Sorry, I meant to write smbldap-useradd. FWIW, all I had to do were the following three steps:
1) added an OpenBSD user account called FTL37$ 2) smbldap-useradd -w FTL37$ 3) did a smbpasswd -a FTL37$ Currently I am using samba-3.0.21bp3-ldap and samba-docs-3.0.21b packages on OpenBSD 3.9. Relying solely on documentation that comes with the OpenBSD packages was what helped me solve the various problems I had with Samba and OpenLDAP. I found the smb-docs package immensely helpful. On Fri, 2006-15-12 at 14:56 +0100, Dr. Harry Knitter wrote: > Am Freitag, 15. Dezember 2006 14:03 schrieb Vijay Sankar: > > Did you add the workstation account using smbldap-adduser -w? > > > my entry for adding machine accounts in smb.conf is > > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > > smbldap-adduser does not exist in my smbldap-tools > > > > Here is the result from an ldapsearch for a workstation in a domain > > called FORETELL. The PDC is a samba server (running on OpenBSD, setup > > using only packages from the OpenBSD CD or downloaded from > > ftp://mirror.arcticnetwork.ca/pub/OpenBSD/). and I use samba-ldap > > > > ldapsearch for workstation FTL37 > > > > # ldapsearch -x -W -D "cn=Manager,dc=foretell,dc=ca" cn=ftl37$ > > Enter LDAP Password: > > # extended LDIF > > # > > # LDAPv3 > > # base <> with scope subtree > > # filter: cn=ftl37$ > > # requesting: ALL > > # > > > > # ftl37$, Computers, foretell.ca > > dn: uid=ftl37$,ou=Computers,dc=foretell,dc=ca > > objectClass: top > > objectClass: inetOrgPerson > > objectClass: posixAccount > > objectClass: sambaSamAccount > > cn: ftl37$ > > sn: ftl37$ > > uid: ftl37$ > > uidNumber: 1006 > > gidNumber: 515 > > homeDirectory: /dev/null > > loginShell: /bin/false > > description: Computer > > gecos: Computer > > sambaSID: S-1-5-21-263555819-462812047-1274083732-5000 > > sambaPrimaryGroupSID: S-1-5-21-263555819-462812047-1274083732-5001 > > displayName: Virtual Machine - FTL37 > > sambaPwdMustChange: 2147483647 > > sambaPasswordHistory: > > 00000000000000000000000000000000000000000000000000000000 > > 00000000 > > sambaAcctFlags: [UW ] > > sambaPwdCanChange: 1164913523 > > sambaNTPassword: DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD > > sambaPwdLastSet: 1164913523 > > > > # search result > > search: 2 > > result: 0 Success > > > > # numResponses: 2 > > # numEntries: 1 > > > > here is the mine: > > ldapsearch -x -W -D "cn=admin,dc=knitter,dc=privat" cn=notebook$ > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <> with scope subtree > # filter: cn=notebook$ > # requesting: ALL > # > > # notebook$, Computers, knitter.privat > dn: uid=notebook$,ou=Computers,dc=knitter,dc=privat > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > cn: notebook$ > sn: notebook$ > uid: notebook$ > uidNumber: 1002 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > > This entry was created when I tried to join this client to the domain. > > What I still do not understand is, why no sambaSAMaccount can be created. > I assume this is related to the unix-password mapping. On Linux systems I > have > done this several times. However there the authentication is done via pam and > nsswitch, which seem not to be available in OpenBSD. > > Harry > -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: 204 885 9535, E-Mail: [EMAIL PROTECTED]
