I can't really guess the point of your intelligent answer from this. If I have to assume you're surprised, I guess I am too. The cn exists in ldap, with all the attributes that I imported from other databases, the message given by smbpasswd suggests that it either tried to create an entry or update it with sambaaccount attributes ( which it didn't ), neither of which are the expected results. can you be more specific? maybe I'm misunderstanding how this should work alltogether. thanx in advance Ruth Chaplin wrote:> WHAT?? > > -----Original Message----- > From: samba-bounces+nhoward=brokers-online.co.uk@lists.samba.org > [mailto:samba-bounces+nhoward=brokers-online.co.uk@lists.samba.org] On > Behalf Of synrat > Sent: 31 January 2005 16:13 > To: samba@lists.samba.org > Subject: Re: [Samba] ldap smbpasswd > > > > I think I got passed this by uncommenting a lot of stuff > in samba.schema ( smbpasswd error messages were informative enough, > thank you ). Now I'm stuck with this when trying smpasswd -a to add > samba attributes to ldap account. it seems like smbpasswd is trying to > add an entry, instead of updating it. I don't see any switches to > smbpasswd to modify its behavior. Any thoughts ? > > ldapsam_modify_entry: Failed to add user dn= > uid=username,ou=People,dc=edpausa,dc=com with: Already exists > > > synrat wrote: > >>freebsd 5.3, samba 3.10 >> >>I get this far with LDAP/Samba integrationg. >>Stuck on creating users/machines with smbpasswd -a (-m) username >>command. >> >>schema files weren't modified, everything else is pretty much at >>defaults. >> >>First the relevant config parts: >> >>passdb backend = ldapsam_compat:ldap://localhost/ >>ldap suffix = dc=company,dc=com >>ldap machine suffix = ou=Computers >>ldap user suffix = ou=People >>ldap admin dn = "cn=Manager,dc=company,dc=com" >>------------------------------------- >> >>include /usr/local/etc/openldap/schema/core.schema >>include /usr/local/etc/openldap/schema/cosine.schema >>include /usr/local/etc/openldap/schema/nis.schema >>include /usr/local/etc/openldap/schema/inetorgperson.schema >>include /usr/local/etc/openldap/schema/samba.schema >> >>access to attrs=userPassword,sambaLMPassword,sambaNTPassword >> by self write >> by anonymous auth >> by * none >>access to * >> by * read >> >>------------------------------------------ >> >>bash-2.05b# smbpasswd -D 256 -a username >>Netbios name list:- >>my_netbios_names[0]="SKYWALKER" >>Trying to load: ldapsam_compat:ldap://localhost/ >>Attempting to register passdb backend ldapsam >>Successfully added passdb backend 'ldapsam' >>Attempting to register passdb backend ldapsam_compat Successfully >>added passdb backend 'ldapsam_compat' Attempting to register passdb >>backend smbpasswd Successfully added passdb backend 'smbpasswd' >>Attempting to register passdb backend tdbsam >>Successfully added passdb backend 'tdbsam' >>Attempting to register passdb backend guest >>Successfully added passdb backend 'guest' >>Attempting to find an passdb backend to match >>ldapsam_compat:ldap://localhost/ (ldapsam_compat) >>Found pdb backend ldapsam_compat >>pdb backend ldapsam_compat:ldap://localhost/ has a valid init >>Attempting to find an passdb backend to match guest (guest) >>Found pdb backend guest >>pdb backend guest has a valid init >>New SMB password: >>Retype new SMB password: >>smbldap_search: base => [dc=company,dc=com], filter => >>[(&(uid=username)(objectclass=sambaAccount))], scope => >>[2]smbldap_open_connection: ldap://localhost/ >>smbldap_open_connection: connection opened >>ldap_connect_system: Binding to ldap server ldap://localhost/ as >>"cn=Manager,dc=company,dc=com" >>ldap_connect_system: succesful connection to the LDAP server >>The LDAP server is succesfully connected >>ldapsam_getsampwnam: Unable to locate user [username] count=0 >>Finding user username >>Trying _Get_Pwnam(), username as lowercase is username >>Get_Pwnam_internals did find user [username]! >>pdb_set_username: setting username username, was >>element 12 -> now SET >>pdb_set_full_name: setting full name User Name, was >>element 13 -> now SET >>pdb_set_unix_homedir: setting home dir /home/username, was NULL >>element 22 -> now SET >>pdb_set_domain: setting domain SKYWALKER, was >>element 14 -> now DEFAULT >>pdb_set_user_sid: setting user sid >>S-1-5-21-2472404719-3990724825-3229645963-3008 >>element 18 -> now SET >>pdb_set_user_sid_from_rid: >> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 > > >>from rid 3008 >>smbldap_search: base => [dc=company,dc=com], filter => >>[(&(objectClass=sambaGroupMapping)(gidNumber=1004))], scope => [2] >>smbldap_open: already connected to the LDAP server >>ldapsam_getgroup: Did not find group >>pdb_set_group_sid: setting group sid >>S-1-5-21-2472404719-3990724825-3229645963-3009 >>element 19 -> now SET >>pdb_set_group_sid_from_rid: >> setting group sid > > S-1-5-21-2472404719-3990724825-3229645963-3009 > >>from rid 3009 >>Home server: skywalker >>pdb_set_profile_path: setting profile path > > \\skywalker\username\profile, > >>was >>element 2 -> now DEFAULT >>Home server: skywalker >>pdb_set_homedir: setting home dir \\skywalker\username, was >>element 1 -> now DEFAULT >>pdb_set_dir_drive: setting dir drive , was NULL >>element 3 -> now DEFAULT >>pdb_set_logon_script: setting logon script , was >>element 4 -> now DEFAULT >>element 20 -> now DEFAULT >>pdb_init_sam_new: no RID specified. Generating one via old algorithm >>pdb_set_user_sid: setting user sid >>S-1-5-21-2472404719-3990724825-3229645963-3008 >>element 18 -> now SET >>pdb_set_user_sid_from_rid: >> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 > > >>from rid 3008 >>element 20 -> now CHANGED >>element 20 -> now CHANGED >>element 33 -> now CHANGED >>element 32 -> now CHANGED >>element 11 -> now CHANGED >>element 21 -> now CHANGED >>account_policy_get: maximum password age:-1 >>element 10 -> now CHANGED >>account_policy_get: minimum password age:0 >>element 9 -> now CHANGED >>account_policy_get: password history:0 >>element 34 -> now CHANGED >>smbldap_search: base => [dc=company,dc=com], filter => >>[(&(uid=username)(objectclass=sambaAccount))], scope => > > [2]smbldap_open: > >>already connected to the LDAP server >>element 18: SET >>smbldap_search: base => [dc=company,dc=com], filter => >>[(&(rid=3008)(objectclass=sambaAccount))], scope => [2] >>smbldap_open: already connected to the LDAP server >>smbldap_search: base => [dc=company,dc=com], filter => > > [(uid=username)], > >>scope => [2] >>smbldap_open: already connected to the LDAP server >>ldapsam_add_sam_account: Adding new user >>element 12: SET >>init_ldap_from_sam: Setting entry for user: username >>element 18: SET >>element 19: SET >>element 13: SET >>element 23: DEFAULT >>element 23: DEFAULT >>element 24: DEFAULT >>element 24: DEFAULT >>element 26: DEFAULT >>element 26: DEFAULT >>element 1: DEFAULT >>element 1: DEFAULT >>element 3: DEFAULT >>element 3: DEFAULT >>element 4: DEFAULT >>element 4: DEFAULT >>element 2: DEFAULT >>element 2: DEFAULT >>element 5: DEFAULT >>element 5: DEFAULT >>element 6: DEFAULT >>element 6: DEFAULT >>element 7: DEFAULT >>element 7: DEFAULT >>element 9: SET >>element 9: CHANGED >>element 9: SET >>element 9: CHANGED >>element 10: SET >>element 10: CHANGED >>element 10: SET >>element 10: CHANGED >>element 32: SET >>element 32: CHANGED >>element 32: SET >>element 32: CHANGED >>element 33: SET >>element 33: CHANGED >>element 33: SET >>element 33: CHANGED >>element 34: SET >>element 34: CHANGED >>element 34: SET >>element 34: CHANGED >>account_policy_get: password history:0 >>element 21: SET >>element 21: CHANGED >>element 21: SET >>element 21: CHANGED >>element 27: DEFAULT >>element 27: DEFAULT >>element 20: SET >>element 20: CHANGED >>element 20: SET >>element 20: CHANGED >>element 29: DEFAULT >>element 29: DEFAULT >>smbldap_add: dn => [uid=username,ou=People,dc=company,dc=com] >>smbldap_open: already connected to the LDAP server >>ldapsam_modify_entry: Failed to add user dn= >>uid=company,ou=People,dc=company,dc=com with: Undefined attribute type >> rid: attribute type undefined >>ldapsam_add_sam_account: failed to modify/add user with uid = username > > >>(dn = uid=username,ou=People,dc=company,dc=com) >>Failed to add entry for user username. >>Failed to modify password entry for user username >> >> >> >> > >