Great - that was the reason. In case someone else encounters the same
problem - adding the following lines helped:
idmap backend = ldap
idmap alloc backend = ldap
idmap alloc config:ldap_base_dn = ou=idmaps,dc=lohrmann,dc=de
idmap alloc config:ldap_user_dn = cn=samba,dc=lohrmann,dc=de
idmap alloc config:ldap_url = ldap://ldap.lohrmann.de
Thx François!
Am 28.10.2009 17:23, schrieb François Legal:
You have to define an allocation backend for idmapping, so that winbindd
can allocate uids and gids for the users and groups that you want to
create.
On Wed, 28 Oct 2009 16:32:35 +0100, Christian Geiger
<c.gei...@lohrmann.de>
wrote:
Hi!
I'm currently setting up a Samba 3 PDC. So far I managed to setup Samba
with an OpenLDAP backend, but adding a user with the command "net rpc
user add mg password -U root" results in the following error:
Failed to add user 'mg' with: WERR_GENERAL_FAILURE.
In the logfile it says:
[2009/10/28 15:56:28, 0] passdb/pdb_ldap.c:ldapsam_create_user(5119)
ldapsam_create_user: Unable to allocate a new user id: bailing out!
Unfortunately I cannot find any other hint on what the reason could be.
Has someone an idea what I might have misconfigured?
Below's my smb.conf. The samba-user has granted the rights to manage the
whole domain-tree (olcAccess = {0}to dn.sub="dc=lohrmann,dc=de" by
dn="cn=samba,dc=lohrmann,dc=de" manage by * break).
Thx a lot in advance!
Chris
--------
smb.conf:
[global]
workgroup = LOHRMANN.DE
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
passdb backend = ldapsam
ldap admin dn = cn=samba,dc=lohrmann,dc=de
ldap suffix = dc=lohrmann,dc=de
ldap passwd sync = yes
ldap machine suffix = ou=machines
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmaps
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
ldapsam:trusted = yes
ldapsam:editposix = yes
logon drive = H:
logon script = logon.bat
logon path = \\%N\profiles\%U\%a
[homes]
comment = Users Home Directories
valid users = %S
writeable = yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
[profiles]
comment = Users profiles
path = /var/lib/samba/profiles
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
__________ Hinweis von ESET NOD32 Antivirus, Signaturdatenbank-Version 4553
(20091028) __________
E-Mail wurde gepr�ft mit ESET NOD32 Antivirus.
http://www.eset.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
