Hello
Tried to add user in user manager from domains, NT4.0 client, logged in as root
on the NT client. Clicked "New User", filled in nick, description,
full name,
password1, password2 (was dead sure they were the same, carefully typed 9-chars
long stupid passwd). The user wasn't in the database. Then clicked OK.
Never
managed to add user this way.
Checked all the add user, del user etc. scripts, tried manually that they:
* add user
* add group
* add user to group
* delete user from group
* delete user
root is in admin users in smb.conf.
Tried the following version of samba:
CVS head 2003-12-10: "Access is denied"
3.0.1rc1: "Access is denied"
3.0.1rc2: "Access is denied"
3.0.0: "Access is denied"
/etc/passwd and pdbedit -L don't show any new user after this action.
But when the delete user script is removed/made unfunctional, the
user appears in /etc/passwd (but not in pdbedit -L).
Between tests, I removed the client from the domain, killed all connections
in SWAT, removed whole samba, reinstalled, reinitialized databases, put the
client back by pdbedit, rebooted client, ran usrmgr.exe.
Can you help what can be set wrong in my case? Config files and scripts follow.
Logs don't say any error. There is a bunch of DCE RPC calls in ethereal
logs:
17 SAMR_LOOKUP_NAMES
57 SAMR_CONNECT
44 SAMR_GET_USRDOM_PWINFO
7 SAMR_OPEN_DOMAIN
0 SAMR_CONNECT_ANON
7 SAMR_OPEN_DOMAIN
50 SAMR_CREATE_USER
36 SAMR_QUERY_USERINFO
44 SAMR_GET_USRDOM_PWINFO
58 SAMR_SET_USERINFO
35 SAMR_DELETE_USER
1 SAMR_CLOSE_HND
Has anyone working USRMGR.EXE administrastion including adding users?
Can you please paste your config files and additional info necessary
to make this work?
Cl<
_____________________________________________________________________________
/
| /usr/local/samba/lib/smb.conf
\_____________________________________________________________________________
/
| # Samba config file created using SWAT
| # from 127.0.0.1 (127.0.0.1)
| # Date: 2003/11/19 15:51:41
|
| # Global parameters
| [global]
| security = user
| wins support = no
| workgroup = KEVF_D4
| encrypt passwords = yes
| domain logons = yes
| null passwords = yes
| interfaces = eth0
| preferred master = Yes
| domain master = Yes
| debuglevel = 3
| ldap ssl = no
| admin users = admin,prech,root
| hosts allow = 195.113.0.0/255.255.0.0
| # hide local users = yes
| name resolve order=lmhosts,bcast
|
| socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
|
| unix password sync = yes
| passwd program = /bin/passwd
| passwd chat = *ew*password* %n\n *new*password* %n\n
|
| add user to group script = /usr/local/samba/bin/myaddusertogroup
"%u" "%g"
| add user script = /usr/sbin/useradd -c 'Samba User' -d /dev/null -g
smbusers -s /bin/false "%u"
| add machine script = /usr/sbin/useradd -c 'Machine' -d /dev/null -g
machines -s /bin/false "%u"
| add group script = /usr/local/samba/bin/mygroupadd "%g"
| delete group script = /usr/local/samba/bin/mygroupdel "%g"
| delete user script = /usr/sbin/userdel "%u"
| delete user from group script =
/usr/local/samba/bin/mydeleteuserfromgroupscript "%u" "%g"
| delete user script = /usr/sbin/userdel "%u"
|
| map to guest = Bad User
| passdb backend = tdbsam
|
| logon drive = h:
| logon home = \{}\{}oberon\{}%U
| logon path = \{}\{}oberon\}{profiles\{}%U
|
| server schannel = yes
| server signing = auto
|
| [netlogon]
| path=/usr/local/samba/netlogon
| read only = yes
| guest ok = yes
| browseable = yes
| write list = admin prech root
| locking = no
| public = no
| csc policy = disable
|
| [homes]
| comment = Home Directories
| browseable = no
| writable = yes
|
| [admin]
| comment = Admin Home
| writable = yes
| path = /home/admin
|
| [root]
| comment = Root Home
| writable = yes
| path = /home/admin
|
| [test]
| comment = test's home
| writable = yes
| path = /home/test
|
| [linux]
| comment = Linux Kernel Sources
| path = /usr/src/linux
|
| [profiles]
| create mode = 0600
| csc policy = disable
| directory mode = 0700
| comment = Profiles
| path = /usr/local/samba/profiles/
| profile acls = yes
| read only = no
\_____________________________________________________________________________
_____________________________________________________________________________
/
| /usr/local/samba/bin/myaddusertogroup
\_____________________________________________________________________________
/
| #!/bin/bash
|
| # myaddusertogroup <username> <groupname>
|
| username=$1
| groupname=$2
| groups=`cat /etc/group | grep "[,:]$username" | cut -d ':'
-f 1 | tr '\n' ','`
| groups="$groups$groupname"
| usermod -G "$groups" "$username"
|
\_____________________________________________________________________________
_____________________________________________________________________________
/
| /usr/local/samba/bin/mydeleteuserfromgroupscript
\_____________________________________________________________________________
/
| #!/bin/bash
|
| # First argument is user
| # Second argument is group
|
| username=$1
| groupname=$2
| groups=`cat /etc/group | grep "[,:]$username" | cut -d ':'
-f 1 | tr '\n' ','`
| groups=`echo -n "$groups" | sed -e "s/$groupname,//g"`
| groups=`echo -n "$groups" | sed -e 's/,$//'`
| usermod -G "$groups" $username
\_____________________________________________________________________________
_____________________________________________________________________________
/
| /usr/local/samba/bin/mygroupadd
\_____________________________________________________________________________
/
| #!/bin/bash
|
| # Add the group using normal system groupadd tool.
| groupadd smbtmpgrp00
|
| thegid=`cat /etc/group | grep smbtmpgrp00 | cut -d ":" -f3`
|
| # Now change the name to what we want for the MS Windows networking end
| cp /etc/group /etc/group.bak
| cat /etc/group.bak | sed -e "s/smbtmpgrp00/$1/g" > /etc/group
|
| # Now return the GID as would normally happen.
| echo $thegid
| exit 0
|
\_____________________________________________________________________________