So I was having problems getting a machine to join to a samba PDC running on
Solaris 9 using the bundled LDAP server. Ill skip all my previous
troubleshooting steps here (Ive tried just about anything and everything).
Anyway - so I deleted all of the attributes for samba in the directory and
ran the idealx populate script. It seemed to go just fine (the other
scripts seem to work fine too).
When I try to join the domain using the "root" account the Windows XP
PC
comes back with "The following error occurred attempting to join the domain
"SUNDEV"; The user name could not be found".
In the smbd log (at level 10) this is all I get:
[2005/08/08 17:27:35, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324)
_samr_create_user: Running the command
`/usr/local/samba/acctscrp/smbldap-useradd t 5 -w "engrpc$"' gave
9
(and that only happens when I try to add an account twice in a row - Ive
seen gave 1 show up before but its not happening now)
It DOES create a posix account in the right ou, just not the samba piece.
Now Im not sure if Im going off way in the wrong direction here, but when I
try to add a machine account (with the posix information still there from
the script) with pdbedit (-a -m) I get:
ldapsam_modify_entry: Failed to modify user dnuid=engrpc$,ou=Machines,dc=engr,
dc=arizona, dc=edu with: Object class
violation
ldapsam_add_sam_account: failed to modify/add user with uid = engrpc$ (dn
uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu)
Unable to add machine! (does it already exist?)
I get the same error even if the posix information isnt already there. Here
is what it gives me in the ldap logs:
[08/Aug/2005:17:41:22 -0700] - Entry "uid=engrpc$,ou=Machines,dc=engr,
dc=arizona, dc=edu" missing attribute "sambaSID" required by
object class
"sambaSamAccount"
It does NOT give me this if Im using the scripts.
OK, can anyone even point me in the direction I should be looking? I can
see a sambaSID in ldap or by using the net getlocalsid command.
Thanks,
Tony
Well the errors you are describing leads me to a say its a configuration issue in your slapd.conf file. I can try to help you with this. Solaris has a funny way of doing things. Post your configurations. First post your slapd.conf, lets have a look at that. --mmark ----- Original Message ----- From: "Anthony Hess" <tonyh@engr.arizona.edu> To: <samba@lists.samba.org> Sent: Monday, August 08, 2005 5:46 PM Subject: [Samba] Still having samba join domain problems> So I was having problems getting a machine to join to a samba PDC running > on > Solaris 9 using the bundled LDAP server. Ill skip all my previous > troubleshooting steps here (Ive tried just about anything and everything). > > Anyway - so I deleted all of the attributes for samba in the directory and > ran the idealx populate script. It seemed to go just fine (the other > scripts seem to work fine too). > > When I try to join the domain using the "root" account the Windows XP PC > comes back with "The following error occurred attempting to join the > domain > "SUNDEV"; The user name could not be found". > > In the smbd log (at level 10) this is all I get: > > [2005/08/08 17:27:35, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324) > _samr_create_user: Running the command > `/usr/local/samba/acctscrp/smbldap-useradd t 5 -w "engrpc$"' gave 9 > > (and that only happens when I try to add an account twice in a row - Ive > seen gave 1 show up before but its not happening now) > > It DOES create a posix account in the right ou, just not the samba piece. > > Now Im not sure if Im going off way in the wrong direction here, but when > I > try to add a machine account (with the posix information still there from > the script) with pdbedit (-a -m) I get: > > ldapsam_modify_entry: Failed to modify user dn> uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu with: Object class > violation > > ldapsam_add_sam_account: failed to modify/add user with uid = engrpc$ (dn > > uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu) > Unable to add machine! (does it already exist?) > > I get the same error even if the posix information isnt already there. > Here > is what it gives me in the ldap logs: > > [08/Aug/2005:17:41:22 -0700] - Entry "uid=engrpc$,ou=Machines,dc=engr, > dc=arizona, dc=edu" missing attribute "sambaSID" required by object class > "sambaSamAccount" > > It does NOT give me this if Im using the scripts. > > OK, can anyone even point me in the direction I should be looking? I can > see a sambaSID in ldap or by using the net getlocalsid command. > > Thanks, > > Tony > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba
Anthony, Look to see if the RestrictAnonymous setting in the registry on the XP box is set to 2. If it is, set it to 0 or 1, and try to add it again. Set it back to 2 when you're done. Jim> -----Original Message----- > From: Anthony Hess [mailto:tonyh@engr.arizona.edu] > Sent: Monday, August 08, 2005 5:46 PM > To: samba@lists.samba.org > Subject: [Samba] Still having samba join domain problems > > > So I was having problems getting a machine to join to a samba > PDC running on > Solaris 9 using the bundled LDAP server. Ill skip all my previous > troubleshooting steps here (Ive tried just about anything and > everything). > > Anyway - so I deleted all of the attributes for samba in the > directory and > ran the idealx populate script. It seemed to go just fine (the other > scripts seem to work fine too). > > When I try to join the domain using the "root" account the > Windows XP PC > comes back with "The following error occurred attempting to > join the domain > "SUNDEV"; The user name could not be found". > > In the smbd log (at level 10) this is all I get: > > [2005/08/08 17:27:35, 0] > rpc_server/srv_samr_nt.c:_samr_create_user(2324) > _samr_create_user: Running the command > `/usr/local/samba/acctscrp/smbldap-useradd t 5 -w "engrpc$"' gave 9 > > (and that only happens when I try to add an account twice in > a row - Ive > seen gave 1 show up before but its not happening now) > > It DOES create a posix account in the right ou, just not the > samba piece. > > Now Im not sure if Im going off way in the wrong direction > here, but when I > try to add a machine account (with the posix information > still there from > the script) with pdbedit (-a -m) I get: > > ldapsam_modify_entry: Failed to modify user dn> uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu with: Object class > violation > > ldapsam_add_sam_account: failed to modify/add user with uid = > engrpc$ (dn > uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu) > Unable to add machine! (does it already exist?) > > I get the same error even if the posix information isnt > already there. Here > is what it gives me in the ldap logs: > > [08/Aug/2005:17:41:22 -0700] - Entry "uid=engrpc$,ou=Machines,dc=engr, > dc=arizona, dc=edu" missing attribute "sambaSID" required by > object class > "sambaSamAccount" > > It does NOT give me this if Im using the scripts. > > OK, can anyone even point me in the direction I should be > looking? I can > see a sambaSID in ldap or by using the net getlocalsid command. > > Thanks, > > Tony > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >