oops...meant to send to list I think that you've answered it already...you are going to have to point ldap.conf to also search for 'people' in ou=Hosts,dc=bluemapletech,dc=com as well as ou=People,dc=bluemapletech,dc=com
if getent can't find it, samba can't find it and it is not gonna work. Craig On Mon, 2006-03-13 at 21:47 -0600, Wesley Hobbie wrote: > ldapsearch: > # server02$, Hosts, bluemapletech.com > dn: uid=server02$,ou=Hosts,dc=bluemapletech,dc=com > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > cn: server02$ > sn: server02$ > uid: server02$ > uidNumber: 1002 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: > Computer gecos: Computer > > getent passwd | grep server02 returns nothing. > > Computers go in ou=Hosts and users go in ou=People. > > What exactly do you want from the ldap.config file? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Craig White > Sent: Monday, March 13, 2006 9:27 PM > To: Wesley Hobbie > Cc: samba@lists.samba.org > Subject: RE: [Samba] Unable to add computer to domain > > > It might be helpful to put cards on table here... > > ldapsearch -x -h localhost -D 'whatever_your_bind_dn' \ > -W '(uid=server02*)' > > getent passwd |grep server02 > > and are you putting computers in the same container as users or do you have > separate container for computers? > > what does the relevant section in ldap.conf look like? > > Craig > > On Mon, 2006-03-13 at 21:21 -0600, Wesley Hobbie wrote: > > I did a search on Google and all I found was a bunch of copies of a > > conversation between Fran Fabrizio and John H Terpstra, and in the end > > Fran did not have the add machine script. > > > > I have the add machine script, that is not the problem, when I try to > > join the domain from the Windows server, it does create the account in > > LDAP and still fails :-(. I did look at the server02.log file (log > > file for my Windows 2003 Server) and I see the following entries: > > [2006/03/13 20:55:40, 0] lib/util_sock.c:matchname(1111) > > sys_gethostbyname(server02): lookup failure. > > [2006/03/13 20:55:40, 0] lib/util_sock.c:get_peer_name(1189) > > Matchname failed on server02 172.16.0.11 > > [2006/03/13 20:55:40, 0] lib/debug.c:reopen_logs(597) > > Unable to open new log file /var/log/samba/server02.log: Permission > > denied [2006/03/13 20:55:51, 0] lib/util_sock.c:matchname(1111) > > sys_gethostbyname(server02): lookup failure. > > [2006/03/13 20:55:51, 0] lib/util_sock.c:get_peer_name(1189) > > Matchname failed on server02 172.16.0.11 > > [2006/03/13 20:55:51, 0] lib/debug.c:reopen_logs(597) > > Unable to open new log file /var/log/samba/server02.log: Permission > > denied [2006/03/13 20:55:52, 0] > > rpc_server/srv_samr_nt.c:_samr_create_user(2404) _samr_create_user: > > Running the command `/usr/sbin/smbldap-useradd -w "server02$"' gave 9 > > > > -----Original Message----- > > From: James Taylor [mailto:[EMAIL PROTECTED] > > Sent: Monday, March 13, 2006 1:25 PM > > To: 'Wesley Hobbie'; [EMAIL PROTECTED] > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Unable to add computer to domain > > > > > > Wes, > > > > Do a google search on this topic: [Samba] Can't join my domain > > > > You will see what the problem is with the username can't be found. > > > > James > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On > > Behalf Of Wesley Hobbie > > Sent: Sunday, March 12, 2006 11:14 AM > > To: [EMAIL PROTECTED] > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Unable to add computer to domain > > > > Hey Craig, > > Actually I found on the Internet that I needed to run > > smbldap-populate, so I did and now I can manually add the user, > > although when I go to my Windows 2003 Server to join the domain I am > > still having a problem. > > > > Wes > > > > -----Original Message----- > > From: Wesley Hobbie > > Sent: Sunday, March 12, 2006 5:57 PM > > To: [EMAIL PROTECTED] > > Cc: samba@lists.samba.org > > Subject: RE: [Samba] Unable to add computer to domain > > > > I can connect to LDAP via the command line, and I am using the same > > user in smb.conf as I am in smbldap-tools_bind.config. > > > > Excerpt from smb.conf: > > passdb backend = ldapsam:ldap://server01.bluemapletech.com > > ldap suffix = dc=mydomain,dc=com > > ldap machine suffix = ou=Hosts > > ldap admin dn = cn=root,dc=mydomain,dc=com > > add machine script = /usr/sbin/smbldap-useradd -w "%u" > > > > Excerpt from smbldap.conf: > > slaveLDAP="127.0.0.1" > > slavePort="389" > > > > masterLDAP="127.0.0.1" > > masterPort="389" > > > > ldapTLS="1" > > suffix="dc=mydomain,dc=com" > > usersdn="ou=People,${suffix}" computersdn="ou=Hosts,${suffix}" > > > > with_smbpasswd="0" > > smbpasswd="/usr/bin/smbpasswd" (I am wondering if this is right?) > > > > with_slappasswd="0" > > slappasswd="/usr/sbin/slappasswd" > > > > Excerpt from smbldap_bind.conf: slaveDN="cn=root,dc=mydomain,dc=com" > > slavePw="**********" > > masterDN="cn=root,dc=mydomain,dc=com" > > masterPw="**********" > > > > Actually, I while I was copying the info from the files I noticed I > > mispelled my domain name, so I fixed it and tried it again. Now I do > > not get an error about it cannot contact the LDAP server, only that it > > could not find the next uid, "Error looking for next uid." > > > > -----Original Message----- > > From: Craig White [mailto:craigwhite at azapple.com] > > Sent: Sunday, March 12, 2006 11:25 AM > > To: Wesley Hobbie > > Cc: samba at lists.samba.org > > Subject: RE: [Samba] Unable to add computer to domain > > > > > > I'm going to ignore other users problems since they may or may not > > have similarities to your issues. > > > > Can you actually connect to your LDAP server from the command line? > > > > Can you actually connect to your LDAP server from the command line > > with 'write' permissions as the user and parameters as indicated > > within smb.conf ? > > > > Can you actually connect to your LDAP server from the command line > > with 'write' permissions as the user and parameters as indicated > > within smbldap-tools_bind.conf ? > > > > Craig > > > > On Sun, 2006-03-12 at 10:57 -0600, Wesley Hobbie wrote: > > > Ok, I did not know that. I modified the two files in the > > > /etc/smbldap-tools folder, although I am still getting the same error. > > > > > > I looked at the Samba archive for March and I notice some other > > > people > > > seem to be having the same issue. March 2 - Bevan Agard > > > March 6 - Hakan BAYINDIR > > > > > > I try to add my Windows 2003 Server to the domain and I get an error > > > that the user name could not be found. That is when I tried to > > > manually execute the command that Samba is instructed to use when > > > adding a machine, which is when I got the error about it cannot > > > contact the LDAP server. > > > > > > -----Original Message----- > > > From: Craig White [mailto:craigwhite at azapple.com] > > > Sent: Saturday, March 11, 2006 11:35 AM > > > To: samba at lists.samba.org > > > Subject: Re: [Samba] Unable to add computer to domain > > > > > > > > > On Sat, 2006-03-11 at 11:10 -0600, Wesley Hobbie wrote: > > > > I have an OpenLDAP backend, Samba knows how to talk to it, my > > > > Samba users are stored in LDAP and file shares work fine > > > > authenticating to the LDAP server. I tried executing > > > > smbldap-useradd -w server02 on the command-line and got the > > > > following error: failed to perform search; Can't contact LDAP > > > > server at /usr/lib/perl5/vendor_perl/5.8.7/smbldap_tools.pm line > > > > 362, <DATA> line > > > 283. > > > > Error looking for next uid at > > > > /usr/lib/perl5/vendor_perl/5.8.7/smbldap_tools.pm line 993, <DATA> > > > > line > > > 283. > > > > > > > > Anyone have any ideas? > > > ---- > > > sounds as though you've been using tools other than smbldap to setup > > > user accounts, etc. > > > > > > smbldap has to be configured to talk to your LDAP server if you > > > expect > > > it to work. > > > > > > depending upon which version of smbldap you are using, your config > > > files will be in various places but I think the current place is > > > /etc/smbldap-tools directory these days. > > > > > > Craig > > > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba