Hi i'm trying to add new samba users with an ldap backend
i can use smbpasswd to change current samba user passwords but if i try
to add a user it won't add the attributes to the ldap account.
i have run smbpasswd -w already
I noticed that when running smbpasswd and adding a user the search
filter is looking for a sambasamaccount but that attribute needs to be
CREATED by smbpasswd -a right?
Debian Etch
Samba 3.0.24-6etch4
TIA
Here's my smb.conf and my smbpasswd debug
smb.conf
####################################################
[global]
workgroup = PDC-TEST
netbios name = machine
server string = Samba %v
##### Domain Directives #####
os level = 65
preferred master = yes
domain master = yes
domain logons = yes
local master = yes
logon path = \\%L\profiles\%U
logon drive = H:
logon home = \\%L\%U
name resolve order = wins lmhosts host bcast
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins support = yes
#interfaces = eth1
##### Generic Directives #####
hide dot files = yes
security = user
max log size = 1000
log level = 999999999
syslog = 1666
username map = /etc/samba/smbusers
#passdb backend = tdbsam
##### LDAP Directives #####
passdb backend = ldapsam:"ldap://ldap-master.example.com";
ldap suffix = dc=example,dc=com
ldap admin dn = cn=admin,dc=example,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=People
ldap idmap suffix = ou=Idmap
idmap uid = 10000-20000
idmap gid = 10000-20000
#add user script = /usr/sbin/smbldap-useradd -a -m "%u"
#add machine script = /usr/sbin/smbldap-useradd -a -w "%u"
#add group script = /usr/sbin/smbldap-groupadd -a -p "%g"
#add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
#delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
#set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
#passwd program = /usr/sbin/smbldap-passwd -u %u
#passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new
password*" %n\n"
###### Comment Out to Disable PASSWD Sync #####
ldap passwd sync = yes
encrypt passwords = yes
[homes]
comment = Home Directories
browseable = no
writable = no
create mask = 0700
directory mask = 0700
valid users = %S
[netlogon]
path = /var/lib/samba/netlogon
guest ok = yes
browseable = No
[profiles]
comment = Network Profiles Service
path = %H
read only = no
store dos attributes = yes
create mask = 0700
directory mask = 0700
browseable = no
SMBPASSWD Debug:
# smbpasswd -a Admin -D 256
The LDAP server is succesfully connected
pdb backend ldapsam:"ldap://ldap-master.example.com"; has a valid init
New SMB password:
Retype new SMB password:
smbldap_search_ext: base => [dc=example,dc=com], filter =>
[(&(uid=Admin)(objectclass=sambaSamAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_getsampwnam: Unable to locate user [Admin] count=0
Failed to modify password entry for user Admin
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
