I think I got passed this by uncommenting a lot of stuff
in samba.schema ( smbpasswd error messages were informative enough,
thank you ). Now I'm stuck with this when trying smpasswd -a to add
samba attributes to ldap account. it seems like smbpasswd is trying to
add an entry, instead of updating it. I don't see any switches to
smbpasswd to modify its behavior. Any thoughts ?
ldapsam_modify_entry: Failed to add user dn=
uid=username,ou=People,dc=edpausa,dc=com with: Already exists
synrat wrote:> freebsd 5.3, samba 3.10
>
> I get this far with LDAP/Samba integrationg.
> Stuck on creating users/machines with smbpasswd -a (-m) username command.
>
> schema files weren't modified, everything else is pretty much at
defaults.
>
> First the relevant config parts:
>
> passdb backend = ldapsam_compat:ldap://localhost/
> ldap suffix = dc=company,dc=com
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=People
> ldap admin dn = "cn=Manager,dc=company,dc=com"
> -------------------------------------
>
> include /usr/local/etc/openldap/schema/core.schema
> include /usr/local/etc/openldap/schema/cosine.schema
> include /usr/local/etc/openldap/schema/nis.schema
> include /usr/local/etc/openldap/schema/inetorgperson.schema
> include /usr/local/etc/openldap/schema/samba.schema
>
> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> by self write
> by anonymous auth
> by * none
> access to *
> by * read
>
> ------------------------------------------
>
> bash-2.05b# smbpasswd -D 256 -a username
> Netbios name list:-
> my_netbios_names[0]="SKYWALKER"
> Trying to load: ldapsam_compat:ldap://localhost/
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match
> ldapsam_compat:ldap://localhost/ (ldapsam_compat)
> Found pdb backend ldapsam_compat
> pdb backend ldapsam_compat:ldap://localhost/ has a valid init
> Attempting to find an passdb backend to match guest (guest)
> Found pdb backend guest
> pdb backend guest has a valid init
> New SMB password:
> Retype new SMB password:
> smbldap_search: base => [dc=company,dc=com], filter =>
> [(&(uid=username)(objectclass=sambaAccount))], scope =>
> [2]smbldap_open_connection: ldap://localhost/
> smbldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server ldap://localhost/ as
> "cn=Manager,dc=company,dc=com"
> ldap_connect_system: succesful connection to the LDAP server
> The LDAP server is succesfully connected
> ldapsam_getsampwnam: Unable to locate user [username] count=0
> Finding user username
> Trying _Get_Pwnam(), username as lowercase is username
> Get_Pwnam_internals did find user [username]!
> pdb_set_username: setting username username, was
> element 12 -> now SET
> pdb_set_full_name: setting full name User Name, was
> element 13 -> now SET
> pdb_set_unix_homedir: setting home dir /home/username, was NULL
> element 22 -> now SET
> pdb_set_domain: setting domain SKYWALKER, was
> element 14 -> now DEFAULT
> pdb_set_user_sid: setting user sid
> S-1-5-21-2472404719-3990724825-3229645963-3008
> element 18 -> now SET
> pdb_set_user_sid_from_rid:
> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008
> from rid 3008
> smbldap_search: base => [dc=company,dc=com], filter =>
> [(&(objectClass=sambaGroupMapping)(gidNumber=1004))], scope => [2]
> smbldap_open: already connected to the LDAP server
> ldapsam_getgroup: Did not find group
> pdb_set_group_sid: setting group sid
> S-1-5-21-2472404719-3990724825-3229645963-3009
> element 19 -> now SET
> pdb_set_group_sid_from_rid:
> setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009
> from rid 3009
> Home server: skywalker
> pdb_set_profile_path: setting profile path \\skywalker\username\profile,
> was
> element 2 -> now DEFAULT
> Home server: skywalker
> pdb_set_homedir: setting home dir \\skywalker\username, was
> element 1 -> now DEFAULT
> pdb_set_dir_drive: setting dir drive , was NULL
> element 3 -> now DEFAULT
> pdb_set_logon_script: setting logon script , was
> element 4 -> now DEFAULT
> element 20 -> now DEFAULT
> pdb_init_sam_new: no RID specified. Generating one via old algorithm
> pdb_set_user_sid: setting user sid
> S-1-5-21-2472404719-3990724825-3229645963-3008
> element 18 -> now SET
> pdb_set_user_sid_from_rid:
> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008
> from rid 3008
> element 20 -> now CHANGED
> element 20 -> now CHANGED
> element 33 -> now CHANGED
> element 32 -> now CHANGED
> element 11 -> now CHANGED
> element 21 -> now CHANGED
> account_policy_get: maximum password age:-1
> element 10 -> now CHANGED
> account_policy_get: minimum password age:0
> element 9 -> now CHANGED
> account_policy_get: password history:0
> element 34 -> now CHANGED
> smbldap_search: base => [dc=company,dc=com], filter =>
> [(&(uid=username)(objectclass=sambaAccount))], scope =>
[2]smbldap_open:
> already connected to the LDAP server
> element 18: SET
> smbldap_search: base => [dc=company,dc=com], filter =>
> [(&(rid=3008)(objectclass=sambaAccount))], scope => [2]
> smbldap_open: already connected to the LDAP server
> smbldap_search: base => [dc=company,dc=com], filter =>
[(uid=username)],
> scope => [2]
> smbldap_open: already connected to the LDAP server
> ldapsam_add_sam_account: Adding new user
> element 12: SET
> init_ldap_from_sam: Setting entry for user: username
> element 18: SET
> element 19: SET
> element 13: SET
> element 23: DEFAULT
> element 23: DEFAULT
> element 24: DEFAULT
> element 24: DEFAULT
> element 26: DEFAULT
> element 26: DEFAULT
> element 1: DEFAULT
> element 1: DEFAULT
> element 3: DEFAULT
> element 3: DEFAULT
> element 4: DEFAULT
> element 4: DEFAULT
> element 2: DEFAULT
> element 2: DEFAULT
> element 5: DEFAULT
> element 5: DEFAULT
> element 6: DEFAULT
> element 6: DEFAULT
> element 7: DEFAULT
> element 7: DEFAULT
> element 9: SET
> element 9: CHANGED
> element 9: SET
> element 9: CHANGED
> element 10: SET
> element 10: CHANGED
> element 10: SET
> element 10: CHANGED
> element 32: SET
> element 32: CHANGED
> element 32: SET
> element 32: CHANGED
> element 33: SET
> element 33: CHANGED
> element 33: SET
> element 33: CHANGED
> element 34: SET
> element 34: CHANGED
> element 34: SET
> element 34: CHANGED
> account_policy_get: password history:0
> element 21: SET
> element 21: CHANGED
> element 21: SET
> element 21: CHANGED
> element 27: DEFAULT
> element 27: DEFAULT
> element 20: SET
> element 20: CHANGED
> element 20: SET
> element 20: CHANGED
> element 29: DEFAULT
> element 29: DEFAULT
> smbldap_add: dn => [uid=username,ou=People,dc=company,dc=com]
> smbldap_open: already connected to the LDAP server
> ldapsam_modify_entry: Failed to add user dn=
> uid=company,ou=People,dc=company,dc=com with: Undefined attribute type
> rid: attribute type undefined
> ldapsam_add_sam_account: failed to modify/add user with uid = username
> (dn = uid=username,ou=People,dc=company,dc=com)
> Failed to add entry for user username.
> Failed to modify password entry for user username
>
>
>
>