I wasn't using nscd and I got the same error. Don't know if it's destructive, first do it in a testing machine.
2009/3/30 Chris St. Pierre <stpie...@nebrwesleyan.edu> > On Mon, 30 Mar 2009, John Drescher wrote: > > Is that destructive to an existing setup? I have been using samba and >> openldap for around 5 years. >> > > Looks that way. I've also been using Samba + LDAP for about 5 years, > and have 8000 users and 1000 machine accounts I'd kinda like to keep > around. > > It also assumes that your Samba box is your OpenLDAP box. I have two > of the former and four of the latter, none of which share hardware. > Not that that would matter for me anyway, since that script assumes > you use OpenLDAP, and I use Fedora DS. These are just the problems I > found in about a 60-second perusal of the script. > > In other words, it looks fine if you're trying to get your shiny new > Samba + LDAP setup working on your home server, but it's not exactly > what I'd call enterprise quality software. > > That said, I figured out the problem -- kind of: nscd. As far as I > can tell, what happens is: > > 1. In the process of creating a trust account, Samba checks to see if > the account already exists. nscd caches a negative answer. > > 2. The account is created. > > 3. Samba again checks for the account, but gets nscd's cached > negative reply. > > Not using nscd isn't really a good option for us. > > I tried reducing the nscd negative TTL so it was below the -t (wait) > argument to smbldap-useradd, but that didn't appear to work. > > My other option is to wrap smbldap-useradd in a script that > invalidates the entire nscd cache, but that's also not a very good > option, since it torches the entire cache, not just the entry that > needs to be invalidated. Admittedly, we don't add machine accounts > that often, but it's not really my favorite solution. > > I'm sure other people must be running Samba + nscd. What other > solutions are there to this problem? > > Chris St. Pierre > Unix Systems Administrator > Nebraska Wesleyan University > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba