[Samba] Cannot add BDC to domain - SAMR_SET_USERINFO failed
Dear all, Have joined other machines to this domain same network without problems but this particular one fails, is there possibly a problem with 3.0.25? Thanks, Per olof Samba 3.0.25 FreeBSD 5.5 Try to join BDC: net rpc join -U root%not2forget [2007/06/02 15:59:22, 0, pid=82483, effective(0, 0), real(0, 0)] utils/net_rpc_join.c:net_rpc_join_newstyle(304) error setting trust account password: NT code 0x1c010002 Unable to join domain UASL. Nothing significant logged on the joining machine. Log on PDC: [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:init_ldap_from_sam(965) init_ldap_from_sam: Setting entry for user: kbofile$ [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:ldapsam_add_sam_account(2094) ldapsam_add_sam_account: added: uid == kbofile$ in the LDAP database [2007/06/02 13:15:35, 1, pid=43803, effective(0, 0), real(0, 0)] lib/privileges.c:is_any_privilege_assigned(353) is_any_privilege_assigned: no privileges in check_mask! [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:init_sam_from_ldap(541) init_sam_from_ldap: Entry found for user: kbofile$ [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:init_group_from_ldap(2140) init_group_from_ldap: Entry found for group: 515 [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:init_group_from_ldap(2140) init_group_from_ldap: Entry found for group: 515 [2007/06/02 13:15:35, 2, pid=43803, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:init_group_from_ldap(2140) init_group_from_ldap: Entry found for group: 515 [2007/06/02 13:15:35, 0, pid=43803, effective(0, 0), real(0, 0)] rpc_parse/parse_prs.c:prs_mem_get(559) prs_mem_get: reading data of size 2 would overrun buffer by 1 bytes. [2007/06/02 13:15:35, 0, pid=43803, effective(0, 0), real(0, 0)] rpc_server/srv_samr.c:api_samr_set_userinfo(848) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2007/06/02 13:15:35, 0, pid=43803, effective(0, 0), real(0, 0)] rpc_server/srv_pipe.c:api_rpcTNP(2287) api_rpcTNP: samr: SAMR_SET_USERINFO failed. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] cannot login to swat as root
Samba 3.0.22 configured as as BDC. Can login to swat as any user *except* root/Administrator. What is even more puzzling is we have another machine with identical (well, almost it seems) configuration and no problem logging in as root. Could someone please advise where I should look? There are no other symptoms other than this swat problem, browsing etc works just fine. OS is FreeBSD 6.1 configured with ldapsam backend Thanks! [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pass_check.c:pass_check(621) pass_check: Checking (PAM) password for user root (l=10) [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_start(459) smb_pam_start: PAM: Init user: root [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_start(493) smb_pam_start: PAM: Init passed for user: root [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_auth(510) smb_pam_auth: PAM: Authenticate User: root [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_auth(532) smb_pam_auth: PAM: User root Authenticated OK [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_account(551) smb_pam_account: PAM: Account Management for User: root [2006/07/04 00:01:47, 2, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_account(561) smb_pam_account: PAM: There was an authentication error for user root [2006/07/04 00:01:47, 2, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_error_handler(73) smb_pam_error_handler: PAM: Account Check Failed : authentication error [2006/07/04 00:01:47, 0, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_passcheck(816) smb_pam_passcheck: PAM: smb_pam_account failed - Rejecting User root ! [2006/07/04 00:01:47, 4, pid=15594, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_end(440) smb_pam_end: PAM: PAM_END OK. [2006/07/04 00:06:52, 0, pid=15659, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_passcheck(816) smb_pam_passcheck: PAM: smb_pam_account failed - Rejecting User root ! [2006/07/04 00:27:25, 0, pid=17123, effective(0, 0), real(0, 0)] auth/pampass.c:smb_pam_passcheck(816) smb_pam_passcheck: PAM: smb_pam_account failed - Rejecting User root ! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
tom burkart wrote: On Apr 27, Per olof Ljungmark wrote: How is it installed? Exactly. I had used the ports system (usually works well) but grabbed the .tgz off idealx instead and that worked. It sounds like a very old smbldap_tools.pm is in use on your system and the new (current) one gets ignored. For it to work, my rpms (linux) install it in /usr/lib/perl5/site_perl/smbldap_tools.pm This means that you may have to find any occurrence of the smbldap_tools.pm module and replace it with the latest one. Sorry, was'nt that either. There must be something fishy with the FreeBSD smbldap-tools 0.8.7 port, I've e-mailed the maintainer, maybe he has an idea. Meanwhile, it did work with the tgz from idealx so I'm fine. Thanks, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote: Do any other commands work? I think the command can't find smbldap_tools.pm How is it installed? Exactly. I had used the ports system (usually works well) but grabbed the .tgz off idealx instead and that worked. Thanks, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Jerome Tournier wrote: Le Wed, Apr 27, 2005 at 01:05:05PM +0200, Per olof Ljungmark a ecrit: Bareword "print_banner" not allowed while "strict subs" in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. at the beginning of smbldap_tools.pm, do you have the print_banner function declared ? Like this : @EXPORT = qw( get_user_dn get_group_dn ... print_banner %config ); Yes, it's there. smbldap-tools are installed from the FreeBSD ports system If I remove "user_strict;" the commands will at least show the options but not complete tasks. How do the scripts locate smbldap_tools.pm? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote:
Gavin Henry wrote:
smbldap-tools 0.8.7
FreeBSD 5.4-RC2
Samba 3.1.14
Perl 5.8.2
When I try to use any of the tools, the following message appears. Any
hints on how to fix it are welcome.
Bareword "print_banner" not allowed while "strict subs" in use at
/usr/local/sbin/smbldap-useradd line 43.
Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation
errors.
They've probably missed a $ off of print_banner. Have you looked at line
43?
Hi Gavin,
42 if ( (!$ok) || (@ARGV < 1) || ($Options{'?'}) ) {
43 print_banner;
44 print "Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n";
Adding a "$" does not change much, however, if I comment out
"use strict;" it works. Now, what would be the problem with commenting
that out? I suspect this could be FBSD-specific.
Ah, I've just looked at the code in smbldap_tools.pm. It's a call to the
print_banner subroutine
(http://cvs.idealx.org/cgi-bin/cvsweb/samba/smbldap-tools/smbldap_tools.pm?rev=1.54&content-type=text/x-cvsweb-markup&only_with_tag=v0-8-7)
Add a & on the front of it:
42 if ( (!$ok) || (@ARGV < 1) || ($Options{'?'}) ) {
43 &print_banner;
44 print "Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n";
This doesn't appear to be fixed in version 0.8.8, so it might be something
else.
Then it is something else.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote:
smbldap-tools 0.8.7
FreeBSD 5.4-RC2
Samba 3.1.14
Perl 5.8.2
When I try to use any of the tools, the following message appears. Any
hints on how to fix it are welcome.
Bareword "print_banner" not allowed while "strict subs" in use at
/usr/local/sbin/smbldap-useradd line 43.
Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation
errors.
They've probably missed a $ off of print_banner. Have you looked at line 43?
Hi Gavin,
42 if ( (!$ok) || (@ARGV < 1) || ($Options{'?'}) ) {
43 print_banner;
44 print "Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n";
Adding a "$" does not change much, however, if I comment out
"use strict;" it works. Now, what would be the problem with commenting
that out? I suspect this could be FBSD-specific.
Per olof
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-tools Perl error (FreeBSD)
smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword "print_banner" not allowed while "strict subs" in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] extract SID from v2 domain
Hi all, How can I, in preparation for an upgrade to Samba3, extract the domain SID from a network of w2k workstations and Samba2.2 servers? Sorry if this is crystal clear but I just can't figure it out. Thanks, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Newbie samba3/smbldap-tools questions...
Hi, try lam.sourceforge.net Yes, looks good but still a little heavy for a non-tech. I'll give it a try though, thanks. - Is it possible to use the NT4 usrmgr.exe to administer accounts? Have people used to nothing but Windows who needs to add/delete users. I have tried but never got it working properly, lots of rpc errors. smb.conf is set up to point to the scripts and it works fine from a unix terminal. - Are there other better (graphical) tools (usable under windows) one can use for this task? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Newbie samba3/smbldap-tools questions...
Hi all, I have set up a test configuration with Samba 3.0.2a and ldapsam/nss on FreeBSD 5.2.1, one PDC and two BDC's on different subnets. Most is now humming along quite well and I need to get a grip on the administrative side of it. - Is it possible to use the NT4 usrmgr.exe to administer accounts? Have people used to nothing but Windows who needs to add/delete users. I have tried but never got it working properly, lots of rpc errors. smb.conf is set up to point to the scripts and it works fine from a unix terminal. - Are there other better (graphical) tools (usable under windows) one can use for this task? Thanks for your input here, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] getpwnam() fails! [SOLVED]
- id(1) only return values for system password database users - machine logs indicates a problem with getpwnam(): [2004/03/24 22:59:43, 1, pid=68224, effective(0, 0), real(0, 0)] auth/auth_util.c:make_server_info_sam(821) User Guest in passdb, but getpwnam() fails! Misspelled nsswitch.conf. Grrr... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] getpwnam() fails!
All Samba domain. OS FreeBSD 5.2.1 ldap set up with working replication ldap slaveldap masterldap slave 192.168.4.0---192.168.1.0192.168.3.0 BDC-1 PDCBDC-2 PDC and BDC-2 are fine but on BDC-1 I get the following errors: - id(1) only return values for system password database users - machine logs indicates a problem with getpwnam(): [2004/03/24 22:59:43, 1, pid=68224, effective(0, 0), real(0, 0)] auth/auth_util.c:make_server_info_sam(821) User Guest in passdb, but getpwnam() fails! In this situation of course nothing works properly at the BDC-1 site. I really tried to make configuration identical on both BDC's but apparently I did something wrong and I'm tearing my hair trying to figure it out. Anybody? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba BDC refuses to become local master browser?
Need help debugging the following, thanks. All Samba setup over three subnets: 192.168.4.0---192.168.1.0192.168.3.0 BDC here PDC here BDC here weir ripple hart netmask 255.255.255.0 from log.nmdb at weir after elections have settled: [2004/03/20 02:25:22, 4, pid=1291, effective(0, 0), real(0, 0)] nmbd/nmbd_workgroupdb.c:dump_workgroups(266) dump_workgroups() dump workgroup on subnet 192.168.4.206: netmask= 255.255.255.0: STARLIGHT(1) current master browser = STOCKHOLM02 WEIR 40019b1b (Samba 3.0.2a) STOCKHOLM02 42069243 () [2004/03/20 02:25:22, 4, pid=1291, effective(0, 0), real(0, 0)] nmbd/nmbd_workgroupdb.c:dump_workgroups(266) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask=0.0.0.0: STARLIGHT(1) current master browser = UNKNOWN WEIR 40019b1b (Samba 3.0.2a) smb.conf: [global] unix charset = ISO8859-15 workgroup = STARLIGHT min passwd length = 4 passdb backend = ldapsam:ldap://localhost:389 pam password change = Yes passwd program = /usr/local/sbin/smbldap-passwd -o %u passwd chat = *new*password* %n\n *new*password* %n\n *successfully* passwd chat debug = Yes username map = /usr/local/lib/samba/users.map unix password sync = Yes log level = 6 max log size = 500 debug pid = Yes debug uid = Yes add user script = /usr/local/sbin/smbldap-useradd -m -a %u delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd -p %u add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/sbin/smbldap-useradd -w -g 553 %u logon path = /usr/local/lib/samba/Profiles/%U domain logons = Yes os level = 65 domain master = No wins server = 192.168.1.14 ldap suffix = dc=starlight,dc=se ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap group suffix = ou=Groups ldap admin dn = cn=Manager,dc=starlight,dc=se ldap ssl = no ldap passwd sync = Yes ldap delete dn = Yes lock directory = /var/lock remote announce = 192.168.3.255/STARLIGHT 192.168.1.255/STARLIGHT remote browse sync = 192.168.3.2 192.168.1.255 idmap backend = ldap:ldap://ripple.i.inter-sonic.com:389 create mask = 0774 directory mask = 0775 [homes] valid users = %S read only = No only user = Yes [netlogon] path = /usr/local/lib/samba/netlogon read only = No create mask = 0600 directory mask = 0700 guest ok = Yes browseable = No [Profiles] comment = Roaming profiles path = /usr/local/lib/samba/Profiles read only = No -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How to start fresh
If I would like to start fom scratch, what files need to be deleted? smb.conf everything in /usr/local/private/ anything else? Thanks, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
