The solution is quite simple: You need to configure pam-nss for
samba to work. Essentially samba is using a 'getent' call to look
up computers independent is configured as passdb backend. That
means the pam-nss must be configured for samba to find the
computer entries in ldap.
I find this very much counter-intuitive !
Thanks to Tom Crummey <tom@ee.ucl.ac.uk>
and John Drescher <drescherjm@gmail.com>
for pointing me into the right direction.
Markus
On 8/21/07, Markus Baertschi <markus@markus.org>
wrote:>
>
> I'm attemtping to configure a Ubuntu server for a bunch of windows
> clients.
> I'd like the authentication information to be in ldap.So far the stuff
> works,
> I can authenticate users in LDAP just fine.
>
> But when I want a windows machine to join the domain I get the
> error 'The user name could not be found'. The computer account
> gets created (via smbldap-tools) and I can see it in the ldap.
> The samba log shows what's happening, when id can not find
> the account it creates it and fails when it can not find the freshly
> created account. Unfortunately the log is net very helpful to point
> find out what is wrong:
> -------------------
> [2007/08/20 20:28:55, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [WINXP1$]!
> [2007/08/20 20:28:56, 3]
> passdb/pdb_interface.c:pdb_default_create_user(368)
> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -t 0
> -w "winxp1$"' gave 0
> [2007/08/20 20:28:56, 5] lib/username.c:Get_Pwnam_alloc(131)
> Finding user WINXP1$
> [2007/08/20 20:28:56, 5] lib/username.c:Get_Pwnam_internals(75)
> Trying _Get_Pwnam(), username as lowercase is winxp1$
> [2007/08/20 20:28:56, 5] lib/username.c:Get_Pwnam_internals(83)
> Trying _Get_Pwnam(), username as given is WINXP1$
> [2007/08/20 20:28:56, 5] lib/username.c:Get_Pwnam_internals(102)
> Checking combinations of 0 uppercase letters in winxp1$
> [2007/08/20 20:28:56, 5] lib/username.c:Get_Pwnam_internals(108)
> Get_Pwnam_internals didn't find user [WINXP1$]!
> [2007/08/20 20:28:56, 3]
> passdb/pdb_interface.c:pdb_default_create_user(384)
> pdb_default_create_user: failed to create a new user structure:
> NT_STATUS_NO_SUCH_USER
> [2007/08/20 20:28:56, 5] rpc_parse/parse_prs.c:prs_debug(84)
> 000000 samr_io_r_create_user
> ------------------
>
> How can I debug and fix this situation ?
>
> Markus
> --
> Markus Baertschi Phone: ++41 (21) 807 1677
> Bas du Ross? 16 Fax : ++41 (21) 807 1678
> CH-1163, Etoy Email: markus@markus.org
> Switzerland Homepage: www.markus.org
--
Markus Baertschi Phone: ++41 (21) 807 1677
Bas du Ross? 16 Fax : ++41 (21) 807 1678
CH-1163, Etoy Email: markus@markus.org
Switzerland Homepage: www.markus.org