Hello I set up a Samba 3 PDC with ldap backend. I created an script that adds machine accounts. First it adds the machine account to /etc/passwd and then it creates the user in ldap with smbpasswd -a -m machine. If I run the script by hand, it works and the account has been added. After that I can join the domain without any problems. Now I want to make this machine account creation on the fly. So I added the script to smb.conf as add user script = /path/to/createmachineaccount.sh. If I try to join a domain with a workstation that hasn't any account, the script creates the machine account but on error occurs that I can't log in because the account doesn't exist. After that if I try to join again, the logon process works because it found the machine account. So I have to join every workstation twice, first for user creation and second for joining the domain. Why doesn't this work in one step? On our old samba 2.2.8a PDC with ldap backend, the whole things worked with the same machine add script. I welcome any suggestions. best regards Lukas
* Lukas Meyer <lukas@msys.ch> nulis:> Hello > > I set up a Samba 3 PDC with ldap backend. I created an script that adds > machine accounts. First it adds the machine account to /etc/passwd and > then it creates the user in ldap with smbpasswd -a -m machine. > > If I run the script by hand, it works and the account has been added. > After that I can join the domain without any problems. Now I want to > make this machine account creation on the fly. So I added the script to > smb.conf as add user script = /path/to/createmachineaccount.sh. > > If I try to join a domain with a workstation that hasn't any account, > the script creates the machine account but on error occurs that I can't > log in because the account doesn't exist. After that if I try to join > again, the logon process works because it found the machine account.IMO it was because samba can not 'see' changes in ldap. You have to set sleep time in add machine script? btw, why not putting posix account in ldap directory intead of file? --beast
Am Donnerstag, 11. M?rz 2004 13:28 schrieb Lukas Meyer:> Hello > > I set up a Samba 3 PDC with ldap backend. I created an script that adds > machine accounts. First it adds the machine account to /etc/passwd and > then it creates the user in ldap with smbpasswd -a -m machine. > > If I run the script by hand, it works and the account has been added. > After that I can join the domain without any problems. Now I want to > make this machine account creation on the fly. So I added the script to > smb.conf as add user script = /path/to/createmachineaccount.sh. > > If I try to join a domain with a workstation that hasn't any account, > the script creates the machine account but on error occurs that I can't > log in because the account doesn't exist. After that if I try to join > again, the logon process works because it found the machine account. So > I have to join every workstation twice, first for user creation and > second for joining the domain. > > Why doesn't this work in one step? On our old samba 2.2.8a PDC with ldap > backend, the whole things worked with the same machine add script. > > I welcome any suggestions. > > best regards > Lukashi lucas, can U please support me with the "addmachine script" ? we want to do the same - but i don't really know how. maybe we find the the little failure together. thanks for your support. best regards -- J?rn Fenzel