Re: [Samba] [SAMBA] Problem connecting Computer to network

[Gaiseric Vandal]

I am fairly certain that the underlying OS will need to see the samba 
account with the "getent" command.   We use ldap for unix level 
authentication anyway so I am not 100% sure this is true.

Check  /etc/nsswitch.conf

passwd:     files ldap
shadow:     files ldap
group:      files ldap


Also check /etc/ldap.conf and /etc/openldap/ldap.conf (assuming you are 
on linux and not solaris.)





On 07/30/2010 03:09 PM, Clark Johnston wrote:
I reexamined the slapcat output and it did create iet013c$ account in 
LDAP, but getent passwd isn't showing it.

When I look at a previous installation of a Samba LDAP PDC  I do not 
see the accounts in /etc/passwd , but I do see them when I put in 
getent passwd.

dn: uid=iet013c$,ou=Computers,dc=internaltest
objectClass: top
objectClass: account
objectClass: posixAccount
cn: iet013c$
uid: iet013c$
uidNumber: 1001
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: account
entryUUID: e73c4f2e-2ee7-102f-8017-31ff3607ac6d
creatorsName: cn=Manager,dc=internaltest
createTimestamp: 20100728230213Z
entryCSN: 20100728230213Z#000001#00#000000
modifiersName: cn=Manager,dc=internaltest
modifyTimestamp: 20100728230213Z

So I am not quite sure what is going on here.


On Thu, Jul 29, 2010 at 4:44 PM, Gaiseric Vandal 
<gaiseric.van...@gmail.com <mailto:gaiseric.van...@gmail.com>> wrote:

    When you try to join a computer to the network, you mean you are
    trying to join a Windows PC (e.g. XP Pro) to the domain?  Or you
    are trying to join the PDC machine to the domain?


    I would guess you need to manually create the PDC's unix account,
    even if samba is going to create the other unix accounts for you.
     (I don't have samba do this myself.)  Does "getent passwd" show
    the accounts for your PDC and other computers?   If you manually
    create the unix account for  a computer, is it able to join the
    domain?





    On 07/29/2010 11:10 AM, Clark Johnston wrote:

        I am trying to attempt to set up a samba ldap PDC server.

        When I try and connect a computer to the network I get error
        'Username could
        not be found'

        I have included smbldap.conf ##smbldap.conf
        slapd.conf ##slapd.conf
        the smb.conf   ##smb.conf
        the results of slapcat ##slapcat
        the eriror log for log.roor ##log.root



        The error I marked as interesting ##interesting , shows that
        it can't create
        the user or maybe something else.  But up until that time
        there didn't seem
        to be a problem.

        ##smbldap.conf
        SID="S-1-5-21-2244683438-1300233924-2635510394"
        sambaDomain="internaltest"
        slaveLDAP="127.0.0.1"
        slavePort="389"
        masterLDAP="127.0.0.1"
        masterPort="389"
        ldapTLS="0"
        ldapSSL="0"
        verify="none"
        cafile="/etc/smbldap-tools/ca.pem"
        clientcert="/etc/smbldap-tools/smbldap-tools.iallanis.info.pem"
        clientkey="/etc/smbldap-tools/smbldap-tools.iallanis.info.key"
        suffix="dc=internaltest"
        usersdn="ou=Users,${suffix}"
        computersdn="ou=Computers,${suffix}"
        groupsdn="ou=Groups,${suffix}"
        idmapdn="ou=Idmap,${suffix}"
        sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
        scope="sub"
        hash_encrypt="SSHA"
        crypt_salt_format="%s"
        userLoginShell="/bin/bash"
        userHome="/home/%U"
        userHomeDirectoryMode="700"
        userGecos="System User"
        defaultUserGid="513"
        defaultComputerGid="515"
        skeletonDir="/etc/skel"
        defaultMaxPasswordAge="45"
        userSmbHome="\\PDC-TEST2\%U"
        userProfile="\\PDC-TEST2\profiles\%U"
        userHomeDrive="H:"
        userScript="logon.bat"
        mailDomain="internaltest.com <http://internaltest.com>"
        with_smbpasswd="0"
        smbpasswd="/usr/bin/smbpasswd"
        with_slappasswd="0"
        slappasswd="/usr/sbin/slappasswd"

        ##slapd.conf
        include /etc/openldap/schema/core.schema
        include /etc/openldap/schema/cosine.schema
        include /etc/openldap/schema/inetorgperson.schema
        include /etc/openldap/schema/nis.schema
        include /etc/openldap/schema/samba3.schema
        allow bind_v2
        pidfile /var/run/openldap/slapd.pid
        argsfile /var/run/openldap/slapd.args
        database bdb
        suffix "dc=internaltest"
        rootdn "cn=Manager,dc=internaltest"
        rootpw {SSHA}a7kYChHl9wXQKkJJYJ+JRLi/4EE2PH+B
        password-hash {SSHA}
        directory /var/lib/ldap
        index cn,sn,uid,displayName pres,sub,eq
        index uidNumber,gidNumber eq
        index sambaSID eq
        index sambaPrimaryGroupSID eq
        index sambaDomainName eq
        index objectClass pres,eq
        index default sub


        ##smb.conf

        # Global parameters
        [global]
                workgroup = internaltest
                netbios name = PDC-TEST2
                #security = DOMAIN
                enable privileges = yes
                #interfaces = 192.168.5.11
                #username map = /etc/samba/smbusers
                server string = Samba Server %v
                #security = ads
                encrypt passwords = Yes
                #min passwd length = 3
                #pam password change = no
                #obey pam restrictions = No

                # method 1:
                unix password sync = no
                ldap passwd sync = yes

                # method 2:
                #unix password sync = no
                #ldap passwd sync = no
                passwd program = /usr/sbin/smbldap-passwd -u "%u"
                passwd chat = "Changing *\nNew password*" %n\n
        "*Retype new
        password*" %n\n"

                log level = 3
                syslog = 0
                log file = /var/log/samba/log.%U
                max log size = 100000
                time server = Yes
                socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        SO_KEEPALIVE
                mangling method = hash2
                Dos charset = 850
                Unix charset = ISO8859-1

                logon script = logon.bat
                logon drive = H:
                logon home =
                logon path =

                domain logons = Yes
                domain master = Yes
                os level = 65
                preferred master = Yes
                wins support = yes
                # passdb backend = ldapsam:"ldap://ldap1.company.com
        <http://ldap1.company.com> ldap://
        ldap2.company.com <http://ldap2.company.com>"
                passdb backend = ldapsam:ldap://127.0.0.1
        <http://127.0.0.1>
                ldap admin dn = cn=Manager,dc=internaltest
                idmap backend = ldap:ldap://127.0.0.1 <http://127.0.0.1>
                idmap uid = 10000-20000
                idmap gid = 10000-20000
                winbind trusted domains only = Yes
                ldap admin dn = cn=Manager,dc=internaltest
              ldap suffix = dc=internaltest
                ldap group suffix = ou=Groups
                ldap user suffix = ou=Users
                ldap machine suffix = ou=Computers
                ldap idmap suffix = ou=Idmap
                add user script = /usr/sbin/smbldap-useradd -m "%u"
                #ldap delete dn = Yes
                delete user script = /usr/sbin/smbldap-userdel "%u"
                add machine script = /usr/sbin/smbldap-useradd -t 0 -w
        "%u"
                add group script = /usr/sbin/smbldap-groupadd -p "%g"
                #delete group script = /usr/sbin/smbldap-groupdel "%g"
                add user to group script = /usr/sbin/smbldap-groupmod
        -m "%u" "%g"
                delete user from group script =
        /usr/sbin/smbldap-groupmod -x "%u"
        "%g"
                set primary group script = /usr/sbin/smbldap-usermod
        -g '%g' '%u'

                # printers configuration
                #printer admin = @"Print Operators"
                load printers = Yes
                create mask = 0640
                directory mask = 0750
                #force create mode = 0640
                #force directory mode = 0750
                ldap ssl = off
                nt acl support = yes
                printing = cups
                printcap name = cups
                deadtime = 10
                guest account = nobody
                map to guest = Bad User
                dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
                show add printer wizard = yes
                ; to maintain capital letters in shortcuts in any of
        the profile
        folders:
                preserve case = yes
                short preserve case = yes
                case sensitive = no

        [netlogon]
                path = /home/netlogon/
                browseable = No
                read only = yes

        [profiles]
                path = /home/profiles
                read only = no
                create mask = 0600
                directory mask = 0700
                browseable = No
                guest ok = Yes
                profile acls = yes
                csc policy = disable
                # next line is a great way to secure the profiles
                #force user = %U

        [printers]
                comment = Network Printers
                #printer admin = @"Print Operators"
                guest ok = yes
                printable = yes
                path = /home/spool/
                browseable = No
                read only  = Yes
                printable = Yes
                print command = /usr/bin/lpr -P%p -r %s
                lpq command = /usr/bin/lpq -P%p
                lprm command = /usr/bin/lprm -P%p %j
                # print command = /usr/bin/lpr -...@%m -P%p -r %s
                # lpq command = /usr/bin/lpq -...@%m -P%p
                # lprm command = /usr/bin/lprm -...@%m -P%p %j
                # lppause command = /usr/sbin/lpc -...@%m hold %p %j
                # lpresume command = /usr/sbin/lpc -...@%m release %p %j
                # queuepause command = /usr/sbin/lpc -...@%m stop %p
                # queueresume command = /usr/sbin/lpc -...@%m start %p

        [print$]
                path = /home/printers
                guest ok = No
                browseable = Yes
                read only = Yes
                valid users = @"Print Operators"
                write list = @"Print Operators"
                create mask = 0664
                directory mask = 0775

        [public]
                path = /tmp
                guest ok = yes
                browseable = Yes
                writable = yes

        ##slapcat
        dn: dc=internaltest
        objectClass: dcObject
        objectClass: organization
        o: CentOS Directory Server
        dc: internaltest
        structuralObjectClass: organization
        entryUUID: 19b35250-2ed8-102f-9754-c7020288f76f
        creatorsName: cn=Manager,dc=internaltest
        modifiersName: cn=Manager,dc=internaltest
        createTimestamp: 20100728210905Z
        modifyTimestamp: 20100728210905Z
        entryCSN: 20100728210905Z#000000#00#000000

        dn: cn=Manager,dc=internaltest
        objectClass: organizationalRole
        cn: Manager
        structuralObjectClass: organizationalRole
        entryUUID: 07daf7b2-2ed9-102f-8872-8915b8109776
        creatorsName: cn=Manager,dc=internaltest
        modifiersName: cn=Manager,dc=internaltest
        createTimestamp: 20100728211545Z
        modifyTimestamp: 20100728211545Z
        entryCSN: 20100728211545Z#000000#00#000000

        dn: ou=Users,dc=internaltest
        objectClass: top
        objectClass: organizationalUnit
        ou: Users
        structuralObjectClass: organizationalUnit
        entryUUID: bf1fb79c-2ee2-102f-8006-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000000#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: ou=Groups,dc=internaltest
        objectClass: top
        objectClass: organizationalUnit
        ou: Groups
        structuralObjectClass: organizationalUnit
        entryUUID: bf214224-2ee2-102f-8007-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000001#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: ou=Computers,dc=internaltest
        objectClass: top
        objectClass: organizationalUnit
        ou: Computers
        structuralObjectClass: organizationalUnit
        entryUUID: bf22011e-2ee2-102f-8008-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000002#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: ou=Idmap,dc=internaltest
        objectClass: top
        objectClass: organizationalUnit
        ou: Idmap
        structuralObjectClass: organizationalUnit
        entryUUID: bf22362a-2ee2-102f-8009-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000003#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: uid=root,ou=Users,dc=internaltest
        objectClass: top
        objectClass: person
        objectClass: organizationalPerson
        objectClass: inetOrgPerson
        objectClass: sambaSamAccount
        objectClass: posixAccount
        objectClass: shadowAccount
        gidNumber: 0
        uid: root
        uidNumber: 0
        homeDirectory: /home/root
        sambaLogonTime: 0
        sambaLogoffTime: 2147483647
        sambaKickoffTime: 2147483647
        sambaPwdCanChange: 0
        sambaHomeDrive: H:
        sambaPrimaryGroupSID:
        S-1-5-21-2244683438-1300233924-2635510394-512
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-500
        structuralObjectClass: inetOrgPerson
        entryUUID: bf22ac2c-2ee2-102f-800a-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        sambaHomePath: \\



        -TEST2\root
        sambaProfilePath: \\PDC-TEST2\profiles\root
        gecos: Netbios Domain Administrator,,,,
        cn: Netbios Domain Administrator
        sn: Administrator
        givenName: Netbios Domain
        loginShell: /bin/false
        sambaLMPassword: EEF4826EA1DFCD118B0EA5A7DF135B03
        sambaAcctFlags: [U]
        sambaNTPassword: 5445CDB17290909D53D0DFCF99143190
        sambaPwdLastSet: 1280358116
        sambaPwdMustChange: 1284246116
        userPassword::
        e1NTSEF9cCs2RStCT1RPeVBwMldPRnkvcDdmSWZyYWhrdU1tRmE=
        shadowLastChange: 14818
        shadowMax: 45
        entryCSN: 20100728230156Z#000001#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728230156Z

        dn: uid=nobody,ou=Users,dc=internaltest
        cn: nobody
        sn: nobody
        objectClass: top
        objectClass: person
        objectClass: organizationalPerson
        objectClass: inetOrgPerson
        objectClass: sambaSamAccount
        objectClass: posixAccount
        objectClass: shadowAccount
        gidNumber: 514
        uid: nobody
        uidNumber: 999
        homeDirectory: /dev/null
        sambaPwdLastSet: 0
        sambaLogonTime: 0
        sambaLogoffTime: 2147483647
        sambaKickoffTime: 2147483647
        sambaPwdCanChange: 0
        sambaPwdMustChange: 2147483647
        sambaHomePath: \\PDC-TEST\nobody
        sambaHomeDrive: H:
        sambaProfilePath: \\PDC-TEST\profiles\nobody
        sambaPrimaryGroupSID:
        S-1-5-21-2244683438-1300233924-2635510394-514
        sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
        sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
        sambaAcctFlags: [NUD        ]
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-2998
        loginShell: /bin/false
        structuralObjectClass: inetOrgPerson
        entryUUID: bf2688a6-2ee2-102f-800b-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000005#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Domain Admins,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 512
        cn: Domain Admins
        memberUid: root
        description: Netbios Domain Administrators
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-512
        sambaGroupType: 2
        displayName: Domain Admins
        structuralObjectClass: posixGroup
        entryUUID: bf271672-2ee2-102f-800c-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000006#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Domain Users,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 513
        cn: Domain Users
        description: Netbios Domain Users
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-513
        sambaGroupType: 2
        displayName: Domain Users
        structuralObjectClass: posixGroup
        entryUUID: bf286144-2ee2-102f-800d-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        memberUid: user1
        entryCSN: 20100728222639Z#000002#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222639Z

        dn: cn=Domain Guests,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 514
        cn: Domain Guests
        description: Netbios Domain Guests Users
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-514
        sambaGroupType: 2
        displayName: Domain Guests
        structuralObjectClass: posixGroup
        entryUUID: bf28e628-2ee2-102f-800e-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000008#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Domain Computers,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 515
        cn: Domain Computers
        description: Netbios Domain Computers accounts
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-515
        sambaGroupType: 2
        displayName: Domain Computers
        structuralObjectClass: posixGroup
        entryUUID: bf2966c0-2ee2-102f-800f-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#000009#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Administrators,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 544
        cn: Administrators
        description: Netbios Domain Members can fully administer the
        computer/sambaDom
         ainName
        sambaSID: S-1-5-32-544
        sambaGroupType: 5
        displayName: Administrators
        structuralObjectClass: posixGroup
        entryUUID: bf29e8ca-2ee2-102f-8010-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#00000a#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Account Operators,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 548
        cn: Account Operators
        description: Netbios Domain Users to manipulate users accounts
        sambaSID: S-1-5-32-548
        sambaGroupType: 5
        displayName: Account Operators
        structuralObjectClass: posixGroup
        entryUUID: bf2a689a-2ee2-102f-8011-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#00000b#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Print Operators,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 550
        cn: Print Operators
        description: Netbios Domain Print Operators
        sambaSID: S-1-5-32-550
        sambaGroupType: 5
        displayName: Print Operators
        structuralObjectClass: posixGroup
        entryUUID: bf2ae89c-2ee2-102f-8012-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#00000c#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Backup Operators,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 551
        cn: Backup Operators
        description: Netbios Domain Members can bypass file security
        to back up
        files
        sambaSID: S-1-5-32-551
        sambaGroupType: 5
        displayName: Backup Operators
        structuralObjectClass: posixGroup
        entryUUID: bf2b942c-2ee2-102f-8013-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#00000d#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: cn=Replicators,ou=Groups,dc=internaltest
        objectClass: top
        objectClass: posixGroup
        objectClass: sambaGroupMapping
        gidNumber: 552
        cn: Replicators
        description: Netbios Domain Supports file replication in a
        sambaDomainName
        sambaSID: S-1-5-32-552
        sambaGroupType: 5
        displayName: Replicators
        structuralObjectClass: posixGroup
        entryUUID: bf2c266c-2ee2-102f-8014-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        entryCSN: 20100728222518Z#00000e#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728222518Z

        dn: sambaDomainName=internaltest,dc=internaltest
        objectClass: top
        objectClass: sambaDomain
        objectClass: sambaUnixIdPool
        sambaDomainName: internaltest
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394
        gidNumber: 1000
        sambaNextRid: 1000
        structuralObjectClass: sambaDomain
        entryUUID: bf2cc680-2ee2-102f-8015-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222518Z
        sambaPwdHistoryLength: 0
        sambaRefuseMachinePwdChange: 0
        sambaMaxPwdAge: -1
        sambaLockoutThreshold: 0
        uidNumber: 1002
        entryCSN: 20100728230213Z#000000#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728230213Z

        dn: uid=user1,ou=Users,dc=internaltest
        objectClass: top
        objectClass: person
        objectClass: organizationalPerson
        objectClass: inetOrgPerson
        objectClass: posixAccount
        objectClass: shadowAccount
        objectClass: sambaSamAccount
        cn: user1
        sn: user1
        givenName: user1
        uid: user1
        uidNumber: 1000
        gidNumber: 513
        homeDirectory: /home/user2
        loginShell: /bin/bash
        gecos: System User
        structuralObjectClass: inetOrgPerson
        entryUUID: ef8c3752-2ee2-102f-8016-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728222639Z
        sambaLogonTime: 0
        sambaLogoffTime: 2147483647
        sambaKickoffTime: 2147483647
        sambaPwdCanChange: 0
        displayName: user1
        sambaSID: S-1-5-21-2244683438-1300233924-2635510394-3000
        sambaPrimaryGroupSID:
        S-1-5-21-2244683438-1300233924-2635510394-513
        sambaLogonScript: logon.bat
        sambaHomeDrive: H:
        sambaAcctFlags: [U]
        sambaPwdLastSet: 1280356019
        sambaPwdMustChange: 1284244019
        userPassword::
        e1NTSEF9OFBQNGJJaXprRUNSblB3a2Q0SWpmd291Q3psVlNVczQ=
        shadowLastChange: 14818
        shadowMax: 45
        sambaHomePath: \\PDC-TEST2\user1
        sambaLMPassword: 64FE560F50A6EADE95D73E8F5168779A
        sambaNTPassword: 6CE7BF494BAF59B260C9C1DEFD85538E
        entryCSN: 20100728223207Z#000000#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728223207Z

        dn: uid=iet013c$,ou=Computers,dc=internaltest
        objectClass: top
        objectClass: account
        objectClass: posixAccount
        cn: iet013c$
        uid: iet013c$
        uidNumber: 1001
        gidNumber: 515
        homeDirectory: /dev/null
        loginShell: /bin/false
        description: Computer
        gecos: Computer
        structuralObjectClass: account
        entryUUID: e73c4f2e-2ee7-102f-8017-31ff3607ac6d
        creatorsName: cn=Manager,dc=internaltest
        createTimestamp: 20100728230213Z
        entryCSN: 20100728230213Z#000001#00#000000
        modifiersName: cn=Manager,dc=internaltest
        modifyTimestamp: 20100728230213Z

        ##log.root
        [2010/07/28 18:08:23.307225,  3]
        auth/auth.c:216(check_ntlm_password)
          check_ntlm_password:  Checking password for unmapped user
        [internaltest]\[ro...@[iet013c] with the new password interface
        [2010/07/28 18:08:23.307267,  3]
        auth/auth.c:219(check_ntlm_password)
          check_ntlm_password:  mapped user is:
        [internaltest]\[ro...@[iet013c]

        [2010/07/28 18:08:23.307512,  2]
        lib/smbldap.c:950(smbldap_open_connection)
          smbldap_open_connection: connection opened
        [2010/07/28 18:08:23.308337,  3]
        lib/smbldap.c:1166(smbldap_connect_system)
          ldap_connect_system: successful connection to the LDAP server

        [2010/07/28 18:08:23.319167,  2]
        passdb/pdb_ldap.c:2446(init_group_from_ldap)
          init_group_from_ldap: Entry found for group: 513
        [2010/07/28 18:08:23.321964,  3]
        auth/auth.c:265(check_ntlm_password)
          check_ntlm_password: sam authentication for user [root]
        succeeded

        [2010/07/28 18:08:23.322080,  2]
        auth/auth.c:304(check_ntlm_password)
          check_ntlm_password:  authentication for user [root] ->
         [root] ->  [root]
        succeeded
        [
        [2010/07/28 18:08:23.323898,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID
        [S-1-5-21-2244683438-1300233924-2635510394-500]
        [2010/07/28 18:08:23.323929,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-0]
        [2010/07/28 18:08:23.323969,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-5-2]
        [2010/07/28 18:08:23.323996,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-5-11]
        [2010/07/28 18:08:23.324023,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-1]
        [2010/07/28 18:08:23.324050,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-2]
        [2010/07/28 18:08:23.324077,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-3]
        [2010/07/28 18:08:23.324104,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-4]
        [2010/07/28 18:08:23.324131,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-6]
        [2010/07/28 18:08:23.324158,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-10]

        [2010/07/28 18:08:23.325356,  3]
        smbd/password.c:282(register_existing_vuid)
          register_existing_vuid: User name: root    Real name:
        Netbios Domain
        Administrator
        [2010/07/28 18:08:23.325380,  3]
        smbd/password.c:292(register_existing_vuid)
          register_existing_vuid: UNIX uid 0 is UNIX user root, and
        will be vuid 100
        [2010/07/28 18:08:23.325470,  3]
        smbd/password.c:223(register_homes_share)
          Adding homes service for user 'root' using home directory:
        '/root'

        [2010/07/28 18:08:23.327976,  3]
        smbd/service.c:1070(make_connection_snum)
          iet013c (::ffff:10.10.7.167) connect to service IPC$
        initially as user
        root (uid=0, gid=0) (pid 10971)


        [2010/07/28 18:08:23.334088,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 80
        [2010/07/28 18:08:23.334114,  3]
        rpc_server/srv_pipe.c:2414(api_rpcTNP)
          api_rpcTNP: rpc command: LSA_OPENPOLICY2
        [2010/07/28 18:08:23.334192,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 1084
        [2010/07/28 18:08:23.334960,  3] smbd/process.c:1485(process_smb)
          Transaction 8 of length 134 (0 toread)
        [2010/07/28 18:08:23.334984,  3]
        smbd/process.c:1294(switch_message)
          switch message SMBtrans (pid 10971) conn 0x2ac41ab15fb0
        [2010/07/28 18:08:23.335010,  3] smbd/ipc.c:545(handle_trans)
          trans<\PIPE\>  data=46 params=0 setup=2
        [2010/07/28 18:08:23.335032,  3] smbd/ipc.c:496(named_pipe)
          named pipe command on<>  name
        [2010/07/28 18:08:23.335052,  3] smbd/ipc.c:460(api_fd_reply)
          Got API command 0x26 on pipe "lsarpc" (pnum 22bc)
        [2010/07/28 18:08:23.335077,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 0
        [2010/07/28 18:08:23.335099,  3]
        rpc_server/srv_pipe.c:2414(api_rpcTNP)
          api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY2
        [2010/07/28 18:08:23.335128,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 0
        [2010/07/28 18:08:23.335964,  3] smbd/process.c:1485(process_smb)
          Transaction 9 of length 134 (0 toread)
        [2010/07/28 18:08:23.335988,  3]
        smbd/process.c:1294(switch_message)
          switch message SMBtrans (pid 10971) conn 0x2ac41ab15fb0
        [2010/07/28 18:08:23.336013,  3] smbd/ipc.c:545(handle_trans)
          trans<\PIPE\>  data=46 params=0 setup=2
        [2010/07/28 18:08:23.336036,  3] smbd/ipc.c:496(named_pipe)
          named pipe command on<>  name
        [2010/07/28 18:08:23.336055,  3] smbd/ipc.c:460(api_fd_reply)
          Got API command 0x26 on pipe "lsarpc" (pnum 22bc)
        [2010/07/28 18:08:23.336080,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 0
        [2010/07/28 18:08:23.336101,  3]
        rpc_server/srv_pipe.c:2414(api_rpcTNP)
          api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY
        [2010/07/28 18:08:23.336142,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 140
        [2010/07/28 18:08:23.337957,  3] smbd/process.c:1485(process_smb)
          Transaction 10 of length 104 (0 toread)
        [2010/07/28 18:08:23.337981,  3]
        smbd/process.c:1294(switch_message)
          switch message SMBntcreateX (pid 10971) conn 0x2ac41ab15fb0


        [2010/07/28 18:08:23.376056,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 82
        [2010/07/28 18:08:23.376079,  3]
        rpc_server/srv_pipe.c:2414(api_rpcTNP)
          api_rpcTNP: rpc command: NETR_SERVERREQCHALLENGE
        [2010/07/28 18:08:23.376125,  3]
        rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
          free_pipe_context: destroying talloc pool of size 0

          check_ntlm_password:  Checking password for unmapped user
        [internaltest]\[ro...@[iet013c] with the new password interface
        [2010/07/28 18:08:23.754944,  3]
        auth/auth.c:219(check_ntlm_password)
          check_ntlm_password:  mapped user is:
        [internaltest]\[ro...@[iet013c]

        [2010/07/28 18:08:23.762781,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID
        [S-1-5-21-2244683438-1300233924-2635510394-500]
        [2010/07/28 18:08:23.762812,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-0]
        [2010/07/28 18:08:23.762848,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-5-2]
        [2010/07/28 18:08:23.762875,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-5-11]
        [2010/07/28 18:08:23.762902,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-1]
        [2010/07/28 18:08:23.762929,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-2]
        [2010/07/28 18:08:23.762960,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-3]
        [2010/07/28 18:08:23.762987,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-4]
        [2010/07/28 18:08:23.763014,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-6]
        [2010/07/28 18:08:23.763041,  3]
        lib/privileges.c:63(get_privileges)
          get_privileges: No privileges assigned to SID [S-1-22-2-10]

        [2010/07/28 18:08:23.764297,  3]
        smbd/password.c:282(register_existing_vuid)
          register_existing_vuid: User name: root    Real name:
        Netbios Domain
        Administrator
        [2010/07/28 18:08:23.764322,  3]
        smbd/password.c:292(register_existing_vuid)
          register_existing_vuid: UNIX uid 0 is UNIX user root, and
        will be vuid 100
        [2010/07/28 18:08:23.764406,  3]
        smbd/password.c:223(register_homes_share)
          Adding homes service for user 'root' using home directory:
        '/root'

        [2010/07/28 18:08:23.766770,  3]
        smbd/reply.c:846(reply_tcon_and_X)
          tconX service=IPC$
        [2010/07/28 18:08:23.768679,  3] smbd/process.c:1485(process_smb)
          Transaction 4 of length 104 (0 toread)
        [2010/07/28 18:08:23.768704,  3]
        smbd/process.c:1294(switch_message)
          switch message SMBntcreateX (pid 10975) conn 0x2ac41ab18b90

        [2010/07/28 18:08:23.984602,  0]
        passdb/pdb_interface.c:348(pdb_default_create_user)
          _samr_create_user: Running the command
        `/usr/sbin/smbldap-useradd -t 0 -w
        "iet013c$"' gave 9
        [2010/07/28 18:08:23.984755,  3]
        passdb/pdb_interface.c:365(pdb_default_create_user)
          pdb_default_create_user: failed to create a new user structure:
        NT_STATUS_NO_SUCH_USER


    -- 
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/options/samba



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba