Daniel Davidson a écrit : > My problem seems to have been related to how the ldap records were set > up. Just so everyone knows the computer entry based off my config file > should look like: > > # SIRGUAIN$, computer, igb.uiuc.edu > dn: uid=SIRGUAIN$,ou=computer,dc=igb,dc=uiuc,dc=edu > uid: SIRGUAIN$ > sambaSID: S-none-of-yo-bidness-1000 > objectClass: sambaSamAccount > objectClass: account > displayName: SIRGUAIN$ > sambaAcctFlags: [W ] > sambaPwdMustChange: 9223372036854775807 > sambaPwdCanChange: 1181057492 > sambaNTPassword: noneyobidnesseither > sambaPwdLastSet: 1181057492 > > Instead of: > > # lancelot1$, computer, igb.uiuc.edu > dn: uid=lancelot1$,ou=computer,dc=igb,dc=uiuc,dc=edu > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > cn: lancelot1$ > sn: lancelot1$ > uid: lancelot1$ > uidNumber: 1009 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > > > However smbldap-useradd created the latter. What am I doing wrong that > does this?
Perhaps you are missing the -a flag. Indeed, in order for smbldap-useradd script to create a SambaSAMAccount entry, you need to add the -a flag, whether you are running from command line or from inside the smb.conf file. Excerpt from the smbldap-useradd help : -a is a Windows User (otherwise, Posix stuff only) Hope this helps, Denis > > thanks, > > Dan > > On Mon, 2007-06-04 at 14:03 -0500, Daniel Davidson wrote: >> I am having trouble adding machines to domains. I enter a proper >> username and password on the windows end, the ldap server executes the >> proper script, the script executes properly, resulting in the right >> entry into ldap as shown below: >> >> # lancelot1$, computer, igb.uiuc.edu >> dn: uid=lancelot1$,ou=computer,dc=igb,dc=uiuc,dc=edu >> objectClass: top >> objectClass: person >> objectClass: organizationalPerson >> objectClass: inetOrgPerson >> objectClass: posixAccount >> cn: lancelot1$ >> sn: lancelot1$ >> uid: lancelot1$ >> uidNumber: 1002 >> gidNumber: 515 >> homeDirectory: /dev/null >> loginShell: /bin/false >> description: Computer >> gecos: Computer >> >> However, the windows system does not have it join the domain, and give >> an error saying "the user name could not be found." Below is my config, >> does anyone know what would cause this? >> >> >> [global] >> netbios name = arthur >> workgroup = igbtest >> server string = igb test domain >> security = user >> encrypt passwords = yes >> local master = yes >> os level = 65 >> domain master = yes >> preferred master = yes >> null passwords = no >> hide unreadable = yes >> hide dot files = yes >> domain logons = yes >> log file = /var/log/samba/log.%m >> max log size = 50 >> >> add user script >> = /usr/share/doc/samba-3.0.24/LDAP/smbldap-tools-0.9.2/smbldap-useradd >> -m "%u" >> add machine script >> = /usr/share/doc/samba-3.0.24/LDAP/smbldap-tools-0.9.2/smbldap-useradd >> -w "%u" >> add group script >> = /usr/share/doc/samba-3.0.24/LDAP/smbldap-tools-0.9.2/smbldap-groupadd >> -p "%g" >> >> passdb backend = ldapsam:ldap://127.0.0.1/ >> ldap delete dn = Yes >> ldap ssl = no >> >> ldap suffix = dc=igb,dc=uiuc,dc=edu >> ldap admin dn = cn=ldapadmin,dc=igb,dc=uiuc,dc=edu >> ldap group suffix = ou=group >> ldap user suffix = ou=People >> ldap machine suffix = ou=computer >> ldap idmap suffix = ou=idmap >> >> [netlogon] >> path = /var/lib/samba/netlogon >> # guest ok = Yes >> browseable = no >> write list = root >> >> [homes] >> path = /home/%U >> browseable = no >> valid users = %S >> read only = no >> create mask = 0664 >> directory mask = 0775 >> > -- Denis Cardon Tranquil IT Systems 10 rue du Docteur Bouchard 49400 Saumur tel : +33 (0) 2.41.67.56.99 http://www.tranquil-it-systems.fr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba