-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brad Langhorst wrote: | I have just set up a domain and am trying to join a machine to it. | When i watch the log i see | | [2005/07/22 14:56:26, 5] | rpc_server/srv_samr_nt.c:_samr_create_user(2311) | _samr_create_user: can add this account : False | Error: modifications require authentication | at /usr/share/perl5/smbldap_tools.pm line 892, <DATA> line 283. | [2005/07/22 14:56:28, 0] | rpc_server/srv_samr_nt.c:_samr_create_user(2324) | _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w | "newt$"' gave 127 | | so for some reason my account (root) is not passing | the can_add_account test and the add user script is | not being run as root. | | I don't know why since root is a member of the correct groups
Technically root doesn't need any extra privileges. Run a level 10 debug log and look for SE_PRIV to see what privileges have been assigned though just out of curiousity. | Error: modifications require authentication | at /usr/share/perl5/smbldap_tools.pm line 892, <DATA> line 283. This implies that your script is connecting anonymously. OpenLDAP doesn't allow anonymous updatres by default (starting with OL 2.1 IIRC). SO you would have to add 'allow update_anon' to slapd.conf. But of course, this is like adding 'guest account = root' in smb.conf. :-) It's a really bad idea. cheers, jerry ===================================================================== Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC5OrVIR7qMdg1EfYRAmaaAJ9xqSLofIDAk23mFVj1DLWptfuCdQCglcIS F2cjMD7Hsthq+Wmw7EQjgOA= =6gxb -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba