samba - Mar 2015 - Fwd: Samba4 + external ldap

After some reading and attempts, I managed to set the Samba4 with the
external openldap.

I tried to add a user through the command "smbpasswd", but an error
occurred, which follows below:

root at sol:~# smbpasswd -a billy
>
> smbldap_search_domain_info: Searching
>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>
> smbldap_open_connection: connection opened
>
> ldap_connect_system: successful connection to the LDAP server
>
> New SMB password:
>
> Retype new SMB password:
>
> Failed to update uidNumber in sambaUnixIdPool: modifications require
>> authentication at /usr/share/perl5/smbldap_tools.pm line 1212.
>
> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -m
>> "billy"' gave 127
>
> Could not find user billy, add script did not work
>
> Failed to add entry for user billy.
>
>
On Mon, Mar 23, 2015 at 5:00 PM, Rowland Penny <rowlandpenny at
googlemail.com>
wrote:
> On 23/03/15 19:49, Elias Pereira wrote:
>
>> Hello,
>>
>> - I have a server with ldap (debian 7).
>> - I have another server with samba (freebsd 8).
>>
>> I want to set up a new samba server in a debian.
>>
>> My question is:
>>
>> In addition to the default Samba configuration, which other packages
have
>> to install on the new server to communicate with the ldap?
>>
>> Note: I researched a lot about how to configure a Samba server with an
>> external ldap, but all the links of the research were on the samba and
>> ldap
>> on the same server.
>>
>
> I take it that you want to set up an NT-4 style domain controller, if so,
> then the internet is littered with howtos, you are just searching on the
> wrong terms, try samba3 instead of samba4.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Elias Pereira

On 24/03/15 14:51, Elias Pereira wrote:
> After some reading and attempts, I managed to set the Samba4 with the
> external openldap.
>
> I tried to add a user through the command "smbpasswd", but an
error
> occurred, which follows below:
>
> root at sol:~# smbpasswd -a billy
>> smbldap_search_domain_info: Searching
>>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>> smbldap_open_connection: connection opened
>>
>> ldap_connect_system: successful connection to the LDAP server
>>
>> New SMB password:
>>
>> Retype new SMB password:
>>
>> Failed to update uidNumber in sambaUnixIdPool: modifications require
>>> authentication at /usr/share/perl5/smbldap_tools.pm line 1212.
>> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -m
>>> "billy"' gave 127
>> Could not find user billy, add script did not work
>>
>> Failed to add entry for user billy.
>>
>>
> On Mon, Mar 23, 2015 at 5:00 PM, Rowland Penny <rowlandpenny at
googlemail.com>
> wrote:
>
>> On 23/03/15 19:49, Elias Pereira wrote:
>>
>>> Hello,
>>>
>>> - I have a server with ldap (debian 7).
>>> - I have another server with samba (freebsd 8).
>>>
>>> I want to set up a new samba server in a debian.
>>>
>>> My question is:
>>>
>>> In addition to the default Samba configuration, which other
packages have
>>> to install on the new server to communicate with the ldap?
>>>
>>> Note: I researched a lot about how to configure a Samba server with
an
>>> external ldap, but all the links of the research were on the samba
and
>>> ldap
>>> on the same server.
>>>
>> I take it that you want to set up an NT-4 style domain controller, if
so,
>> then the internet is littered with howtos, you are just searching on
the
>> wrong terms, try samba3 instead of samba4.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>
It has been sometime since I used an NT-4 style domain, but I seem to 
remember that you need to run the command as root and the user needs to 
exists as a Unix user.

Rowland

>
> it has been sometime since I used an NT-4 style domain, but I seem to
> remember that you need to run the command as root and the user needs to
> exists as a Unix user.
>
You were right! Fixed!

Continuing:

But now when I try to join a window xp sp3 in the domain, it does the
following error:

*Logon failure: unknown user name or bad password.*


Note: The user I'm putting to enter the domain, belongs to the Domain
Admins.

I run the "tail -f syslog" on openldap server.

See the link: http://pastie.org/private/zk2t5jtwzvujakiifvltea

Elias,

The easiest way is to use the smbldap-tools package; i.e. man 
smbldap-useradd for syntax and options.

Dale

On 03/24/2015 9:51 AM, Elias Pereira wrote:
> After some reading and attempts, I managed to set the Samba4 with the
> external openldap.
>
> I tried to add a user through the command "smbpasswd", but an
error
> occurred, which follows below:
>
> root at sol:~# smbpasswd -a billy
>> smbldap_search_domain_info: Searching
>>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>> smbldap_open_connection: connection opened
>>
>> ldap_connect_system: successful connection to the LDAP server
>>
>> New SMB password:
>>
>> Retype new SMB password:
>>
>> Failed to update uidNumber in sambaUnixIdPool: modifications require
>>> authentication at /usr/share/perl5/smbldap_tools.pm line 1212.
>> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -m
>>> "billy"' gave 127
>> Could not find user billy, add script did not work
>>
>> Failed to add entry for user billy.
>>
>>
> On Mon, Mar 23, 2015 at 5:00 PM, Rowland Penny <rowlandpenny at
googlemail.com>
> wrote:
>
>> On 23/03/15 19:49, Elias Pereira wrote:
>>
>>> Hello,
>>>
>>> - I have a server with ldap (debian 7).
>>> - I have another server with samba (freebsd 8).
>>>
>>> I want to set up a new samba server in a debian.
>>>
>>> My question is:
>>>
>>> In addition to the default Samba configuration, which other
packages have
>>> to install on the new server to communicate with the ldap?
>>>
>>> Note: I researched a lot about how to configure a Samba server with
an
>>> external ldap, but all the links of the research were on the samba
and
>>> ldap
>>> on the same server.
>>>
>> I take it that you want to set up an NT-4 style domain controller, if
so,
>> then the internet is littered with howtos, you are just searching on
the
>> wrong terms, try samba3 instead of samba4.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>

On 24/03/15 17:45, Dale Schroeder wrote:
> Elias,
>
> The easiest way is to use the smbldap-tools package; i.e. man 
> smbldap-useradd for syntax and options.
>
> Dale
>
> On 03/24/2015 9:51 AM, Elias Pereira wrote:
>> After some reading and attempts, I managed to set the Samba4 with the
>> external openldap.
>>
>> I tried to add a user through the command "smbpasswd", but an
error
>> occurred, which follows below:
>>
>> root at sol:~# smbpasswd -a billy
>>> smbldap_search_domain_info: Searching
>>>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>>> smbldap_open_connection: connection opened
>>>
>>> ldap_connect_system: successful connection to the LDAP server
>>>
>>> New SMB password:
>>>
>>> Retype new SMB password:
>>>
>>> Failed to update uidNumber in sambaUnixIdPool: modifications
require
>>>> authentication at /usr/share/perl5/smbldap_tools.pm line 1212.
>>> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd
-m
>>>> "billy"' gave 127
>>> Could not find user billy, add script did not work
>>>
>>> Failed to add entry for user billy.
>>>
>>>
>>
>
I guess you missed this:

_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -m

Rowland

Dale, about the smbldap-useradd, I fix this problem! :D

Now, is about the Logon failure error.

See the previous message that I sent.

On Tue, Mar 24, 2015 at 2:45 PM, Dale Schroeder <
dale at briannassaladdressing.com> wrote:
> Elias,
>
> The easiest way is to use the smbldap-tools package; i.e. man
> smbldap-useradd for syntax and options.
>
> Dale
>
>
> On 03/24/2015 9:51 AM, Elias Pereira wrote:
>
>> After some reading and attempts, I managed to set the Samba4 with the
>> external openldap.
>>
>> I tried to add a user through the command "smbpasswd", but an
error
>> occurred, which follows below:
>>
>> root at sol:~# smbpasswd -a billy
>>
>>> smbldap_search_domain_info: Searching
>>>
>>>> for:[(&(objectClass=sambaDomain)(sambaDomainName=POA))]
>>>>
>>> smbldap_open_connection: connection opened
>>>
>>> ldap_connect_system: successful connection to the LDAP server
>>>
>>> New SMB password:
>>>
>>> Retype new SMB password:
>>>
>>> Failed to update uidNumber in sambaUnixIdPool: modifications
require
>>>
>>>> authentication at /usr/share/perl5/smbldap_tools.pm line 1212.
>>>>
>>> _samr_create_user: Running the command `/usr/sbin/smbldap-useradd
-m
>>>
>>>> "billy"' gave 127
>>>>
>>> Could not find user billy, add script did not work
>>>
>>> Failed to add entry for user billy.
>>>
>>>
>>>  On Mon, Mar 23, 2015 at 5:00 PM, Rowland Penny <
>> rowlandpenny at googlemail.com>
>> wrote:
>>
>>  On 23/03/15 19:49, Elias Pereira wrote:
>>>
>>>  Hello,
>>>>
>>>> - I have a server with ldap (debian 7).
>>>> - I have another server with samba (freebsd 8).
>>>>
>>>> I want to set up a new samba server in a debian.
>>>>
>>>> My question is:
>>>>
>>>> In addition to the default Samba configuration, which other
packages
>>>> have
>>>> to install on the new server to communicate with the ldap?
>>>>
>>>> Note: I researched a lot about how to configure a Samba server
with an
>>>> external ldap, but all the links of the research were on the
samba and
>>>> ldap
>>>> on the same server.
>>>>
>>>>  I take it that you want to set up an NT-4 style domain
controller, if
>>> so,
>>> then the internet is littered with howtos, you are just searching
on the
>>> wrong terms, try samba3 instead of samba4.
>>>
>>> Rowland
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>>
>>
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Elias Pereira

On 24/03/15 17:32, Elias Pereira wrote:
>> it has been sometime since I used an NT-4 style domain, but I seem to
>> remember that you need to run the command as root and the user needs to
>> exists as a Unix user.
>>
> You were right! Fixed!
>
> Continuing:
>
> But now when I try to join a window xp sp3 in the domain, it does the
> following error:
>
> *Logon failure: unknown user name or bad password.*
>
>
> Note: The user I'm putting to enter the domain, belongs to the Domain
> Admins.
>
> I run the "tail -f syslog" on openldap server.
>
> See the link: http://pastie.org/private/zk2t5jtwzvujakiifvltea
Again, this is from memory, you have to use the user 'root' and the 
password you set for him.

Rowland