Samba 2.2.7a PDC setup with LDAP includeing posix authentication for Linux.
OK, the tutorial I've based my setup on is the Mandrake tutorial found at http://www.mandrakesecure.net/en/docs/ldap-auth.php
Works great for autenticateing Linux from LDAP but it is really sparse on the Samba side of things. Esepcially when it comes to adding machine trust accounts.
So anyway I have some theories I would like verified.
I've found that I can add a posix based machine name and that works fine BUT it only works in ou=People. The system cannot find a machine account in ou=Computers.
Seems to me that several things have occured:
Jan 18 14:08:42 enigma smbd[12254]: [2003/01/18 14:08:42, 0] passdb/pdb_ldap.c:pdb_getsampwnam(859) Jan 18 14:08:42 enigma smbd[12254]: LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries.
1. Search for a uid=spartack$ which also has objectclass=sambaAccount.
Jan 18 14:08:42 enigma smbd[12254]: [2003/01/18 14:08:42, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
2. Get the password.
Jan 18 14:08:42 enigma smbd[12254]: get_md4pw: Workstation spartack$: no account in domain
3. Can't find the account.(of course because the user has not been added by the 'add user script' setting in smb.conf yet.)
Jan 18 14:08:49 enigma smbd[12255]: [2003/01/18 14:08:49, 0] passdb/pdb_ldap.c:pdb_getsampwnam(859) Jan 18 14:08:49 enigma smbd[12255]: LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries. Jan 18 14:08:50 enigma smbd[12255]: [2003/01/18 14:08:50, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) Jan 18 14:08:50 enigma smbd[12255]: User spartack$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user.4. Try again only execute the 'add user script' first.
Theoretically, it did not find one because there is no objectClass sambaAccount in the entry HOWEVER, I know from previous attempts it does find the posix only Computer account when it is placed in ou=People. Is there perhaps a different search performed the fist time around despite the log entry or is my understanding of "(&(uid=spartack_)(objectclass=sambaAccount))" flawed?
So am I on target here? I can solve the problem if I can understand it. :-)
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba