Working with Samba 3.0 on rh9. Set up samba to use tdbsam (small network,
maybe 30-40 users tops) and be a PDC for the internal network. Will be
joining machines to this domain. My smb.conf file has been configured to
use tdbsam as the backend, and with an add machine script, add user
script, etc.
However, using the command:
pdbedit -a jdoe
results in "could not create account to add new user jdoe
running the useradd script manually (as found in smb.conf) results in the
user being added.
running pdbedit -a -m jdoewks
results in tdb_update_sam: SAM_ACCOUNT (jdoewks$) with no RID!
unable to add machine! (does it already exist)
However, running the machine script adds the machine to the user list
(/etc/passwd), but obviously not the tdbsam.
If I then use the RH9 user and groups tool to delete the machine account,
it asks if I wish to delete the user's home directory, which is /dev/null.
Deleting this is bad, basically destroys the system, and leads to
recovery. Ouch.
I'm missing something. Not sure what..... here is SMB.CONF
#======================= Global Settings
====================================[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MINNESOTA
netbios name = MORPHEUS
server string = Morpheus Samba Server
# if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
printcap name = /etc/printcap
load printers = yes
passdb backend = tdbsam
add user script = /usr/sbin/useradd %u
delete user script = /usr/sbin/userdel %u
add group script = /usr/sbin/groupadd %g
add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false %u
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
security = user
encrypt passwords = yes
# smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
# Unix users can map to different SMB User names
; username map = /etc/samba/smbusers
# Most people will find that this option gives better performance.
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
os level = 33
domain master = yes
preferred master = yes
domain logons = yes
logon drive = U:
logon path = \\morpheus\home\profiles\%u
logon home = \\morpheus\%u
logon script = scripts\%u.cmd
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS
Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT
both
; wins server = w.x.y.z
# Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
; preserve case = no
; short preserve case = no
# Default case is normally upper case for all DOS files
; default case = lower
# Be very careful with case sensitivity - it can break things!
; case sensitive = no
# this is to allow Samba to crete Unix accounts on the samba server
#============================ Share Definitions
=============================[homes]
comment = Home Directories
valid users = %S
browseable = no
read only = no
# Un-comment the following and create the netlogon directory for Domain
Logons
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = yes
write list = root
share modes = no
#NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
[public]
comment = Public Stuff
path = /data/shared/public
public = yes
read only = yes
write list = @users
guest ok = no
#
Thanks for assistance.....
Jon Johnston
Creative Business Solutions
http://www.cbsol.com
952-544-1108
