Pirkka Luukkonen
2003-Nov-17 10:23 UTC
[Samba] smbpasswd fails to add machine account with ldapsam
Hi! I am seeing other users with the same problem as I have. My samba also fails to add machine accounts. It seems to me if it didn't even try. If I use some other script (pdbedit, smbldap-tools) than smbpasswd it manages to add the account but still fails to authenticate within the same session. If I try again the machine account exists and authentication goes ok. server:~# smbpasswd -a -m machine_name -D 10 Netbios name list:- my_netbios_names[0]="SERVER" Trying to load: ldapsam:ldap://10.0.0.1/ Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam:ldap://10.0.0.1/ (ldapsam) Found pdb backend ldapsam Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))] smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))] smbldap_open_connection: ldap://10.0.0.1/ smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://10.0.0.1/ as "cn=admin,dc=foo,dc=bar" ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesful connected pdb backend ldapsam:ldap://10.0.0.1/ has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init smbldap_search_suffix: searching for:[(&(&(uid=machine_name$)(objectclass=sambaSamAccount))(objectclass=samba SamAccount))] ldapsam_getsampwnam: Unable to locate user [machine_name$] count=0 Finding user machine_name$ Trying _Get_Pwnam(), username as lowercase is machine_name$ Trying _Get_Pwnam(), username as uppercase is MACHINE_NAME$ Checking combinations of 0 uppercase letters in machine_name$ Get_Pwnam_internals didn't find user [machine_name$]! Failed initialise SAM_ACCOUNT for user machine_name$. Failed to modify password entry for user machine_name$ -- Samba 3.0 PDC, Debian Woody, OpenLDAP
Hi, I do believe this is a bug in samba 3. If you use the same ou as the user accounts it will work. Patrick Pirkka Luukkonen wrote:>Hi! > >I am seeing other users with the same problem as I have. My samba also fails >to add machine accounts. It seems to me if it didn't even try. If I use some >other script (pdbedit, smbldap-tools) than smbpasswd it manages to add the >account but still fails to authenticate within the same session. If I try >again the machine account exists and authentication goes ok. > >server:~# smbpasswd -a -m machine_name -D 10 >Netbios name list:- >my_netbios_names[0]="SERVER" >Trying to load: ldapsam:ldap://10.0.0.1/ >Attempting to register passdb backend ldapsam >Successfully added passdb backend 'ldapsam' >Attempting to register passdb backend ldapsam_compat >Successfully added passdb backend 'ldapsam_compat' >Attempting to register passdb backend smbpasswd >Successfully added passdb backend 'smbpasswd' >Attempting to register passdb backend tdbsam >Successfully added passdb backend 'tdbsam' >Attempting to register passdb backend guest >Successfully added passdb backend 'guest' >Attempting to find an passdb backend to match ldapsam:ldap://10.0.0.1/ >(ldapsam) >Found pdb backend ldapsam >Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))] >smbldap_search_suffix: searching >for:[(&(objectClass=sambaDomain)(sambaDomainName=SAMBA))] >smbldap_open_connection: ldap://10.0.0.1/ >smbldap_open_connection: connection opened >ldap_connect_system: Binding to ldap server ldap://10.0.0.1/ as >"cn=admin,dc=foo,dc=bar" >ldap_connect_system: succesful connection to the LDAP server >The LDAP server is succesful connected >pdb backend ldapsam:ldap://10.0.0.1/ has a valid init >Attempting to find an passdb backend to match guest (guest) >Found pdb backend guest >pdb backend guest has a valid init >smbldap_search_suffix: searching >for:[(&(&(uid=machine_name$)(objectclass=sambaSamAccount))(objectclass=samba >SamAccount))] >ldapsam_getsampwnam: Unable to locate user [machine_name$] count=0 >Finding user machine_name$ >Trying _Get_Pwnam(), username as lowercase is machine_name$ >Trying _Get_Pwnam(), username as uppercase is MACHINE_NAME$ >Checking combinations of 0 uppercase letters in machine_name$ >Get_Pwnam_internals didn't find user [machine_name$]! >Failed initialise SAM_ACCOUNT for user machine_name$. >Failed to modify password entry for user machine_name$ > >-- >Samba 3.0 PDC, Debian Woody, OpenLDAP > > >