J B Bell
2003-Oct-15 18:25 UTC
[Samba] machine accounts aren't added properly with smbldap-useradd.pl + ldap backend
Yay, I finally got my samba 3 PDC working! Following a variety of indirect hints I used the root account to join, rather than trying to mess around with various groups and group mappings. I had done this before, with no good effect, but checked more carefully this time and found that it was my machine account that was not being found, not the root account. Further investigation shows that when using smbldap-useradd.pl -w <machine>, the machine account does not get the objectClass "SambaSAMAccount", and therefore it isn't found when the samba server tries to authenticate it. Using smbldap-useradd.pl -a instead seems to fix this problem, but then the machine is not put into the Computers ou. I can also use an ldap editor (jxplorer, in my case) to manually add the objectclass, but this is less than ideal. Should I add this problem as a bug against smbldap-useradd.pl? Or is that not considered the right tool? I have tried using the smbpasswd method (and yes, I have already done smbpasswd -w); as the unix system uses ldap passwords itself, it should work, but I always get the message 'failed initialise SAM_ACCOUNT for user <machine>'. Any advice, finally, on setting up roaming user profiles? Most of our users have single-machine local accounts, so I'd like to migrate those; we have never had roaming users at all. Thanks everyone for any help you can give! --JB -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20031015/a05ed98a/attachment.bin
Carl Weiss
2003-Oct-15 22:41 UTC
[Samba] Re: machine accounts aren't added properly withsmbldap-useradd.pl + ldap backend
you were so close. It's a combination of the two. /usr/local/bin/smbldap-useradd.pl -a -w computerName from smb.conf add machine script = /usr/local/bin/smbldap-useradd.pl -a -w "%m" -=Carl=- "J B Bell" <jbbell@octigabay.com> wrote in message news:1066242344.29155.27.camel@dogen...> -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba