mamue@lb-bbs1.emd.ni.schule.de
2003-Dec-27 19:21 UTC
[Samba] smbpasswd -a -m machine fails: "Failed to modify password entry"
Hi,
i try to create a new machine account, like i always did, but haven't done
since 3.x. My backend is ldap:
passdb backend = ldapsam:ldap://fileserver
idmap backend = ldapsam:ldap://fileserver
As root I do the following:
smbpasswd -D 10 -a -m admeta
---------------------------------
Netbios name list:-
my_netbios_names[0]="FILESERVER"
tdb(unnamed): tdb_brlock failed (fd=3) at offset 4 rw_type=1 lck_type=13:
Resource temporarily unavailable
Trying to load: ldapsam:ldap://fileserver
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match ldapsam:ldap://fileserver
(ldapsam)
Found pdb backend ldapsam
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))]
smbldap_search_suffix: searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))]
smbldap_open_connection: ldap://fileserver
smbldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server ldap://fileserver as
"cn=root,dc=bbs1-emden,dc=schule"
ldap_connect_system: succesful connection to the LDAP server
The LDAP server is succesful connected
pdb backend ldapsam:ldap://fileserver has a valid init
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
smbldap_search_suffix: searching
for:[(&(uid=admeta$)(objectclass=sambaSamAccount))]
ldapsam_getsampwnam: Unable to locate user [admeta$] count=0
Finding user admeta$
Trying _Get_Pwnam(), username as lowercase is admeta$
Trying _Get_Pwnam(), username as uppercase is ADMETA$
Checking combinations of 0 uppercase letters in admeta$
Get_Pwnam_internals didn't find user [admeta$]!
Failed to initialise SAM_ACCOUNT for user admeta$.
Failed to modify password entry for user admeta$
----------------------------------------------------
What do I do wrong?
ldapsearch -x -D ADMIN-DN -w "secret" uid=admeta* says:
dn: uid=admeta$,ou=hardware,dc=bbs1-emden,dc=schule
objectClass: posixAccount
objectClass: account
cn: admeta$
uid: admeta$
uidNumber: 10090
gidNumber: 502
homeDirectory: /home/admeta
loginShell: /bin/false
description: machine
l: ver
userPassword:: e1NNRDV9VnFXV0F0Z2JBKzVyYTFLN2VwVzVIOGlUM3h3PQ=
The machine is in group ou=hardware. My /etc/ldap.conf is:
URI ldap://localhost:389/
BASE dc=bbs1-emden,dc=schule
pam_filter objectclass=posixAccount
pam_login_attribute uid
nss_base_passwd ou=accounts,dc=bbs1-emden,dc=schule?one
nss_base_group ou=groups,dc=bbs1-emden,dc=schule?one
My smb.conf is:
[global]
workgroup = BBS1_EMDEN
passdb backend = ldapsam:ldap://fileserver
idmap backend = ldapsam:ldap://fileserver
ldap suffix = dc=bbs1-emden,dc=schule
ldap user suffix = ou=accounts
ldap group suffix = ou=groups
ldap machine suffix = ou=hardware
ldap idmap suffix = ou=idmap
idmap uid = 40000-60000
idmap gid = 40000-60000
ldap admin dn = cn=root,dc=bbs1-emden,dc=schule
ldap ssl = off
I tried various things, but I simply have no idea what might be wrong.
(tried cn=admeta$, copied uid=admeta$ to ou=accounts => duplicate entries)
Has anybody any idea?
Thanks,
Malte Mueller
John H Terpstra
2003-Dec-27 22:10 UTC
[Samba] smbpasswd -a -m machine fails: "Failed to modify password entry"
Hi, Please put the machine accounts into the People (in your case the 'accounts') container. This is a known bug in Samba-3 - it does not search the Computers (in your case 'hardware') container for computer accounts. This should solve your problem. - John T. On Sat, 27 Dec 2003 mamue@lb-bbs1.emd.ni.schule.de wrote:> Hi, > > i try to create a new machine account, like i always did, but haven't done > since 3.x. My backend is ldap: > passdb backend = ldapsam:ldap://fileserver > idmap backend = ldapsam:ldap://fileserver > As root I do the following: > smbpasswd -D 10 -a -m admeta > --------------------------------- > Netbios name list:- > my_netbios_names[0]="FILESERVER" > tdb(unnamed): tdb_brlock failed (fd=3) at offset 4 rw_type=1 lck_type=13: > Resource temporarily unavailable > Trying to load: ldapsam:ldap://fileserver > Attempting to register passdb backend ldapsam > Successfully added passdb backend 'ldapsam' > Attempting to register passdb backend ldapsam_compat > Successfully added passdb backend 'ldapsam_compat' > Attempting to register passdb backend smbpasswd > Successfully added passdb backend 'smbpasswd' > Attempting to register passdb backend tdbsam > Successfully added passdb backend 'tdbsam' > Attempting to register passdb backend guest > Successfully added passdb backend 'guest' > Attempting to find an passdb backend to match ldapsam:ldap://fileserver > (ldapsam) > Found pdb backend ldapsam > Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))] > smbldap_search_suffix: searching > for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))] > smbldap_open_connection: ldap://fileserver > smbldap_open_connection: connection opened > ldap_connect_system: Binding to ldap server ldap://fileserver as > "cn=root,dc=bbs1-emden,dc=schule" > ldap_connect_system: succesful connection to the LDAP server > The LDAP server is succesful connected > pdb backend ldapsam:ldap://fileserver has a valid init > Attempting to find an passdb backend to match guest (guest) > Found pdb backend guest > pdb backend guest has a valid init > smbldap_search_suffix: searching > for:[(&(uid=admeta$)(objectclass=sambaSamAccount))] > ldapsam_getsampwnam: Unable to locate user [admeta$] count=0 > Finding user admeta$ > Trying _Get_Pwnam(), username as lowercase is admeta$ > Trying _Get_Pwnam(), username as uppercase is ADMETA$ > Checking combinations of 0 uppercase letters in admeta$ > Get_Pwnam_internals didn't find user [admeta$]! > Failed to initialise SAM_ACCOUNT for user admeta$. > Failed to modify password entry for user admeta$ > ---------------------------------------------------- > What do I do wrong? > ldapsearch -x -D ADMIN-DN -w "secret" uid=admeta* says: > dn: uid=admeta$,ou=hardware,dc=bbs1-emden,dc=schule > objectClass: posixAccount > objectClass: account > cn: admeta$ > uid: admeta$ > uidNumber: 10090 > gidNumber: 502 > homeDirectory: /home/admeta > loginShell: /bin/false > description: machine > l: ver > userPassword:: e1NNRDV9VnFXV0F0Z2JBKzVyYTFLN2VwVzVIOGlUM3h3PQ=> > The machine is in group ou=hardware. My /etc/ldap.conf is: > URI ldap://localhost:389/ > BASE dc=bbs1-emden,dc=schule > > pam_filter objectclass=posixAccount > pam_login_attribute uid > nss_base_passwd ou=accounts,dc=bbs1-emden,dc=schule?one > nss_base_group ou=groups,dc=bbs1-emden,dc=schule?one > > My smb.conf is: > [global] > workgroup = BBS1_EMDEN > passdb backend = ldapsam:ldap://fileserver > idmap backend = ldapsam:ldap://fileserver > ldap suffix = dc=bbs1-emden,dc=schule > ldap user suffix = ou=accounts > ldap group suffix = ou=groups > ldap machine suffix = ou=hardware > ldap idmap suffix = ou=idmap > idmap uid = 40000-60000 > idmap gid = 40000-60000 > ldap admin dn = cn=root,dc=bbs1-emden,dc=schule > ldap ssl = off > > I tried various things, but I simply have no idea what might be wrong. > (tried cn=admeta$, copied uid=admeta$ to ou=accounts => duplicate entries) > > Has anybody any idea? > > Thanks, > Malte Mueller > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >-- John H Terpstra Email: jht@samba.org