David Wilson
2004-Feb-26 13:09 UTC
[Samba] Samba-3.0.2 PDC LDAP: Add computer to domain issue with smbldap-tools
Hi guys, I've installed openldap-2.1.25 and Samba-3.0.2 and configured everything with no TLS on a Slackware-9.1 Linux box. To manage the LDAP backed I've used smbldap-tools-0.8.4. After populating the database with smbldap-populate I was able to first add users to /etc/passwd etc. and then to LDAP with smbldap-useradd -a and access the server via Windows PCs. Everything appeared to be working correctly. My only problem is that I cannot seem to get a machine account added correctly. I've added the PC name to /etc/passwd etc. with "useradd -s /bin/false -g computers pc1$" and also run "smbldap-useradd -w pc1". When the computer attempts to join the domain it receives an "unable to join domain" error. It seems that "smbldap-useradd -w pc1" seems to add only a posix account to the LDAP backend ?: ----------- pc1$, Computers, domain.net dn: uid=pc1$,ou=Computers,dc=domain,dc=net objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: pc1$ sn: pc1$ uid: pc1$ uidNumber: 1007 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false description: Computer ------------- I've missed something somewhere for sure ? Perhaps I need nss_ldap ? I've also tried using the smbldap-tools that come with samba-3.0.2. Any suggestions would be greatly appreciated. Thank you kindly. -- Many thanks and kind regards, David Wilson D c D a t a +27 33 3427003 +27 82 4147413 http://www.dcdata.co.za support@dcdata.co.za KZN's first and only pure Linux solution provider ____________________________________________________ LinuxBox S.A.: Africa's shell provider. Powered by Linux and DcData - driven by passion ! http://www.linuxbox.co.za
RRuegner
2004-Feb-26 13:23 UTC
[Samba] Samba-3.0.2 PDC LDAP: Add computer to domain issue withsmbldap-tools
Hi, for ldap you should use the scripts included in samba source from idealix the right line in smb.conf to install a machine account would be add machine script = /usr/local/sbin/smbldap-useradd.pl -w "%u" this works with usrmgr or from command line Regards ----- Original Message ----- From: "David Wilson" <dave@dcdata.co.za> To: <samba@lists.samba.org> Sent: Thursday, February 26, 2004 2:08 PM Subject: [Samba] Samba-3.0.2 PDC LDAP: Add computer to domain issue withsmbldap-tools> Hi guys, > > I've installed openldap-2.1.25 and Samba-3.0.2 and configured everything > with no TLS on a Slackware-9.1 Linux box. > > To manage the LDAP backed I've used smbldap-tools-0.8.4. > After populating the database with smbldap-populate I was able to first > add users to /etc/passwd etc. and then to LDAP with smbldap-useradd -a > and access the server via Windows PCs. Everything appeared to be working > correctly. > > My only problem is that I cannot seem to get a machine account added > correctly. I've added the PC name to /etc/passwd etc. with "useradd -s > /bin/false -g computers pc1$" and also run "smbldap-useradd -w pc1". > When the computer attempts to join the domain it receives an "unable to > join domain" error. It seems that "smbldap-useradd -w pc1" seems to add > only a posix account to the LDAP backend ?: > ----------- > pc1$, Computers, domain.net > dn: uid=pc1$,ou=Computers,dc=domain,dc=net > objectClass: top > objectClass: inetOrgPerson > objectClass: posixAccount > cn: pc1$ > sn: pc1$ > uid: pc1$ > uidNumber: 1007 > gidNumber: 553 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > ------------- > > I've missed something somewhere for sure ? Perhaps I need nss_ldap ? > I've also tried using the smbldap-tools that come with samba-3.0.2. > > Any suggestions would be greatly appreciated. > Thank you kindly. > > -- > > Many thanks and kind regards, > > David Wilson > D c D a t a > +27 33 3427003 > +27 82 4147413 > http://www.dcdata.co.za > support@dcdata.co.za > KZN's first and only pure Linux solution provider > ____________________________________________________ > LinuxBox S.A.: Africa's shell provider. > Powered by Linux and DcData - driven by passion ! > http://www.linuxbox.co.za > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Jérôme Tournier
2004-Feb-26 13:27 UTC
[Samba] Samba-3.0.2 PDC LDAP: Add computer to domain issue with smbldap-tools
Le Thu, Feb 26, 2004 at 03:08:58PM +0200, David Wilson a ecrit:> add users to /etc/passwd etc. and then to LDAP with smbldap-useradd -aWhy don't you put the account in ldap only ? 'smbldap-useradd -a' will add a posix account in the directory: you'll then have 2 accounts with the same username !> My only problem is that I cannot seem to get a machine account added > correctly. I've added the PC name to /etc/passwd etc. with "useradd -s > /bin/false -g computers pc1$" and also run "smbldap-useradd -w pc1". > When the computer attempts to join the domain it receives an "unable to > join domain" error. It seems that "smbldap-useradd -w pc1" seems to add > only a posix account to the LDAP backend ?:Yes. Samba will add the sambaSAMAccoutn objectclass when joining the domain.> I've missed something somewhere for sure ? Perhaps I need nss_ldap ?Yes, you nedd nss_ldap. -- J?r?me