did someone already try vampire with the 3.2.x-release?
since i upgraded from 3.0.x i get problems with the
creation of machine accounts.
when i start sucking a pdc in my ldapserver the following
errors come up with every machineaccount on the pdc:
1.)
Creating account: SP1$
/usr/sbin/smbldap-usermod: user SP1_ doesn't exist
[2008/08/27 14:09:45, 0] groupdb/mapping.c:smb_set_primary_group(312)
smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g
'Domain Users' 'SP1_'' gave 1
2.)
User SP1_ does not exist: create it first !
what instantly strikes is that there is an _ instead
of the $ in the pcname which cannot work.
I guess the second error comes up when the script tries to set
the correct password!? Afterwards nevertheless there are
machineaccount-passwords in the ldap-database but they seem
wrong because machineconnects fail.
everything else is flawlessly imported (users, groups, groupmemberships).
i didn't change anything in the configuration which worked
perfectly with vampire in 3.0.x
ExampleLDAPentry of the above mentioned machine after import:
-------------------------------------------------------------
dn: uid=SP1$,ou=Computers,dc=test,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: SP1$
uid: SP1$
uidNumber: 1071
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: account
entryUUID: be6e3366-087c-102d-9d48-4b401f1e60f4
creatorsName: cn=manager,dc=test,dc=com
createTimestamp: 20080827120929Z
sambaSID: S-1-5-21-378104194-1064922793-1509252994-1090
sambaPrimaryGroupSID: S-1-5-21-378104194-1064922793-1509252994-513
sambaNTPassword: 5C49A9927C59942A46F193C41446FFD5
sambaPwdLastSet: 1162907539
sambaAcctFlags: [W ]
entryCSN: 20080827120929.102086Z#000000#000#000000
modifiersName: cn=manager,dc=test,dc=com
modifyTimestamp: 20080827120929Z
smb.conf (suck-configuration)
-----------------------------
[global]
workgroup = PRESSFK
netbios name = DEBIANPDC
wins server = 192.168.200.3
## Dom?ne
#########
domain master = No
domain logons = Yes
passdb backend = ldapsam:ldap://127.0.0.1
## Benutzerverwaltung ldapsam
#############################
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u'
'%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g'
'%u'
## LDAP
#######
ldap suffix = dc=test,dc=com
ldap admin dn = cn=manager,dc=test,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap passwd sync = Yes
ldap delete dn = Yes
ldap ssl = No
On Wednesday 27 August 2008 07:57:25 Marc Aurel wrote:> did someone already try vampire with the 3.2.x-release? > since i upgraded from 3.0.x i get problems with the > creation of machine accounts. > when i start sucking a pdc in my ldapserver the following > errors come up with every machineaccount on the pdc: > > > 1.) > Creating account: SP1$ > /usr/sbin/smbldap-usermod: user SP1_ doesn't exist > [2008/08/27 14:09:45, 0] groupdb/mapping.c:smb_set_primary_group(312) > smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g > 'Domain Users' 'SP1_'' gave 1 > > 2.) > User SP1_ does not exist: create it first ! > > > what instantly strikes is that there is an _ instead > of the $ in the pcname which cannot work. > I guess the second error comes up when the script tries to set > the correct password!? Afterwards nevertheless there are > machineaccount-passwords in the ldap-database but they seem > wrong because machineconnects fail. > everything else is flawlessly imported (users, groups, groupmemberships). > i didn't change anything in the configuration which worked > perfectly with vampire in 3.0.x > > > ExampleLDAPentry of the above mentioned machine after import: > ------------------------------------------------------------- > > dn: uid=SP1$,ou=Computers,dc=test,dc=com > objectClass: top > objectClass: account > objectClass: posixAccount > objectClass: sambaSamAccount > cn: SP1$ > uid: SP1$ > uidNumber: 1071 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > structuralObjectClass: account > entryUUID: be6e3366-087c-102d-9d48-4b401f1e60f4 > creatorsName: cn=manager,dc=test,dc=com > createTimestamp: 20080827120929Z > sambaSID: S-1-5-21-378104194-1064922793-1509252994-1090 > sambaPrimaryGroupSID: S-1-5-21-378104194-1064922793-1509252994-513 > sambaNTPassword: 5C49A9927C59942A46F193C41446FFD5 > sambaPwdLastSet: 1162907539 > sambaAcctFlags: [W ] > entryCSN: 20080827120929.102086Z#000000#000#000000 > modifiersName: cn=manager,dc=test,dc=com > modifyTimestamp: 20080827120929Z > > > smb.conf (suck-configuration) > ----------------------------- > > [global] > workgroup = PRESSFK > netbios name = DEBIANPDC > wins server = 192.168.200.3 > > ## Dom?ne > ######### > domain master = No > domain logons = Yes > passdb backend = ldapsam:ldap://127.0.0.1 > > ## Benutzerverwaltung ldapsam > ############################# > add user script = /usr/sbin/smbldap-useradd -m '%u' > delete user script = /usr/sbin/smbldap-userdel '%u' > add machine script = /usr/sbin/smbldap-useradd -w '%u' > add group script = /usr/sbin/smbldap-groupadd -p '%g' > delete group script = /usr/sbin/smbldap-groupdel '%g' > add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' > delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' > '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' > > ## LDAP > ####### > ldap suffix = dc=test,dc=com > ldap admin dn = cn=manager,dc=test,dc=com > ldap machine suffix = ou=Computers > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap idmap suffix = ou=Idmap > ldap passwd sync = Yes > ldap delete dn = Yes > ldap ssl = NoPlease file a bug report on https://bugzilla.samba.org Thanks. - John T.