Thanks for your response Le Mercredi, Novembre 15, 2017 17:38 CET, Rowland Penny via samba <samba at lists.samba.org> a écrit:> I suppose the obvious question is, is the script executable ?It is. It's a simple perl script with +x. I can exec it from the comande line like /usr/local/bin/addworkstation.pl foo$ which creates the machin account like it should. I've also tested caling it with the interpreter add machine script = /usr/bin/perl /usr/local/bin/addworkstation.pl %u with no difference> Can you post your smb.conf,See the file attached> there have been some changes between 3.6.3 > and 4.3.11. Talking of which, is there any way that you can upgrade > Samba ? 4.3.11 is EOL as far as Samba is concerned.I'd prefer keeping the version provided with the distro, but I'll check if there's some trustworthy PPA to get something a bit newer. The strange thing, is that the script is not even called at all. -- Daniel Berteaud FIREWALL-SERVICES SAS. Société de Services en Logiciels Libres Tel : 05 56 64 15 32 Visio: https://vroom.fws.fr/dani Web : http://www.firewall-services.com
Le Mercredi, Novembre 15, 2017 18:01 CET, Daniel Berteaud via samba <samba at lists.samba.org> a écrit:> The strange thing, is that the script is not even called at all.The other strange behavior is why does samba tries to create directly anything in LDAP ? From the doc, I only found it can do this if ldapsam:editposix is enabled (which is not the case in my conf) -- Daniel Berteaud FIREWALL-SERVICES SAS. Société de Services en Logiciels Libres Tel : 05 56 64 15 32 Visio: https://vroom.fws.fr/dani Web : http://www.firewall-services.com
On Wed, 15 Nov 2017 18:01:51 +0100 "Daniel Berteaud" <daniel at firewall-services.com> wrote:> Thanks for your response > > Le Mercredi, Novembre 15, 2017 17:38 CET, Rowland Penny via samba > <samba at lists.samba.org> a écrit: > > > I suppose the obvious question is, is the script executable ? > > It is. It's a simple perl script with +x. I can exec it from the > comande line like > > /usr/local/bin/addworkstation.pl foo$ > > which creates the machin account like it should. I've also tested > caling it with the interpreter > > add machine script = /usr/bin/perl /usr/local/bin/addworkstation.pl %u > > with no difference > > > Can you post your smb.conf, > > See the file attached > > > there have been some changes between 3.6.3 > > and 4.3.11. Talking of which, is there any way that you can upgrade > > Samba ? 4.3.11 is EOL as far as Samba is concerned. > > I'd prefer keeping the version provided with the distro, but I'll > check if there's some trustworthy PPA to get something a bit newer. > > The strange thing, is that the script is not even called at all. >You have 'add machine script = /usr/local/bin/addworkstation.pl "%u"' Try removing the double quotes. There isn't doesn't see to be anything else really wrong with your smb.conf. Rowland
On Wed, 2017-11-15 at 17:58 +0000, Rowland Penny via samba wrote:> On Wed, 15 Nov 2017 18:01:51 +0100 > "Daniel Berteaud" <daniel at firewall-services.com> wrote: > > > Thanks for your response > > > > Le Mercredi, Novembre 15, 2017 17:38 CET, Rowland Penny via samba > > <samba at lists.samba.org> a écrit: > > > > > I suppose the obvious question is, is the script executable ? > > > > It is. It's a simple perl script with +x. I can exec it from the > > comande line like > > > > /usr/local/bin/addworkstation.pl foo$ > > > > which creates the machin account like it should. I've also tested > > caling it with the interpreter > > > > add machine script = /usr/bin/perl /usr/local/bin/addworkstation.pl %u > > > > with no difference > > > > > Can you post your smb.conf, > > > > See the file attached > > > > > there have been some changes between 3.6.3 > > > and 4.3.11. Talking of which, is there any way that you can upgrade > > > Samba ? 4.3.11 is EOL as far as Samba is concerned. > > > > I'd prefer keeping the version provided with the distro, but I'll > > check if there's some trustworthy PPA to get something a bit newer. > > > > The strange thing, is that the script is not even called at all. > > > > You have 'add machine script = /usr/local/bin/addworkstation.pl "%u"' > Try removing the double quotes. > > There isn't doesn't see to be anything else really wrong with your > smb.conf. >G'Day Rowland, While it is possible our parsing of the smb.conf has changed, I think this is a red herring. This is an upgrade issue, so we should be holding as many things constant as possible, once we confirm things like the script has been copied over correctly and is executing manually on the new host. Assuming it is confirmed that the script does not execute at all, i would just say this: Sadly the LDAP backend of the NT4/classic DC is not automatically tested in our make test. However I can't see any specific change in our control flow here, we should still execute that script if the new account is created over SAMR CreateUser2 with ACB_WSTRUST. The account will still be created in LDAP even if ldapsam:editposix yes is not set, it will just not be created with posix attributes. If that were set, we wouldn't run the script however. As a point of debugging, is the 'add user script' script run instead? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba