[Samba] Problem creating root ldap user in SLES9

2005-10-05 Thread Robert Prange 

Hello,

I am running Suse Linux Enterprise Server 9, and I am 
trying to get Samba to authenticate using LDAP.  I am 
using the YaST system tool to configure the LDAP server, 
LDAP client, and SAMBA.


The issue I am having is that after I configure the Samba 
server to use the LDAP backend it prompts me for a 
password creation for the root user.  This root user will 
be added to the LDAP directory, and I am assuming it will 
be the account I use to join machines to the domain. 
However, I get an error saying the root user cannot be 
created.  I checked the YaST error log, and this is what 
it comes up with...


2005-10-05 20:59:33 1 oasis(6451) [YCP] Service.ycp:324 
Enabling service nmb
2005-10-05 20:59:34 1 oasis(6451) [YCP] Service.ycp:324 
Enabling service smb
2005-10-05 20:59:34 1 oasis(6451) [YCP] 
SambaServer.ycp:2137 Found users: $[exit:0, stderr:, 
stdout:]
2005-10-05 20:59:44 1 oasis(6451) [YCP] 
SambaServer.ycp:2123 Running: cat 
/tmp/YaST2-06451-8OsHz8/inp | pdbedit -a -t -u root
2005-10-05 20:59:44 3 oasis(6451) [bash] 
ShellCommand.cc(shellcommand):73 Unable to add user! (does 
it already exist?)
2005-10-05 20:59:44 3 oasis(6451) [YCP] 
SambaServer.ycp:2127 Failed to execute pdbedit


So, it's failing to execute a pdbedit, because It thinks 
the root user already exists in the LDAP directory, 
however, I happen to know that he doesn't.


Has anyone ever ran into a similar issue with SLES 9, or 
have any ideas?  Any help is appreciated, thanks.


Robert
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Problem creating root ldap user in SLES9

2005-10-05 Thread Eric A. Hall 

On 10/5/2005 10:44 PM, Robert Prange wrote:

 So, it's failing to execute a pdbedit, because It thinks 
 the root user already exists in the LDAP directory, 
 however, I happen to know that he doesn't.

YAST usually prevents you from adding uid=0 accounts in order to avoid
collisions. But you seem to have gotten past that.

As to the exact error, SUSE's pam handling seems to pretty badly broken
wrt root. I'm still chasing down a handful of inter-related issues and
trying to corner the exact problem, but it seems that PAM requires a uid=0
account to exist locally for processing to function, and subsequently
ignores all other occurances during the auth processing (root in LDAP is
always ignored, in my case). I wouldn't be surprised if the same thing was
happening during creation.

-- 
Eric A. Hallhttp://www.ehsco.com/
Internet Core Protocols  http://www.oreilly.com/catalog/coreprot/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba