Hi List. I've got SAMBA 3.0.7 with LDAP passwd backend (OpenLDAP 2.2.15) on Solaris 9 box. When joining the domain I have permanent error "The user name could not be found". To add machine I use account "administrator" which is already exist in SAMBA/LDAP with uid=0 and proper password. I have "add machine script" directive in smb.conf file and I see that it works when I try to join the domain. add machine script = /usr/local/sbin/smbldap-useradd -w %u This script is from IDEALX smbldap-tools 0.8.5 package which is supposed to be comparaible with SAMBA 3.0. In the IDELX doc file they say that "add machine script" adds only Posix stuff for machine LDAP account. And the rest should be added automatically during join process. So, Posiix account for machine is successfully created but not BAMBA one. And in LDAP log file I see no attempts from SAMBA server to do that. Neither see I errors in SAMBA log. My question is: what are the steps during the domain join process with SAMBA + LDAP as backend? Thanks for any hint. A.
Alexei Monastyrnyi wrote:> I've got SAMBA 3.0.7 with LDAP passwd backend (OpenLDAP 2.2.15) on > Solaris 9 box. > > When joining the domain I have permanent error "The user name could not > be found".Did you check that both machine and user sufficies point to the same location? I suspect that IDEALXs scripts and Samba assume that. Exctract from my smb.conf: ldap machine suffix = ou=People ldap user suffix = ou=People Did you check your LDAP tree if Posix record was added for machine? Igor
> Did you check that both machine and user sufficies point to the same > location? I suspect that IDEALXs scripts and Samba assume that. > > Exctract from my smb.conf: > ldap machine suffix = ou=People > ldap user suffix = ou=People >Not necessarily... My IDEALX scripts are configured to store SAMBA machines in ou=Computers. So SAMBA is. extract from IDEALX config # Where are stored Users # Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" usersdn="ou=people,${suffix}" # Where are stored Computers # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" computersdn="ou=Computers,${suffix}" # computersdn="ou=people,${suffix}" # Where are stored Groups # Ex groupsdn="ou=Groups,dc=IDEALX,dc=ORG" groupsdn="ou=Groups,${suffix}" Extract from smb.conf ldap user suffix = ou=People ldap group suffix = ou=Groups ldap machine suffix = ou=Computers> Did you check your LDAP tree if Posix record was added for machine?Positive. Posix machine account is created during join operation, under ou=Computers, as it is desired... A.
UPDATE THE DOCS!!! For christ's sake, I've killed 3 days over this. And i'm pretty sure i'm not the only one. On Friday 17 September 2004 16:57, Alexei Monastyrnyi wrote:> Hi List. > > I've got SAMBA 3.0.7 with LDAP passwd backend (OpenLDAP 2.2.15) on > Solaris 9 box. > > When joining the domain I have permanent error "The user name could not > be found". > To add machine I use account "administrator" which is already exist in > SAMBA/LDAP with uid=0 and proper password. > > I have "add machine script" directive in smb.conf file and I see that > it works when I try to join the domain. > > add machine script = /usr/local/sbin/smbldap-useradd -w %u > > This script is from IDEALX smbldap-tools 0.8.5 package which is supposed > to be comparaible with SAMBA 3.0. > In the IDELX doc file they say that "add machine script" adds only Posix > stuff for machine LDAP account. And the rest should be added > automatically during join process. > So, Posiix account for machine is successfully created but not BAMBA one. > And in LDAP log file I see no attempts from SAMBA server to do that. > Neither see I errors in SAMBA log. > > My question is: what are the steps during the domain join process with > SAMBA + LDAP as backend? > > Thanks for any hint. > > A.