When we add a client pc (win2k) to our domain everything goes well except that the add machine script wont run.
A computer will be created within the lDAP directory but not with the add machine script.
The following is our situation.
Fedora Core1 |-samba-3.0.2-7.FC1 |-openldap-2.1.22-8
smb.conf
--------------
# Global parameters
[global]
workgroup = T3E
server string = domeinserver
bind interfaces only = Yes
passwd program = /usr/sbin/smbldap-passwd.pl %u
passwd chat = *new*password* %n *new*password* %n *successfully*
passwd chat debug = Yes
passdb backend = ldapsam:ldap://localhost
#unix password sync = Yes
log level = 2
log file = /var/log/samba/samba.log.%m
time server = Yes
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/smbldap-useradd.pl -a -m %u
add machine script = /usr/sbin/smbldap-useradd.pl -w %u
delete user script = /usr/sbin/smbldap-userdel.pl -r %u
add group script = /usr/sbin/smbldap-groupadd.pl %g
delete group script = /usr/sbin/smbldap-groupdel.pl %g
add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u
domain logons = Yes
os level = 34
preferred master = Yes
domain master = Yes
wins support = Yes
ldap suffix = o=T3E,c=nl
ldap admin dn = cn=Manager,o=T3E,c=nl
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap user suffix = ou=people
ldap ssl = no
admin users = root
hide unreadable = Yes
logon path = \\%N\%U\.winprofile
logon script = netwerk.bat
encrypt passwords = Yes
username map = /etc/samba/smbusers
--------------
As you see we use the smbldap-tools to execute when a client logins to the domain.
After login the following entry will be made in LDAP:
uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -------------- dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl uid: tmc-ontwikkelpc$ sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006 sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007 objectClass: sambaSamAccount objectClass: account displayName: TMC-ONTWIKKELPC$ sambaPwdCanChange: 1080312437 sambaPwdMustChange: 2147483647 sambaLMPassword: F64C97556FCFA59023753BB150C8A535 sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27 sambaPwdLastSet: 1080312437 sambaAcctFlags: [W ] --------------
If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we get the following entry in the LDAP dir:
uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -------------- dn: uid=test$,ou=computers,o=T3E,c=nl objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1000 gidNumber: 10012 homeDirectory: /dev/null loginShell: /bin/false description: Computer --------------
This is a really different schema, and this is the one that we need. Anyone sees what were doing wrong?
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba