the HEAD code seems to have reverted to automagic machine account creation... I thought that was disabled - thus the addition of the add machine script parameter. I think I like the automagic add better but we can only have one...
if i put a valid script like this in smb.conf add machine script = /usr/sbin/smbldap-useradd.pl -w %u domain joining fails with this in the logs (level 3) api_rpcTNP: rpc command: SAMR_CREATE_USER [2002/08/01 16:49:21, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2002/08/01 16:49:21, 3] smbd/uid.c:push_conn_ctx(279) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2002/08/01 16:49:21, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[(&(uid=pedersen$)(objectclass=sambaAccount))] [2002/08/01 16:49:21, 3] smbd/sec_ctx.c:pop_sec_ctx(395) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2002/08/01 16:49:21, 3] rpc_server/srv_samr_nt.c:_api_samr_create_user(2292) _api_samr_create_user: Running the command `/usr/sbin/smbldap-useradd.pl -w pedersen$' gave 0 [2002/08/01 16:49:21, 3] rpc_server/srv_samr_nt.c:_api_samr_create_user(2304) attempting to create non-unix account pedersen$ [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:49:21, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[(&(uid=pedersen$)(objectclass=sambaAccount))] [2002/08/01 16:49:21, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1527) User already in the base, with samba properties [2002/08/01 16:49:21, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(2321) could not add user/computer pedersen$ to passdb. Check permissions? [2002/08/01 16:49:21, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(548) it looks like the logic has a problem... it calls the add script - gets a 0 (=success i think) but then it tries to add again then it finds that the user is already there but STILL tries to do the add and finally fails... with an invalid script like this add machine script = /usr/sbin/smbldap-usershow.pl %u i can join the domain here is the log for the successful join api_rpcTNP: rpc command: SAMR_CREATE_USER [2002/08/01 16:03:24, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2002/08/01 16:03:24, 3] smbd/uid.c:push_conn_ctx(279) push_conn_ctx(100) : conn_ctx_stack_ndx = 0 [2002/08/01 16:03:24, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[(&(uid=pedersen$)(objectclass=sambaAccount))] [2002/08/01 16:03:24, 3] smbd/sec_ctx.c:pop_sec_ctx(395) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2002/08/01 16:03:24, 3] rpc_server/srv_samr_nt.c:_api_samr_create_user(2292) _api_samr_create_user: Running the command `/usr/sbin/smbldap-usershow.pl pedersen$' gave 1 [2002/08/01 16:03:24, 3] rpc_server/srv_samr_nt.c:_api_samr_create_user(2304) attempting to create non-unix account pedersen$ [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[(&(uid=pedersen$)(objectclass=sambaAccount))] [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[uid=pedersen$] [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_add_sam_account(1558) Adding new user [2002/08/01 16:03:24, 2] passdb/pdb_ldap.c:init_ldap_from_sam(901) Setting entry for user: pedersen$ [2002/08/01 16:03:24, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:03:29, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:03:29, 3] passdb/pdb_ldap.c:search_top_nua_rid(1081) ldapsam_get_next_available_nua_rid: searching for:[(&(uid=*)(objectclass=sambaAccount))] [2002/08/01 16:03:29, 2] passdb/pdb_ldap.c:search_top_nua_rid(1100) search_top_nua_rid: 20 entries in the base! ...(removed user entries) [2002/08/01 16:03:30, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[rid=31002] [2002/08/01 16:03:30, 2] passdb/pdb_ldap.c:ldapsam_add_sam_account(1597) added: uid = pedersen$ in the LDAP database [2002/08/01 16:03:30, 3] passdb/pdb_ldap.c:ldapsam_open_connection(255) ldap_open_connection: connection opened [2002/08/01 16:03:30, 3] passdb/pdb_ldap.c:ldapsam_connect_system(398) ldap_connect_system: succesful connection to the LDAP server [2002/08/01 16:03:30, 3] passdb/pdb_ldap.c:ldapsam_search_one_user(410) ldapsam_search_one_user: searching for:[(&(uid=pedersen$)(objectclass=sambaAccount))] [2002/08/01 16:03:30, 3] passdb/pdb_ldap.c:init_sam_from_ldap(656) Entry found for user: pedersen$ that puts this dn: uid=pedersen$,dc=bitc,dc=unh,dc=edu objectClass: sambaAccount uid: pedersen$ rid: 31002 primaryGroupID: 513 pwdLastSet: 1028232210 displayName: PEDERSEN$ cn: PEDERSEN$ logonTime: 0 logoffTime: 0 kickoffTime: 0 pwdCanChange: 0 pwdMustChange: 1030046610 lmPassword: 744205497EBC66D8F73B5FA33D3BEC92 ntPassword: 6A666B809DDB872A0D3DC689EE0AF5A0 acctFlags: [W ] in the ldap server my script puts this dn: uid=pedersen$,ou=Computers,dc=bitc,dc=unh,dc=edu cn: pedersen$ uid: pedersen$ uidNumber: 2001 gidNumber: 553 homeDirectory: /dev/null loginShell: /bin/false description: Computer objectClass: top objectClass: posixAccount objectClass: sambaAccount pwdLastSet: 0 logonTime: 0 logoffTime: 2147483647 kickoffTime: 2147483647 pwdCanChange: 0 pwdMustChange: 2147483647 acctFlags: [W ] lmPassword: E6C22E3F158ACB1AE72C57EF50F76A05 ntPassword: 405508F135143FD1B331BC461DA9A7C6 rid: 5002 primaryGroupID: 0 in the ldap server