930 5582 (emergencies only, please)

ken@cs.uml.edu

>  I sucesfully linked my samba install with a ldap database, 
> and smbpasswd -a
> works with user adds, etc.  But - I know that in order to 
> join the domain
> from WIN2K and XP I need to provide a username/password - 
> exactly what ldif
> entries are needed in my ldap db for that?  Is it 'administrator'
with
> a uid of 0 - Can I use smbpasswd to make this, or ldif/ldapadd?
> 
>  Thanks....
> 
you need to make a machine account (that is what the username/password
allows)

There is a utility called smbldap-tools which has a user add script that can
be called transparently when trying to join a computer to the domain.  This
script creates the machine account (machinename$).  You could create them by
hand but that becomes a bit more laborious.

When it asks you for an authorized user/password you can simply use
root/password or if you have domain admin group defined, any of those users
will let allow the script to execute and create the machine account.
> -- 
>