Package: smbldap-tools Followup-For: Bug #520517 Hello,
i think the problem is somewhere else. The "add machine script" is supposed to create only UNIX (POSIX) account. Either in /etc/passwd or in LDAP (using smbldap-useradd -w). Samba then calls smbpasswd -a -m to create the samba account (either in smbpasswd, tdbsam or LDAP), but before it checks, if the UNIX account exists. And that is the place where your setup fails. It took me a lot of time to hunt this bug in my system, because even -i switch didn't help me. The problem is that by default user accounts are created in LDAP tree ou=people,dc=example and computer accounts are in tree ou=computer,dc=example. When you search the samba accounts using pdbedit, they will look OK, but unix doesn't see them and so does smbpasswd -a. What UNIX considers to be account is determined in /etc/libnss-ldap.conf and we have this in it nss_base_passwd ou=people,dc=example?sub nss_base_shadow ou=people,dc=example?sub nss_base_group ou=group,dc=example?one So nothing in ou=computer,dc=example is considered to be a UNIX account and won't work as expected. You have to adjust either libnss-ldap.conf or smbldap.conf and restructure your LDAP data to get computer and user accounts into the same subtree of LDAP. Then it works. I think this should put into documentation. Regards Vladislav Kurz -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686-bigmem (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=cs_CZ.ISO-8859-2 (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Shell: /bin/sh linked to /bin/bash Versions of packages smbldap-tools depends on: ii libcrypt-smbhash-perl 0.12-2 generate LM/NT hash of a password ii libdigest-sha1-perl 2.11-2+b1 NIST SHA-1 message digest algorith ii libio-socket-ssl-perl 1.16-1+lenny1 Perl module implementing object or ii libnet-ldap-perl 1:0.36-1 A Client interface to LDAP servers ii libunicode-maputf8-perl 1.11-2 Perl module for conversing between ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction smbldap-tools recommends no packages. smbldap-tools suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
