Am Freitag, 15. Dezember 2006 14:03 schrieb Vijay Sankar: > Did you add the workstation account using smbldap-adduser -w? > my entry for adding machine accounts in smb.conf is
add machine script = /usr/local/sbin/smbldap-useradd -w "%u" smbldap-adduser does not exist in my smbldap-tools > Here is the result from an ldapsearch for a workstation in a domain > called FORETELL. The PDC is a samba server (running on OpenBSD, setup > using only packages from the OpenBSD CD or downloaded from > ftp://mirror.arcticnetwork.ca/pub/OpenBSD/). and I use samba-ldap > > ldapsearch for workstation FTL37 > > # ldapsearch -x -W -D "cn=Manager,dc=foretell,dc=ca" cn=ftl37$ > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <> with scope subtree > # filter: cn=ftl37$ > # requesting: ALL > # > > # ftl37$, Computers, foretell.ca > dn: uid=ftl37$,ou=Computers,dc=foretell,dc=ca > objectClass: top > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: sambaSamAccount > cn: ftl37$ > sn: ftl37$ > uid: ftl37$ > uidNumber: 1006 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > sambaSID: S-1-5-21-263555819-462812047-1274083732-5000 > sambaPrimaryGroupSID: S-1-5-21-263555819-462812047-1274083732-5001 > displayName: Virtual Machine - FTL37 > sambaPwdMustChange: 2147483647 > sambaPasswordHistory: > 00000000000000000000000000000000000000000000000000000000 > 00000000 > sambaAcctFlags: [UW ] > sambaPwdCanChange: 1164913523 > sambaNTPassword: DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD > sambaPwdLastSet: 1164913523 > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > here is the mine: ldapsearch -x -W -D "cn=admin,dc=knitter,dc=privat" cn=notebook$ Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope subtree # filter: cn=notebook$ # requesting: ALL # # notebook$, Computers, knitter.privat dn: uid=notebook$,ou=Computers,dc=knitter,dc=privat objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount cn: notebook$ sn: notebook$ uid: notebook$ uidNumber: 1002 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 This entry was created when I tried to join this client to the domain. What I still do not understand is, why no sambaSAMaccount can be created. I assume this is related to the unix-password mapping. On Linux systems I have done this several times. However there the authentication is done via pam and nsswitch, which seem not to be available in OpenBSD. Harry
