[Samba] smbldap-useradd when to use -i, -w, or -W
When configuring samba to use smbldap-tools to automatically add a machine to a domain, how do I know whether to use the -i, -w, or -W option to smbldap-useradd.? -iis a trust account (Windows Workstation) -wis a Windows Workstation (otherwise, Posix stuff only) -Wis a Windows Workstation, with Samba atributes (otherwise, Posix stuff only) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbldap-useradd fails encryption
Hi there, I config the smbldap-tools with MD5 option hash_encrypt=MD5 But when I add a user through Swat the LDAP password entry gets this value userPassword = {crypt}x Until I do reset the value to MD5 encryption value the user could logon sucessfully on the domain. If I add the user account with command line I get the same values on LDAP directory Thanks for your help German -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbldap-useradd/getent group problem
Hi, I'm walking through Samba-Guide, chapter making happy users on Debian lenny. It's hard to me, because I'm new to ldap. I add users with smbldap-useradd -m -a xyz, smbldap-passwd xyz, smbpasswd xyz and they run without error. getent passwd xyz:x:1008:513:System User:/data/users/xyz:/bin/bash id xyz uid=1008(xyz) gid=513(Domain Users) groups=513(Domain Users) Ok, so far, but: getent group ... Domain Users:*:513: ... According to the Guide, it should look like: Domain Users:*:513:xyz Why it doesn't, and how can I correct it? Thanks, in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
Le Wed, Apr 02, 2008 at 06:36:43PM +0200, Hector Blanco a ecrit: The thing is that the machine is properly created, but the Samba parts doesn't appear. Is like if smbldap-adduser worked only partially :S smbldap-useradd should not add any samba attributes. Samba itself will do the job when joigning the domain with a priviledge account. For that, you can have a look at http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/#htoc67 -- Jérôme Tournier GPG key ID (pgp.mit.edu): 75FE0A51 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
I finally solved it with the LAM tool that John Drescher said (http://lam.sourceforge.net/) but I don't feel very comfortable with that... I'd like to know why that tool works and the others don't :S Over all why the command line tools didn't do what I was expecting... I also tried to do what said in Jerome's link but it didn't work :( I'll keep trying, anyway... the tutorial http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/ seems really good) With the Lam tool I created the host account for the enano machine, and that was enough... 2008/4/7, Jerome Tournier [EMAIL PROTECTED]: Le Wed, Apr 02, 2008 at 06:36:43PM +0200, Hector Blanco a ecrit: The thing is that the machine is properly created, but the Samba parts doesn't appear. Is like if smbldap-adduser worked only partially :S smbldap-useradd should not add any samba attributes. Samba itself will do the job when joigning the domain with a priviledge account. For that, you can have a look at http://download.gna.org/smbldap-tools/docs/samba-ldap-howto/#htoc67 -- Jérôme Tournier GPG key ID (pgp.mit.edu): 75FE0A51 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
Shouldn't it? I mean...Taking a look to the output produced by smbldap-useradd -? it says -w is a windows machine account (otherwise, posix stuff only) or something similar... I don't have the exact output right now. As far as I understand, it should add all the Samba stuff needed for Windows. And I'm having the same (or similar) problems... http://lists.samba.org/archive/samba/2008-February/138442.html http://lists.samba.org/archive/samba/2008-February/138639.html http://lists-archives.org/samba/36168-samba-ldap-question.html http://lists.samba.org/archive/samba/2008-March/139288.html Well... at least I think they can be similar... Maybe I'm just really wrong and each time than someone is experiencing problems adding a Windows machine to an Ldap server, I keep saying Me too, me too!!... although they are actually different problems... I hope not... 2008/4/1, [EMAIL PROTECTED] [EMAIL PROTECTED]: Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
No? Then how do you say we must do? Because I also tried to do that from Windows, and it doesn't work... I mean... right click on my pc and add machine to domain... and still doesn't work :S Quoting myself form: http://lists.samba.org/archive/samba/2008-February/138639.html The linux server is the host called and the windows client is the host enano When I try to join the domain JOME from Windows, I am prompted for a user that has permission to create things in the domain. I fill the textboxes with root and the rootpass, and in the samba.log file of the server (if the debug level is 2 or higher), it appears: authentication for user [root] - [root] - [root] succeeded. After this, the machine (enano$) is properly created (if doesn't exist) in the Ldap schema (a new entry called enano$ appears in ou=Hosts,dc=jome) as shown in the diagram above.The thing is that everything seems to be fine until in the windows machine a error window dialog appears with a very ugly red signal, saying (username not found). I think it must be something wrong with the user root, because if I try a username that is really non-existent (john, for instance) or if I mistype the password, the message that appears in windows is different (in my computer appears in Spanish, but it's something like session starting error: username not found or wrong password)... I've tried to put a higher debug level in samba (smb.conf- debug level=3) and between several other messages, it appears: [2008/02/22 15:33:37, 3] passdb/pdb_interface.c:pdb_default_create_user(354) pdb_default_create_user: failed to create a new user structure: NT_STATUS_NO_SUCH_USER 2008/4/2, Christopher Perry [EMAIL PROTECTED]: the problem, as it turns out, is that you can't expect the command line to add the sambaSamAccount objectClass. the only way to get that added is by adding the windows machine to the domain, and samba will create that object class using the script. it must pass something magical to the script. don't ask me why, it seems counter intuitive. Hector Blanco wrote: Shouldn't it? I mean...Taking a look to the output produced by smbldap-useradd -? it says -w is a windows machine account (otherwise, posix stuff only) or something similar... I don't have the exact output right now. As far as I understand, it should add all the Samba stuff needed for Windows. And I'm having the same (or similar) problems... http://lists.samba.org/archive/samba/2008-February/138442.html http://lists.samba.org/archive/samba/2008-February/138639.html http://lists-archives.org/samba/36168-samba-ldap-question.html http://lists.samba.org/archive/samba/2008-March/139288.html Well... at least I think they can be similar... Maybe I'm just really wrong and each time than someone is experiencing problems adding a Windows machine to an Ldap server, I keep saying Me too, me too!!... although they are actually different problems... I hope not... 2008/4/1, [EMAIL PROTECTED] [EMAIL PROTECTED]: Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL
Re: RE [Samba] smbldap-useradd -w won't create machine account
On Wed, Apr 2, 2008 at 12:03 PM, Hector Blanco [EMAIL PROTECTED] wrote: No? Then how do you say we must do? Because I also tried to do that from Windows, and it doesn't work... I mean... right click on my pc and add machine to domain... and still doesn't work :S I had this in the past. At one point I think I fixed it but I found the easiest way around this (that always works) is to use LAM (or some other tool to create the required stuff in ldap directly). http://lam.sourceforge.net/ John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
samba uses nss_ldap for the check during the add - ie it uses smbldap to add and then uses nssldap to check the account was created. The problem arises if the nssldap isn't configured properly. if you do getent passwd on the samba host, does it work? do you see ldap users or only local (/etc/passwd)? /etc/ldap.conf or /etc/openldap/ldap.conf is the culprit On 02/04/2008, John Drescher [EMAIL PROTECTED] wrote: On Wed, Apr 2, 2008 at 12:03 PM, Hector Blanco [EMAIL PROTECTED] wrote: No? Then how do you say we must do? Because I also tried to do that from Windows, and it doesn't work... I mean... right click on my pc and add machine to domain... and still doesn't work :S I had this in the past. At one point I think I fixed it but I found the easiest way around this (that always works) is to use LAM (or some other tool to create the required stuff in ldap directly). http://lam.sourceforge.net/ John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
I see both. The thing is that the machine is properly created, but the Samba parts doesn't appear. Is like if smbldap-adduser worked only partially :S 2008/4/2, Quinn Fissler [EMAIL PROTECTED]: samba uses nss_ldap for the check during the add - ie it uses smbldap to add and then uses nssldap to check the account was created. The problem arises if the nssldap isn't configured properly. if you do getent passwd on the samba host, does it work? do you see ldap users or only local (/etc/passwd)? /etc/ldap.conf or /etc/openldap/ldap.conf is the culprit On 02/04/2008, John Drescher [EMAIL PROTECTED] wrote: On Wed, Apr 2, 2008 at 12:03 PM, Hector Blanco [EMAIL PROTECTED] wrote: No? Then how do you say we must do? Because I also tried to do that from Windows, and it doesn't work... I mean... right click on my pc and add machine to domain... and still doesn't work :S I had this in the past. At one point I think I fixed it but I found the easiest way around this (that always works) is to use LAM (or some other tool to create the required stuff in ldap directly). http://lam.sourceforge.net/ John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
Hector Blanco wrote: Shouldn't it? I mean...Taking a look to the output produced by smbldap-useradd -? it says -w is a windows machine account (otherwise, posix stuff only) or something similar... I don't have the exact output right now. As far as I understand, it should add all the Samba stuff needed for Windows. And I'm having the same (or similar) problems... http://lists.samba.org/archive/samba/2008-February/138442.html http://lists.samba.org/archive/samba/2008-February/138639.html http://lists-archives.org/samba/36168-samba-ldap-question.html http://lists.samba.org/archive/samba/2008-March/139288.html Well... at least I think they can be similar... Maybe I'm just really wrong and each time than someone is experiencing problems adding a Windows machine to an Ldap server, I keep saying Me too, me too!!... although they are actually different problems... I hope not... 2008/4/1, [EMAIL PROTECTED] [EMAIL PROTECTED]: Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba ou=people? Shouldn't that be in the Machines or Computers unit instead? I think it might have to be a machine account, no? Also, do you have a corresponding samba account to mate to the ldap entry? My LDAP-fu is weak as of late, please disregard this if I'm completely off base. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] smbldap-useradd -w won't create machine account
On Wed, Apr 2, 2008 at 12:22 PM, Quinn Fissler [EMAIL PROTECTED] wrote: samba uses nss_ldap for the check during the add - ie it uses smbldap to add and then uses nssldap to check the account was created. The problem arises if the nssldap isn't configured properly. if you do getent passwd on the samba host, does it work? do you see ldap users or only local (/etc/passwd)? This works and I do see both the users from /etc/passwd and ldap. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd -w won't create machine account
I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbldap-useradd -w won't create machine account
Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd will not add sambaSamAccount objectClass
I'm having an issue adding a sambaSamAccount objectClass to my machine accounts when running smbldap-useradd -w machine$ It doesn't create samba attributes, but will create the account. In the smbldaap-useradd code, sambaSamAccount is sambaSAMAccount, but I don't know if that's what's doing it. the samba.schema file has sambaSamAccount defined. Someone having the same issue reports the following bug. https://bugzilla.samba.org/show_bug.cgi?id=5100 Is anyone else having this issue? More info: rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd problem
Hi, which version of the smbldap-tools are you using ? Have you check your configuration files ? Have you include samba schema to slapd.conf definition ? Are you sure you don't have ACL access problem ? -- Jerome On 9/26/07, Frank Van Damme [EMAIL PROTECTED] wrote: Dear list, Arghl! (I'm sure you know the feeling). I'm still hooked on Samba by example, and trying to add users to my ldap tree. $ smbldap-useradd -m -a ldaptest2 Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 197 The documentation of the smbldap scripts mentions this sort of error (albeit with a different line number). Two possible problems are proposed: 1. the default group defined in smbldap.conf does not exist (the one with defaultUserGid 513) 2. the NT Domain Users group is not mapped to a unix group of rid 513 = I checked both. The group exists, it's called Domain Users, I can chgrp a file on the samba/ldap system to 513 and ls -l shows it's owned by Domain Users. = $ net groupmap list shows thet Domain Users is linked to a group called Domain Users (which makes sense). If I leave the option -a of smbldap-useradd, the command completes with no error but off course my new user isn't a Windows user then (pretty useless). So it's not an LDAP permissions issue since the object /is/ created. (Why can't this script be a bit more verbose?) -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd problem
On 9/26/07, Quinn Fissler [EMAIL PROTECTED] wrote: Does it work if you run it as root? I ran it as root, sorry for the confusing $ command prompt. -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd problem
Have you changed your SID? net getlocalsid Maybe you have a different SID in ldap to that configured in smbldap such that the group lookups fail. The differences between using the net command and using smbldap tools include; ## Bind credentials: With smbldap you bind directly to the ldap server using the credentials in the smbldap_bind.conf If you use the net command (and others) it uses nss_ldap (using either anonymous bind or the credentials in /etc/ldap.conf or /etc/openldap/ldap.conf) ## SID lookup The net command looks in ldap or tdb for the SID whereas with smbldap you can set the SID explicitly in smbldap.conf - ensure that it's correct. On 27/09/2007, Frank Van Damme [EMAIL PROTECTED] wrote: On 9/26/07, Quinn Fissler [EMAIL PROTECTED] wrote: Does it work if you run it as root? I ran it as root, sorry for the confusing $ command prompt. -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd problem
On 9/27/07, Jerome Tournier [EMAIL PROTECTED] wrote: Hi, which version of the smbldap-tools are you using ? 0.9.2 (Debian Etch) Have you check your configuration files ? Have you include samba schema to slapd.conf definition ? Off course. I can see the objectClasses in an LDAP browsers schema viewer, and smbldap-populate has had nog problems creating groups and copying the nobody and root users off my system to the LDAP tree. This may be an important detail. nobody has 514 as gidNumber, which is the gidNumber of the Domain Guests. Are you sure you don't have ACL access problem ? If it can create the object and stuff the posix-related attributes in them, you'd think it could do the Samba ones as well. However. I did discover some strangeities with my ldap configuration though. When starting the ldap server, this is printed in the logs (when I set the loglevel to 232): /etc/ldap/slapd.conf: line 123: warning: cannot assess the validity of the ACL scope within backend naming context Well, this is the result of the following acl settings in slapd.conf: access to * by dn=cn=admin,dc=sambadomein write by * read (the last line is line 123) or: access to attrs=userPassword,shadowLastChange by dn=cn=admin,dc=sambadomein write by anonymous auth by self write by * none The problem disappears if you explicitly mention which tree to apply the acl to: access to dn.subtree=dc=sambadomein by dn=cn=admin,dc=sambadomein write by * read respectively: access to dn.subtree=dc=sambadomein attrs=userPassword,shadowLastChange by dn=cn=admin,dc=sambadomein write by anonymous auth by self write by * none So, this wasn't necessarily an obvious problem, log level 232 means stats logs + connection management, I'd had expected to find these sort of warnings under level 128 - acl processing. So I'm posting enough googleable details for future reference :-) So, case closed, onto the next stumbling block. Thanks for your help! -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd problem
Dear list, Arghl! (I'm sure you know the feeling). I'm still hooked on Samba by example, and trying to add users to my ldap tree. $ smbldap-useradd -m -a ldaptest2 Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 197 The documentation of the smbldap scripts mentions this sort of error (albeit with a different line number). Two possible problems are proposed: 1. the default group defined in smbldap.conf does not exist (the one with defaultUserGid 513) 2. the NT Domain Users group is not mapped to a unix group of rid 513 = I checked both. The group exists, it's called Domain Users, I can chgrp a file on the samba/ldap system to 513 and ls -l shows it's owned by Domain Users. = $ net groupmap list shows thet Domain Users is linked to a group called Domain Users (which makes sense). If I leave the option -a of smbldap-useradd, the command completes with no error but off course my new user isn't a Windows user then (pretty useless). So it's not an LDAP permissions issue since the object /is/ created. (Why can't this script be a bit more verbose?) -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd problem
Does it work if you run it as root? On 26/09/2007, Frank Van Damme [EMAIL PROTECTED] wrote: Dear list, Arghl! (I'm sure you know the feeling). I'm still hooked on Samba by example, and trying to add users to my ldap tree. $ smbldap-useradd -m -a ldaptest2 Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 197 The documentation of the smbldap scripts mentions this sort of error (albeit with a different line number). Two possible problems are proposed: 1. the default group defined in smbldap.conf does not exist (the one with defaultUserGid 513) 2. the NT Domain Users group is not mapped to a unix group of rid 513 = I checked both. The group exists, it's called Domain Users, I can chgrp a file on the samba/ldap system to 513 and ls -l shows it's owned by Domain Users. = $ net groupmap list shows thet Domain Users is linked to a group called Domain Users (which makes sense). If I leave the option -a of smbldap-useradd, the command completes with no error but off course my new user isn't a Windows user then (pretty useless). So it's not an LDAP permissions issue since the object /is/ created. (Why can't this script be a bit more verbose?) -- Frank Van Damme A: Because it destroys the flow of the conversation Q: Why is it bad? A: No, it's bad. Q: Should I top post in replies to mails or on usenet? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd not creating machine accounts in correct fashion
On Fri, April 13, 2007 23:48, Edmundo Valle Neto wrote: Your script appears to be working right, smbldap-useradd -w machinename$ should only create an account with posix attributes, the sambaSAMAccount class and attributes will be added by samba when the client is joined into the domain. You can see that in the IDEALX smbldap-tools user manual. Thanks Edmundo and apologies for not having consulted the fine manual more closely - I should know better. In the end testing revealed that the tools were putting the machine accounts under 'ou=computers,${suffix}' (as I wanted) but samba seemed to be looking for them under 'ou=users,${suffix}', because if I reconfigured the tools to put the accounts there then everything worked as expected. This is odd as I have 'machine suffix = ou=computers' in smb.conf now, having now put things back as they were, everything's working! Therefore I can only conclude that the issue was due to some typo that I've now unwittingly corrected - odd, as I was logging samba at up to 4 saw nothing suggestive. Best, -- Ben Tisdall -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd not creating machine accounts in correct fashion
On Fri, April 13, 2007 23:48, Edmundo Valle Neto wrote: Your script appears to be working right, smbldap-useradd -w machinename$ should only create an account with posix attributes, the sambaSAMAccount class and attributes will be added by samba when the client is joined into the domain. You can see that in the IDEALX smbldap-tools user manual. Thanks Edmundo and apologies for not having consulted the fine manual more closely - I should know better. In the end testing revealed that the tools were putting the machine accounts under 'ou=computers,${suffix}' (as I wanted) but samba seemed to be looking for them under 'ou=users,${suffix}', because if I reconfigured the tools to put the accounts there then everything worked as expected. This is odd as I have 'machine suffix = ou=computers' in smb.conf now, having now put things back as they were, everything's working! Therefore I can only conclude that the issue was due to some typo that I've now unwittingly corrected - odd, as I was logging samba at up to 4 saw nothing suggestive. Best, -- Ben Tisdall -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd not creating machine accounts in correct fashion
Hi, I have OpenLDAP working here generally without problems for a variety of applications including the management of Samba. Functioning user accounts can be created via 'smbldap-useradd' with the proper samba attributes being added in LDAP, however... Something odd is happening when I (or samba) tries to create a machine account with 'smbldap-useradd -w test1$' - an entry is created that looks like this: dn: uid=test1$,ou=computers,dc=redcircle objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount cn: test1$ sn: test1$ uid: test1$ uidNumber: 1041 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Needless to the computer is not able to join the domain... Whereas a working entry migrated from tdbsam looks like this: dn: uid=sonny$,ou=computers,dc=redcircle uid: sonny$ sambaSID: S-1-5-21-1595696850-3378076689-3030227139-3008 sambaPrimaryGroupSID: S-1-5-21-1595696850-3378076689-3030227139-1201 objectClass: sambaSamAccount objectClass: account displayName: SONNY$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1175234556 sambaPwdLastSet: 1175234556 Feel as what's happening is so wrong that it must be some silliness on my part but for the life of me can't figure out what any help would be much appreciated. BTW this is occurring with version 0.9.2a of the tools downloaded from SF also the .deb for my Ubuntu server -- Ben Tisdall -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd not creating machine accounts in correct fashion
Hi, I have OpenLDAP working here generally without problems for a variety of applications including the management of Samba. Functioning user accounts can be created via 'smbldap-useradd' with the proper samba attributes being added in LDAP, however... Something odd is happening when I (or samba) tries to create a machine account with 'smbldap-useradd -w test1$' - an entry is created that looks like this: dn: uid=test1$,ou=computers,dc=redcircle objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount cn: test1$ sn: test1$ uid: test1$ uidNumber: 1041 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Needless to the computer is not able to join the domain... Whereas a working entry migrated from tdbsam looks like this: dn: uid=sonny$,ou=computers,dc=redcircle uid: sonny$ sambaSID: S-1-5-21-1595696850-3378076689-3030227139-3008 sambaPrimaryGroupSID: S-1-5-21-1595696850-3378076689-3030227139-1201 objectClass: sambaSamAccount objectClass: account displayName: SONNY$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1175234556 sambaPwdLastSet: 1175234556 Feel as what's happening is so wrong that it must be some silliness on my part but for the life of me can't figure out what any help would be much appreciated. BTW this is occurring with version 0.9.2a of the tools downloaded from SF also the .deb for my Ubuntu server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd not creating machine accounts in correct fashion
Ben Tisdall escreveu: Hi, I have OpenLDAP working here generally without problems for a variety of applications including the management of Samba. Functioning user accounts can be created via 'smbldap-useradd' with the proper samba attributes being added in LDAP, however... Something odd is happening when I (or samba) tries to create a machine account with 'smbldap-useradd -w test1$' - an entry is created that looks like this: dn: uid=test1$,ou=computers,dc=redcircle objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount cn: test1$ sn: test1$ uid: test1$ uidNumber: 1041 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Needless to the computer is not able to join the domain... Whereas a working entry migrated from tdbsam looks like this: dn: uid=sonny$,ou=computers,dc=redcircle uid: sonny$ sambaSID: S-1-5-21-1595696850-3378076689-3030227139-3008 sambaPrimaryGroupSID: S-1-5-21-1595696850-3378076689-3030227139-1201 objectClass: sambaSamAccount objectClass: account displayName: SONNY$ sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1175234556 sambaPwdLastSet: 1175234556 Feel as what's happening is so wrong that it must be some silliness on my part but for the life of me can't figure out what any help would be much appreciated. BTW this is occurring with version 0.9.2a of the tools downloaded from SF also the .deb for my Ubuntu server. Your script appears to be working right, smbldap-useradd -w machinename$ should only create an account with posix attributes, the sambaSAMAccount class and attributes will be added by samba when the client is joined into the domain. You can see that in the IDEALX smbldap-tools user manual. Regards. Edmundo Valle Neto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd says Error: modifications require authentication at /usr/lib/perl5/5.8.8/smbldap_tools.pm line 1056.
Hi Eric, This line here looks like the interesting bit to me. Mar 6 13:59:38 macallan slapd[4731]: conn=50 op=3 RESULT tag=103 err=8 text=modifications require authentication It looks like the useradd script is doing an anonymous bind, which is interesting since you mentioned that you used the populate script which should be using the same bind settings. have you reset any passwords? changed any acls? I would double check the bind DN and password in the smbldap-tools config. Regards, Michael Heydon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd says Error: modifications require authentication at /usr/lib/perl5/5.8.8/smbldap_tools.pm line 1056.
Moreless, it isn't trying to do it anonymously but as you said probably is a problem with credentials: Mar 6 13:59:38 macallan slapd[4731]: conn=50 op=0 BIND dn=cn=Manager,dc=MY DOMAIN,dc=com method=128 Binding as the manager but with a strange MY DOMAIN in the DN (that is repeated in the searches). Mar 6 13:59:38 macallan slapd[4731]: conn=50 op=0 RESULT tag=97 err=49 text= Then failing with an error 49, bad credentials (dn or password). Have you configured correctly your smbldap_bind.conf or forgotten to configure some option related to the base dn in smbldap.conf? Regards. Edmundo Valle Neto Michael Heydon escreveu: Hi Eric, This line here looks like the interesting bit to me. Mar 6 13:59:38 macallan slapd[4731]: conn=50 op=3 RESULT tag=103 err=8 text=modifications require authentication It looks like the useradd script is doing an anonymous bind, which is interesting since you mentioned that you used the populate script which should be using the same bind settings. have you reset any passwords? changed any acls? I would double check the bind DN and password in the smbldap-tools config. Regards, Michael Heydon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd says Error: modifications require authentication at /usr/lib/perl5/5.8.8/smbldap_tools.pm line 1056.
Quoting Michael Heydon [EMAIL PROTECTED]: Hi Eric, This line here looks like the interesting bit to me. Mar 6 13:59:38 macallan slapd[4731]: conn=50 op=3 RESULT tag=103 err=8 text=modifications require authentication It looks like the useradd script is doing an anonymous bind, which is interesting since you mentioned that you used the populate script which should be using the same bind settings. have you reset any passwords? changed any acls? I would double check the bind DN and password in the smbldap-tools config. I found that I had the smbldab_bind.conf passwords set to use hashes instead of the plaintext password. After I changed that I am able to add new accounts, although hashed passwords in here would be useful :). I also found that these scripts (even the latest 0.9.2 ones) are incapable of using the new sambaDomain object, so I had to set it to use the previous uidNumber object instead. I should probably see if I can update openSuSE's wiki for 10.2... Thanks, Eric This message was sent using IMP, the Internet Messaging Program. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd question
Hi Jason, If you are using ldap as your samba backend you do not need to add unix users, as it can be resolved through pam; This is done through the nsswitch.conf file, you might have something like: passwd: files ldap shadow: files ldap group: files ldap Which means users are looked up through /etc/passwd, then it will check LDAP. You can veryify that this is working correctly by trying a few thing.. root getent passwd root getent group This will show you that users in the ldap database are been resolved through pam.. Finally you could try root id username As everything is resolved through pam, treat LDAP users like normal users ( I dought you have given them shell access) so you can just configure your mail server as per usual, and use the LDAP users. This is a Samba List, so you may need to try another list or read the docs in regards to setting up your mail server and imap client. If you are wanting to have users mail box in their home folder you may need to use procmail for this. Cheers, Adrian Sender. - Original Message - From: Jason Baker [EMAIL PROTECTED] To: samba List samba@lists.samba.org Sent: Thursday, January 18, 2007 1:14 AM Subject: [Samba] smbldap-useradd question I have Samba 3 setup to work with LDAP and I am using the IdealX tools to create new users. If I issue the command /./smbldap-useradd -m -a -c User Name username/, then my new user is added, but I do not see the user in //etc/passwd/ and there is no entry in //var/mail/. Do I need to create a Unix account for this user also? They already have a /home directory. If I want a mail box for the user, could I just create one manually? -- *Jason Baker */IT Coordinator/ *Glastender Inc.* 5400 North Michigan Road Saginaw, Michigan 48604 USA 800.748.0423 Phone: 989.752.4275 ext. 228 Fax: 989.752. www.glastender.com http://www.glastender.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd question
I have Samba 3 setup to work with LDAP and I am using the IdealX tools to create new users. If I issue the command /./smbldap-useradd -m -a -c User Name username/, then my new user is added, but I do not see the user in //etc/passwd/ and there is no entry in //var/mail/. Do I need to create a Unix account for this user also? They already have a /home directory. If I want a mail box for the user, could I just create one manually? -- *Jason Baker */IT Coordinator/ *Glastender Inc.* 5400 North Michigan Road Saginaw, Michigan 48604 USA 800.748.0423 Phone: 989.752.4275 ext. 228 Fax: 989.752. www.glastender.com http://www.glastender.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbldap-useradd question
IdealX tools is for manage users in ldap tree, not in passwd. Normally , the data of users in LDAP contain necessary attribute for unix account. You can use pam_ldap nss_ldap pour unix auth from LDAP. For mail box, you must create one manually or modify the smbldap-useradd script ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Jason Baker [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 17/01/2007 15:14 A samba List samba@lists.samba.org cc Objet [Samba] smbldap-useradd question I have Samba 3 setup to work with LDAP and I am using the IdealX tools to create new users. If I issue the command /./smbldap-useradd -m -a -c User Name username/, then my new user is added, but I do not see the user in //etc/passwd/ and there is no entry in //var/mail/. Do I need to create a Unix account for this user also? They already have a /home directory. If I want a mail box for the user, could I just create one manually? -- *Jason Baker */IT Coordinator/ *Glastender Inc.* 5400 North Michigan Road Saginaw, Michigan 48604 USA 800.748.0423 Phone: 989.752.4275 ext. 228 Fax: 989.752. www.glastender.com http://www.glastender.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd join domain
Hi, I use samba 3.0.20, and i use the smbldap-tool 0.9.2. I've got a problem to add a workstation to the domain using the following script add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -c 'Machine Account' -s /bin/false '%u' The machine is included into the ldap hosts tree but it misses the sambaSamAccount class ... so the machine is not joined to the domain, i've got an error user unknown given by the windows workstation. When i read the perl script smbldap-useradd it seems that the w option is not computed correctly... Have you got a patch or a solution ? thanks a lot! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd
Hi all I am using samba3 + openldap , on RHEL , smbldap-scripts to add users etc.. The default OU's created by smbldap-tools, are People, Computers, Groups, IDMAP, i have created another OU called DC , when we add a user with smbldap-useradd -a -m username it adds the user in OU=People, is it possible , that when i add user through smbldap-useradd , i can specify the OU and add user in my OU. ie i need some user to be added in OU=people, some users in Other OU 's created by me.. Regards Niranjan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Scott Mayo schrieb: Scott Mayo wrote: Tomasz Chmielewski wrote: Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. Well, looks like I might see the problem. After checking the man pages for smbpasswd, it does not look like the passwword can be added to the command line anymore, unless I am missing something. On my other samba server (the one I am getting ready to replace), I could do the following: smbpasswd username passwd I don't see where I can do that anymore in Samba-3. Am I overlooking something? but if you're using LDAP exclusively, shouldn't you use smbldap-useradd and smbldap-passwd for adding users and changing passwords? -- Tomek WPKG - automated software deployment http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
tor, 07.07.2005 kl. 03.12 skrev [EMAIL PROTECTED]: [...] The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. How about building smbpasswd into your script? smbpasswd modifies both the Unix and Windows passwords at the same time. Two possible shell solutions, one from Nick Soracco and one from an answer to Wim Bakke (which I don't have), both from this list June last (copy 'n paste): printf password\npassword\n | smbpasswd -a -s username echo -n -e $PASS1\n$PASS2 | smbpasswd -as $USERNAME Just read the passwords from your list of details for each pupil. That is actually what my old script did. I just found the '-s' after I posted this message. I do have a question about this though. Since Samba is using ldap, is it alright to use smbpasswd? Do I not have to use smbldap-passwd? Do they modify the same file? smbpasswd is a binary that works fine with LDAP and changes both Unix (in LDAP the userPassword attribute) and Windows passwords - I use it myself in shell scripts. smbldap-passwd is a script without the same functionality. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Le Thu, Jul 07, 2005 at 08:48:19AM +0200, Tony Earnshaw a ecrit: smbpasswd is a binary that works fine with LDAP and changes both Unix (in LDAP the userPassword attribute) and Windows passwords - I use it myself in shell scripts. smbldap-passwd is a script without the same functionality. both smbpasswd and smbldap-passwd can be used. Smbldap-passwd can change both unix password and Win32 passwords. You can use for example echo -e 'password\npassword' | smbldap-passwd user -- Jerome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd
I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. -- Tomek WPKG - automated software installation with Samba http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Tomasz Chmielewski wrote: Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
Scott Mayo wrote: Tomasz Chmielewski wrote: Scott Mayo schrieb: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. Did you see LAM - LDAP Account Manager - http://lam.sf.net ? It's pretty good for managing the domain users, machines, groups etc. You can really fine tune everything there (password expiration, paths, etc.). Give it a try, it's a nice tool. Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. Well, looks like I might see the problem. After checking the man pages for smbpasswd, it does not look like the passwword can be added to the command line anymore, unless I am missing something. On my other samba server (the one I am getting ready to replace), I could do the following: smbpasswd username passwd I don't see where I can do that anymore in Samba-3. Am I overlooking something? -- Scott Mayo Technology Coordinator Bloomfield Schools PH: 573-568-5669 FA: 573-568-4565 Pager: 800-264-2535 X2549 Duct tape is like the force, it has a light side and a dark side and it holds the universe together. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
On Wed, Jul 06, 2005 at 03:54:50PM -0500, Scott Mayo wrote: Scott Mayo wrote: snip/ Looks like I would still need something for my script to access to do my batch add. I really would rather stay away from any kind of GUI if I could. Thanks. Well, looks like I might see the problem. After checking the man pages for smbpasswd, it does not look like the passwword can be added to the command line anymore, unless I am missing something. On my other samba server (the one I am getting ready to replace), I could do the following: smbpasswd username passwd I don't see where I can do that anymore in Samba-3. Am I overlooking something? ye -s and last week postings on this mailing list GSt signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
ons, 06.07.2005 kl. 22.02 skrev Scott Mayo: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. How about building smbpasswd into your script? smbpasswd modifies both the Unix and Windows passwords at the same time. Two possible shell solutions, one from Nick Soracco and one from an answer to Wim Bakke (which I don't have), both from this list June last (copy 'n paste): printf password\npassword\n | smbpasswd -a -s username echo -n -e $PASS1\n$PASS2 | smbpasswd -as $USERNAME Just read the passwords from your list of details for each pupil. Thanks for any help. I really do not want to have to enter all of these passwords by hand, and I also do not want them making their own. It's just that I'm in exactly the same situation as you, with a high school of 750+ pupils, teachers, staff, etc. and everyone in different groups. Best, --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd
ons, 06.07.2005 kl. 22.02 skrev Scott Mayo: I have my new servers up and going with Samba and LDAP on them. Now I have to add my users. Here is my problem. I have written a perl script that reads a file and adds users to different groups depending on what grade they are in and it also generates a random password, that it exports to a master list. The old script would add the user to unix and then to samba, along with the password of each user. This made it easy for me to have our student records program to export all of their information and then run it through my perl script. Now that I have switched over to Samba/ldap, I see no option to add the passwd in the command line. It always prompts for the passwd. Does anyone have a way that I can add the user and passwd? The '-P' option in smbldap-useradd does not take a password in-line, but rather asks for it to be typed in. The unix 'passwd' was the same way, but it had a switch '--stdin' so that I could pipe the passwd into it and the smbpasswd actually let you put the password in-line. How about building smbpasswd into your script? smbpasswd modifies both the Unix and Windows passwords at the same time. Two possible shell solutions, one from Nick Soracco and one from an answer to Wim Bakke (which I don't have), both from this list June last (copy 'n paste): printf password\npassword\n | smbpasswd -a -s username echo -n -e $PASS1\n$PASS2 | smbpasswd -as $USERNAME Just read the passwords from your list of details for each pupil. That is actually what my old script did. I just found the '-s' after I posted this message. I do have a question about this though. Since Samba is using ldap, is it alright to use smbpasswd? Do I not have to use smbldap-passwd? Do they modify the same file? Thanks. Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd -w problem
I'm in the process of learning Samba and evaluating it as a possible replacement for Windows NT servers in our office next year. I have set up a small test network comprised of one NT 4 (SP6a) Workstation, one Windows 2000 Pro (SP3) and one Fedora Core 3 running samba 3.0.11 as a PDC. I'm using LDAP as the passdb backend with smbldap-tools 0.8.7-1. The Windows 2000 Pro machine can join the domain on the fly without any problems, but the NT 4 box gives me an error when I try to join on the fly: The machine account for this computer either does not exist or is inaccessible. In the samba log I can see: [2005/03/09 13:15:26, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1479) ldapsam_modify_entry: Failed to modify user dn= uid=nt4box$,ou=People,dc=econo mists-inc,dc=com with: No such attribute modify/delete: sambaPrimaryGroupSID: no such value [2005/03/09 13:15:26, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1694) ldapsam_update_sam_account: failed to modify user with uid = nt4box$, error: m odify/delete: sambaPrimaryGroupSID: no such value (Success) In the smb.conf file I have: add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%m' When I run ./smbldap-useradd -w 'test' by hand it creates an entry without objectClass: sambaSamAccount: # test$, People, economists-inc.com dn: uid=test$,ou=People,dc=economists-inc,dc=com objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1017 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer I don't know why smbldap-useradd -w doesn't add sambaSamAccount objectClass and don't understand how the Windows 2000 Pro can join the domain on the fly without it. It drives me crazy. I obviously have something misconfigured here. HELP! :-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd -w problem
On Friday 11 March 2005 07:42, Czechowski, Robert wrote: I'm in the process of learning Samba and evaluating it as a possible replacement for Windows NT servers in our office next year. I have set up a small test network comprised of one NT 4 (SP6a) Workstation, one Windows 2000 Pro (SP3) and one Fedora Core 3 running samba 3.0.11 as a PDC. I'm using LDAP as the passdb backend with smbldap-tools 0.8.7-1. The Windows 2000 Pro machine can join the domain on the fly without any problems, but the NT 4 box gives me an error when I try to join on the fly: The machine account for this computer either does not exist or is inaccessible. In the samba log I can see: [2005/03/09 13:15:26, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1479) ldapsam_modify_entry: Failed to modify user dn= uid=nt4box$,ou=People,dc=econo mists-inc,dc=com with: No such attribute modify/delete: sambaPrimaryGroupSID: no such value [2005/03/09 13:15:26, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1694) ldapsam_update_sam_account: failed to modify user with uid = nt4box$, error: m odify/delete: sambaPrimaryGroupSID: no such value (Success) In the smb.conf file I have: add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%m' Change that to: add machine script = /opt/IDEALX/sbin/smbldap-useradd -w %u - John T. When I run ./smbldap-useradd -w 'test' by hand it creates an entry without objectClass: sambaSamAccount: # test$, People, economists-inc.com dn: uid=test$,ou=People,dc=economists-inc,dc=com objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1017 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer I don't know why smbldap-useradd -w doesn't add sambaSamAccount objectClass and don't understand how the Windows 2000 Pro can join the domain on the fly without it. It drives me crazy. I obviously have something misconfigured here. HELP! :-) -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd -w problem
In the smb.conf file I have: add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%m' Change that to: add machine script = /opt/IDEALX/sbin/smbldap-useradd -w %u - John T. Unfortunately neither works. I followed your instructions in Samba-3 by Example and originally I had '%u', but that didn't work. I searched the samba list's archive and found some posts that suggested changing the '%u' to '%m', but that didn't help. Well, I'm back to %u now. The problem still persists. Robert C. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-useradd error looking for next uid
wooops, in INSTALL readme for smbldap-tools .8.5 I forgot to import an add.ldif that says dn: cn=NextFreeUnixId,dc=INTRANET objectClass: inetOrgPerson objectClass: sambaUnixIdPool uidNumber: 500 gidNumber: 100 cn: NextFreeUnixId sn: NextFreeUnixId works now:) --- John H. [EMAIL PROTECTED] wrote: /usr/local/sbin/smbldap-useradd -w computername Error looking for next uid at /usr/local/sbin///smbldap_tools.pm line 879, DATA line 283. I cannot add machines to the samba pdc because of this... everything else with samba/ldap seems to work, I have the feeling it is related to this # Where are stored Idmap entries (used if samba is a domain member server) # Ex groupsdn=ou=Idmap,dc=IDEALX,dc=ORG idmapdn=ou=Idmap,${suffix} # Where to store next uidNumber and gidNumber available sambaUnixIdPooldn=cn=NextFreeUnixId,${suffix} I don't think either that ou or cn exist in my ldap database, how do i get them in there? If I comment out the sambaunixidpooldn, i get /usr/local/sbin/smbldap-useradd -w foo Could not find base dn, to get next uidNumber at /usr/local/sbin///smbldap_tools.pm line 881, DATA line 283. any help is appreciated. __ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Do you Yahoo!? All your favorites on one personal page Try My Yahoo! http://my.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd error looking for next uid
/usr/local/sbin/smbldap-useradd -w computername Error looking for next uid at /usr/local/sbin///smbldap_tools.pm line 879, DATA line 283. I cannot add machines to the samba pdc because of this... everything else with samba/ldap seems to work, I have the feeling it is related to this # Where are stored Idmap entries (used if samba is a domain member server) # Ex groupsdn=ou=Idmap,dc=IDEALX,dc=ORG idmapdn=ou=Idmap,${suffix} # Where to store next uidNumber and gidNumber available sambaUnixIdPooldn=cn=NextFreeUnixId,${suffix} I don't think either that ou or cn exist in my ldap database, how do i get them in there? If I comment out the sambaunixidpooldn, i get /usr/local/sbin/smbldap-useradd -w foo Could not find base dn, to get next uidNumber at /usr/local/sbin///smbldap_tools.pm line 881, DATA line 283. any help is appreciated. __ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd hangs in RH9
samba 3.0.2 smbldap-tools 0.8.4 RH 9 nss_ldap configured pam_ldap NOT configured LDAP passwd backend Hi, i've instaled samba 3.0.2 with smbldap-tools 0.8.4 twice in two different RH9. I got it runs in the first but not in the second with the same configuration (i think) The problen is (i got the same problem the first time but i don't remember how i fixed it) that when i try to create a new posix/samba account (with smbldap-useradd -a juan, for example) it runs until it create the posix account. Then it hangs. What could be happen? Thanks in advance! Carlos slapd[3195]: daemon: conn=271 fd=12 connection from IP=127.0.0.1:33598 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=271 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=271 op=0 RESULT tag=97 err=0 text= slapd[3195]: conn=271 op=1 SRCH base=o=senado.es scope=2 filter=((objectClass=posixAccount)(uidNumber=1000)) slapd[3195]: conn=271 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: daemon: conn=272 fd=17 connection from IP=127.0.0.1:33599 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=272 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=272 op=0 RESULT tag=97 err=0 text= slapd[3195]: conn=272 op=1 SRCH base=o=senado.es scope=2 filter=((objectClass=posixAccount)(uid=juan)) slapd[3195]: conn=272 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=272 op=2 UNBIND slapd[3195]: conn=-1 fd=17 closed slapd[3195]: daemon: conn=273 fd=17 connection from IP=127.0.0.1:33600 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=273 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=273 op=0 RESULT tag=97 err=0 text= slapd[3195]: conn=273 op=1 SRCH base=ou=Groups,o=senado.es scope=2 filter=((objectClass=posixGroup)(gidNumber=513)) slapd[3195]: conn=273 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=-1 fd=17 closed slapd[3195]: daemon: conn=274 fd=17 connection from IP=127.0.0.1:33601 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=274 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=274 op=0 RESULT tag=97 err=0 text= slapd[3195]: deferring operation slapd[3195]: conn=274 op=1 SRCH base=ou=People,o=senado.es scope=2 filter=(sambaSID=S-1-5-21-2056510298-3027076148-852687323-3000) slapd[3195]: conn=274 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=274 op=2 UNBIND slapd[3195]: conn=-1 fd=17 closed slapd[3195]: daemon: conn=275 fd=19 connection from IP=127.0.0.1:33602 (IP=0.0.0.0:389) accepted. slapd[3195]: connection_read(17): no connection! slapd[3195]: conn=275 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=275 op=0 RESULT tag=97 err=0 text= slapd[3195]: deferring operation slapd[3195]: conn=275 op=1 ADD dn=UID=JUAN,OU=PEOPLE,O=SENADO.ES slapd[3195]: conn=275 op=1 RESULT tag=105 err=0 text= slapd[3195]: daemon: conn=276 fd=17 connection from IP=127.0.0.1:33603 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=276 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=276 op=0 RESULT tag=97 err=0 text= slapd[3195]: conn=276 op=1 SRCH base=ou=Groups,o=senado.es scope=2 filter=((objectClass=posixGroup)(|(cn=513)(gidNumber=513))) slapd[3195]: conn=276 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=276 op=2 UNBIND slapd[3195]: conn=-1 fd=17 closed slapd[3195]: daemon: conn=277 fd=17 connection from IP=127.0.0.1:33604 (IP=0.0.0.0:389) accepted. slapd[3195]: conn=277 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=277 op=0 RESULT tag=97 err=0 text= slapd[3195]: deferring operation slapd[3195]: conn=277 op=1 SRCH base=ou=Groups,o=senado.es scope=2 filter=((objectClass=posixGroup)(|(cn=513)(gidNumber=513))) slapd[3195]: conn=277 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=277 op=2 UNBIND slapd[3195]: conn=-1 fd=17 closed slapd[3195]: daemon: conn=278 fd=21 connection from IP=127.0.0.1:33605 (IP=0.0.0.0:389) accepted. slapd[3195]: connection_read(17): no connection! slapd[3195]: conn=278 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=278 op=0 RESULT tag=97 err=0 text= slapd[3195]: deferring operation slapd[3195]: conn=278 op=1 SRCH base=cn=usuarios,ou=Groups,o=senado.es scope=0 filter=((memberUid=juan)) slapd[3195]: conn=278 op=1 SEARCH RESULT tag=101 err=0 text= slapd[3195]: conn=278 op=2 UNBIND slapd[3195]: conn=-1 fd=21 closed slapd[3195]: daemon: conn=279 fd=17 connection from IP=127.0.0.1:33606 (IP=0.0.0.0:389) accepted. slapd[3195]: connection_read(21): no connection! slapd[3195]: conn=279 op=0 BIND dn=CN=MANAGER,O=SENADO.ES method=128 slapd[3195]: conn=279 op=0 RESULT tag=97 err=0 text= slapd[3195]: deferring operation slapd[3195]: conn=279 op=1 MOD dn=cn=usuarios,ou=Groups,o=senado.es slapd[3195]: conn=279 op=1 RESULT tag=103 err=0 text= slapd[3195]: conn=279 op=2 UNBIND slapd[3195]: conn=-1 fd=17 closed [EMAIL PROTECTED] smbldap-tools]# grep -v ^# smbldap_bind.conf