-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Since I am using an LDAP backend, should I restrict myself from using the smbpasswd and like commands? I can add my machine account using smbldap-* utilities.
Zach zdennis wrote: > I have seen this problem posted several times and the common answer doesn't > seem to be doing it for me. > > Here's the error: > > Trying to load: ldapsam_compat:ldap://127.0.0.1/ > Attempting to register passdb backend ldapsam > Successfully added passdb backend 'ldapsam' > Attempting to register passdb backend ldapsam_compat > Successfully added passdb backend 'ldapsam_compat' > Attempting to register passdb backend NDS_ldapsam > Successfully added passdb backend 'NDS_ldapsam' > Attempting to register passdb backend NDS_ldapsam_compat > Successfully added passdb backend 'NDS_ldapsam_compat' > Attempting to register passdb backend smbpasswd > Successfully added passdb backend 'smbpasswd' > Attempting to register passdb backend tdbsam > Successfully added passdb backend 'tdbsam' > Attempting to register passdb backend guest > Successfully added passdb backend 'guest' > Attempting to find an passdb backend to match > ldapsam_compat:ldap://127.0.0.1/ (ldapsam_compat) > Found pdb backend ldapsam_compat > pdb backend ldapsam_compat:ldap://127.0.0.1/ has a valid init > Attempting to find an passdb backend to match guest (guest) > Found pdb backend guest > pdb backend guest has a valid init > smbldap_search_ext: base => [dc=mktec,dc=com], filter => > [(&(uid=Aries$)(objectclass=sambaAccount))], scope => [2] > The connection to the LDAP server was closed > smb_ldap_setup_connection: ldap://127.0.0.1/ > smbldap_open_connection: connection opened > ldap_connect_system: Binding to ldap server ldap://127.0.0.1/ as > "cn=admin,dc=mktec,dc=com" > ldap_connect_system: succesful connection to the LDAP server > Failed to initialise SAM_ACCOUNT for user Aries$. Does this user exist in the > UNIX password database ? > Failed to modify password entry for user Aries$ > ldap_connect_system: LDAP server does support paged results > The LDAP server is succesfully connected > ldapsam_getsampwnam: Unable to locate user [Aries$] count=0 > Finding user Aries$ > Trying _Get_Pwnam(), username as lowercase is aries$ > Trying _Get_Pwnam(), username as given is Aries$ > Trying _Get_Pwnam(), username as uppercase is ARIES$ > Checking combinations of 0 uppercase letters in aries$ > Get_Pwnam_internals didn't find user [Aries$]! > > > Here is the configuration: > > -----------START CONFIGURATION------------------- > [global] > workgroup = mktec.com > netbios name = MKTEC > server string = %h server (Samba %v) > wins support = yes > dns proxy = yes > name resolve order = wins lmhosts host bcast > log file = /var/log/samba/log.%m > max log size = 1000 > syslog = 0 > panic action = /usr/share/samba/panic-action %d > security = user > encrypt passwords = true > > passdb backend = ldapsam_compat:ldap://127.0.0.1/ > obey pam restrictions = no > invalid users = root > > ldap admin dn = cn=admin,dc=mktec,dc=com > ldap suffix = dc=mktec,dc=com > ldap group suffix= ou=Groups > ldap user suffix = ou=Users > ldap machine suffix = ou=Users > ldap idmap suffix = ou=Users > ldap ssl = no > > passwd program = /usr/sbin/smbldap-passwd %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *all*authentication*tokens*updated* > > add user script = /usr/sbin/smbldap-useradd -m "%u" > > ldap delete dn = Yes > delete user script = /usr/sbin/smbldap-userdel "%u" > add machine script = /usr/sbin/smbldap-useradd -w "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > delete group script = /usr/sbin/smbldap-groupdel "%g" > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > enable privileges = yes > > domain logons = yes > domain master = yes > preferred master = yes > local master = yes > > load printers = no > socket options = TCP_NODELAY > > [netlogon] > comment = Network Logon Service > path = /var/lib/samba/netlogon > guest ok = yes > read only = yes > write list > writable = no > share modes = no > > [profiles] > comment = Users profiles > path = /var/lib/samba/profiles > read only = no > guest ok = no > browseable = no > create mask = 0600 > directory mask = 0700 > -----------END CONFIGURATION------------------- > > I mapped the ldap machine suffix to ou=Users rather then ou=Computers because > of previous message on the mailing list which > suggested there was a bug in Samba3. It doesn't seem to work either way, as > it results in the exact same error message. My LDAP > directory layed out with the basic Users, Computers, Groups organizational > units in existance. > > I am running on a Ubuntu Dapper server: > samba 3.0.22-1 > openldap (slapd) 2.2.26-5 > > Any input or help is greatly appreciated. Thanks, > > Zach > > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFEtA/rMyx0fW1d8G0RAraFAJ9Z9kfEn03GuSGpkb7r0Rc86th8VACfTr25 cqX/gs+8H1VPe5XrnzX4gqQ= =3YIr -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
