I'm just storing machine accounts under ou=computer,ou=site,dc=domain,dc=com and it works. Tested with W2K sp2 and W2K sp3, recreating from fresh ldif 2 times were never failed. Im sure it is 'stable' right now :-) 'works' means it was able to add machine trust on-the-fly, or using manual creation with smbpasswd command. The key is in not to use 'objectclass=sambaSamAccount' in ldap filter. Tks to everybody who helps... --beast
On Thu, 15 Jan 2004 16:43:10 +0700 Beast <indorama@rad.net.id> wrote:> > I'm just storing machine accounts under ou=computer,ou=site,dc=domain,dc=com and it works. > > Tested with W2K sp2 and W2K sp3, recreating from fresh ldif 2 times were never failed. Im sure it is 'stable' right now :-) > > 'works' means it was able to add machine trust on-the-fly, or using manual creation with smbpasswd command. > > The key is in not to use 'objectclass=sambaSamAccount' in ldap filter. > > Tks to everybody who helps...Forgot to mention, in case somebody wonder how to make samba work with ldap as pdc, mail me privately, I'll share ldif, smb.conf plus script to add machine and changing password. It should work out of the box :-) --beast
Beast wrote:> > I'm just storing machine accounts under > ou=computer,ou=site,dc=domain,dc=com and it works. > > Tested with W2K sp2 and W2K sp3, recreating from fresh ldif 2 times were > never failed. Im sure it is 'stable' right now :-) > > 'works' means it was able to add machine trust on-the-fly, or using manual > creation with smbpasswd command. > > The key is in not to use 'objectclass=sambaSamAccount' in ldap filter. > > Tks to everybody who helps... > > --beast >I did not use 'objectclass=sambaSamAccount' and 3.0.2pre1 still doesn't work for me using ou=computers -- Fuera Ch?vez