Dear list,
Arghl! (I'm sure you know the feeling).
I'm still hooked on Samba by example, and trying to add users to my ldap
tree.
$ smbldap-useradd -m -a ldaptest2
Can't call method "get_value" on an undefined value at
/usr/sbin/smbldap-useradd line 197
The documentation of the smbldap scripts mentions this sort of error
(albeit with a different line number). Two possible problems are
proposed:
1. the default group defined in smbldap.conf does not exist (the one
with defaultUserGid 513)
2. the NT "Domain Users" group is not mapped to a unix group of rid
513
=> I checked both. The group exists, it's called "Domain
Users", I can
chgrp a file on the samba/ldap system to 513 and ls -l shows it's
owned by Domain Users.
=> $ net groupmap list
shows thet "Domain Users" is linked to a group called "Domain
Users"
(which makes sense).
If I leave the option -a of smbldap-useradd, the command completes
with no error but off course my new user isn't a Windows user then
(pretty useless). So it's not an LDAP permissions issue since the
object /is/ created. (Why can't this script be a bit more verbose?)
--
Frank Van Damme A: Because it destroys the flow of the conversation
Q: Why is it bad?
A: No, it's bad.
Q: Should I top post in replies to mails or on usenet?
Does it work if you run it as root? On 26/09/2007, Frank Van Damme <frank.vandamme@gmail.com> wrote:> > Dear list, > > Arghl! (I'm sure you know the feeling). > I'm still hooked on Samba by example, and trying to add users to my ldap > tree. > > $ smbldap-useradd -m -a ldaptest2 > Can't call method "get_value" on an undefined value at > /usr/sbin/smbldap-useradd line 197 > > The documentation of the smbldap scripts mentions this sort of error > (albeit with a different line number). Two possible problems are > proposed: > 1. the default group defined in smbldap.conf does not exist (the one > with defaultUserGid 513) > 2. the NT "Domain Users" group is not mapped to a unix group of rid 513 > > => I checked both. The group exists, it's called "Domain Users", I can > chgrp a file on the samba/ldap system to 513 and ls -l shows it's > owned by Domain Users. > > => $ net groupmap list > shows thet "Domain Users" is linked to a group called "Domain Users" > (which makes sense). > > If I leave the option -a of smbldap-useradd, the command completes > with no error but off course my new user isn't a Windows user then > (pretty useless). So it's not an LDAP permissions issue since the > object /is/ created. (Why can't this script be a bit more verbose?) > > -- > Frank Van Damme A: Because it destroys the flow of the conversation > Q: Why is it bad? > A: No, it's bad. > Q: Should I top post in replies to mails or on usenet? > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >
Hi, which version of the smbldap-tools are you using ? Have you check your configuration files ? Have you include samba schema to slapd.conf definition ? Are you sure you don't have ACL access problem ? -- Jerome On 9/26/07, Frank Van Damme <frank.vandamme@gmail.com> wrote:> Dear list, > > Arghl! (I'm sure you know the feeling). > I'm still hooked on Samba by example, and trying to add users to my ldap tree. > > $ smbldap-useradd -m -a ldaptest2 > Can't call method "get_value" on an undefined value at > /usr/sbin/smbldap-useradd line 197 > > The documentation of the smbldap scripts mentions this sort of error > (albeit with a different line number). Two possible problems are > proposed: > 1. the default group defined in smbldap.conf does not exist (the one > with defaultUserGid 513) > 2. the NT "Domain Users" group is not mapped to a unix group of rid 513 > > => I checked both. The group exists, it's called "Domain Users", I can > chgrp a file on the samba/ldap system to 513 and ls -l shows it's > owned by Domain Users. > > => $ net groupmap list > shows thet "Domain Users" is linked to a group called "Domain Users" > (which makes sense). > > If I leave the option -a of smbldap-useradd, the command completes > with no error but off course my new user isn't a Windows user then > (pretty useless). So it's not an LDAP permissions issue since the > object /is/ created. (Why can't this script be a bit more verbose?) > > -- > Frank Van Damme A: Because it destroys the flow of the conversation > Q: Why is it bad? > A: No, it's bad. > Q: Should I top post in replies to mails or on usenet? > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >-- J?r?me