thr3ads.net - samba - [Samba] Samba 3.0 PDC + LDAP: Workstation account disappearing [Jan 2005]

If this information is useful, please help other people find it:
Share via:

Luca Maranzano

2005-Jan-28 08:04 UTC

[Samba] Samba 3.0 PDC + LDAP: Workstation account disappearing

Hello,

I've a Debian 3.1 box with Samba 3.0.9 acting as a PDC with OpenLDAP
2.1.30, smbldap-tools 0.8.5, libnss-ldap version 220-1.

The problem is this:

Yesterday suddenly a user from a workstation already joined to the
domain could not log on any more.

The log message was:

Workstation HPDX02$: no account in domain

Digging into LDAP I've found that the entry in the LDAP DB exists (I can
see it with "slapcat"), but the strange thing is the following:

- from "getent passwd" I can see the hpdx02$ user
Output: hpdx02$:x:1128:515:Computer:/dev/null:/bin/false

- "finger hpdx02$" reports this:
Login: hpdx02$                          Name: Computer
Directory: /dev/null                    Shell: /bin/false
Never logged in.
No mail.
No Plan.

- id hpdx02$: 
# id hpdx02$
id: hpdx02$: No such user

- doing "pdbedit -L"  the hpdx02$ is not listed.

Si it seems that the entry is in the LDAP but Samba cannot see it
anymore.

Let me know if you need some more info the track down the problem.

Kind regards,
luca

Tony Earnshaw

2005-Jan-29 17:09 UTC

head link

[Samba] Samba 3.0 PDC + LDAP: Workstation account disappearing

Luca Maranzano:

[...]
> Digging into LDAP I've found that the entry in the LDAP DB exists (I
can
> see it with "slapcat"), but the strange thing is the following:
>
> - from "getent passwd" I can see the hpdx02$ user
> Output: hpdx02$:x:1128:515:Computer:/dev/null:/bin/false
>
>
> - "finger hpdx02$" reports this:
> Login: hpdx02$                          Name: Computer
> Directory: /dev/null                    Shell: /bin/false
> Never logged in.
> No mail.
> No Plan.
>
>
> - id hpdx02$:
> # id hpdx02$
> id: hpdx02$: No such user
Looks like a corrupt DB to me. You might want to bring down the LDAP
server and run 'db_recover -c' on it. 'db_stat -m' could help
before and
after this.

OL 2.1.30 would probably use BDB 4.1, which is notorious for its
propensity to crap out DB files. IMHO (well, not just mine ;) OL 2.2.17
and later with (patched) BDB 4.2.52 is utterly stable (for me months of
up-time, user base of around 1.1150 keeping it working at full stretch
throughout the day). However, BDB 4.2.52 needs a carefully tuned DB_CONFIG
configuration file appropriate to the actual DSA that it's running on.
This means much Sleepycat doco reading and a careful understanding ow what
one's doing and why. The following site is extremely helpful:

http://www.stanford.edu/services/directory/openldap/configuration/

--Tonni

--
mail: tonye@billy.demon.nl
http://www.billy.demon.nl

Seemingly Similar Threads

Search for more apparently analagous threads

samba - Jan 2005 - Samba 3.0 PDC + LDAP: Workstation account disappearing

[Samba] Samba 3.0 PDC + LDAP: Workstation account disappearing

[Samba] Samba 3.0 PDC + LDAP: Workstation account disappearing

Seemingly Similar Threads