Hi, Have you tried to reinstall smbldap-tools? We have the same smbldap-tools package (0.9.4-1), but the file smbldap-useradd appears to be different. The same content that you indicate as line 231, in our file is on line 202.
Regards, Tisdn 2009/6/26 Arnaud Mombrial <[email protected]> > > Hi Samba People ! > > I'm experiencing some issues with the smbldap-tools suite and post it here > in > hope someone could give me some help. I want first to thank you if you take > teh > time to read my message til the end, as it's a little bit long ;) > > We do have a Debian Box on our LAN we use primarily as a File Server. This > server has initially been setup with Etch (4.0, net-install). I've upgraded > it > to Lenny (5.0) few days ago, and problems start to rise :/ > > Here is the problem that makes me crazy for 15 days now : > > ---- > fano2:~# smbldap-useradd -a ploup > Can't call method "get_value" on an undefined value at /usr/sbin/smbldap- > useradd line 232. > --- > > > The related lines in smbldap-useradd script are : > > > ---- > 229 # as grouprid we use the value of the sambaSID attribute for > 230 # group of gidNumber=$userGidNumber > 231 $group_entry = read_group_entry_gid($userGidNumber); > 232 $userGroupSID = $group_entry->get_value('sambaSID'); > 233 unless ($userGroupSID) { > 234 print "Error: SID not set for unix group $userGidNumber\n"; > 235 print "check if your unix group is mapped to an NT group\n"; > 236 exit(7); > 237 } > ---- > > > So this script can't retrieve the "sambaSID" value from $group_entry, > because > $group_entry is not defined. > > If I add the line > > ---- > print "Output of \$userGidNumber\n"; > ---- > > before line 231, the script output seems consistent : > > ---- > fano2:~# smbldap-useradd -a ploup > Output of $userGidNumber : 513 > Can't call method "get_value" on an undefined value at /usr/sbin/smbldap- > useradd line 233. > ---- > > as I do have a gidNumber set with the value 513 for the default group > "Domain > Users" : > > ---- > fano2:~# smbldap-groupshow Domain\ users > dn: cn=Domain Users,ou=Groups,dc=faberNoveldap,dc=local > objectClass: top,posixGroup,sambaGroupMapping > gidNumber: 513 > cn: Domain Users > description: Netbios Domain Users > sambaGroupType: 2 > displayName: Domain Users > memberUid: ** Not shown here due to security purpose ** > sambaSID: S-1-5-21-3439781798-418094041-3636104912-513 > ---- > > Nevertheless, I can create a user and samba access to share with ldap > backend > still continue to work, but I've to create my user through numerous steps > (smbldap-usershow are here for information purpose) : > > ---- > fano2:~# smbldap-useradd ploup > fano2:~# smbldap-passwd ploup > Changing UNIX password for ploup > New password: > Retype new password: > fano2:~# smbldap-usershow ploup > dn: uid=ploup,ou=Users,dc=faberNoveldap,dc=local > objectClass: > top,person,organizationalPerson,inetOrgPerson,posixAccount,shadowAccount > cn: ploup > sn: ploup > givenName: ploup > uid: ploup > uidNumber: 1095 > gidNumber: 513 > homeDirectory: /home/ploup > loginShell: /bin/bash > gecos: System User > userPassword: {SSHA}Hx0Myq136qqRFTLWk1zf49oJ3iROR3lP > shadowLastChange: 14421 > shadowMax: 3650 > fano2:~# smbldap-usermod -a ploup > Can't call method "get_value" on an undefined value at /usr/sbin/smbldap- > usermod line 183. > fano2:~# smbldap-usershow ploup > dn: uid=ploup,ou=Users,dc=faberNoveldap,dc=local > objectClass: > > top,person,organizationalPerson,inetOrgPerson,posixAccount,shadowAccount,sambaSamAccount > cn: ploup > sn: ploup > givenName: ploup > uid: ploup > uidNumber: 1095 > gidNumber: 513 > homeDirectory: /home/ploup > loginShell: /bin/bash > gecos: System User > userPassword: {SSHA}Hx0Myq136qqRFTLWk1zf49oJ3iROR3lP > shadowLastChange: 14421 > shadowMax: 3650 > sambaPwdLastSet: 0 > sambaLogonTime: 0 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaPwdCanChange: 0 > sambaPwdMustChange: 2147483647 > sambaSID: S-1-5-21-3439781798-418094041-3636104912-3190 > sambaAcctFlags: [UX] > ---- > > As you can see, the "smbldap-usermod -a" returns an error, but the scripts > creates at least some samba related attributes. > > But "sambaPrimaryGroupSID" is not set.... > > I can now use phpldapadmin to add the sambaPrimaryGroupSID and set it to : > S-1-5-21-3439781798-418094041-3636104912-513 without any problems... > > > I add here the output of some commands : > > > fano2:~# slaptest > /usr/local/etc/openldap/slapd.conf: line 84: rootdn is always granted > unlimited privileges. > config file testing succeeded > > > fano2:~# testparm > Load smb config files from /etc/samba/smb.conf > Processing section "[** Not shown here due to security purpose **]" > [Snip.] > Processing section "[** Not shown here due to security purpose **]" > Loaded services file OK. > WARNING: You have some share names that are longer than 12 characters. > These may not be accessible to some older clients. > (Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.) > Server role: ROLE_DOMAIN_PDC > [Snip.] > > > fano2:~# aptitude search ldap | grep ^i > i ldap-utils - OpenLDAP utilities > i ldapscripts - Add and remove user and groups (stored > in > i libldap-2.3-0 - OpenLDAP libraries > i libldap-2.4-2 - OpenLDAP libraries > i libldap2 - OpenLDAP libraries > i libldap2-dev - OpenLDAP development libraries > i A libnet-ldap-perl - A Client interface to LDAP servers > i A libnss-ldap - NSS module for using LDAP as a naming > serv > i A libpam-ldap - Pluggable Authentication Module for LDAP > i php5-ldap - LDAP module for php5 > i smbldap-tools - Scripts to manage Unix and Samba account > > > fano2:~# dpkg -l smbldap-tools > Souhait=inconnU/Installé/suppRimé/Purgé/H=à garder > | État=Non/Installé/fichier-Config/dépaqUeté/échec-conFig/H=semi- > installé/W=attend-traitement-déclenchements > |/ Err?=(aucune)/H=à garder/besoin Réinstallation/X=les deux (État,Err: > majuscule=mauvais) > ||/ Nom Version Description > +++-=========================-=========================- > ================================================================== > ii smbldap-tools 0.9.4-1 Scripts to manage > Unix > and Samba accounts stored on LDAP > > > fano2:~# cat /etc/apt/sources.list > deb http://ftp.fr.debian.org/debian/ lenny main contrib non-free > deb-src http://ftp.fr.debian.org/debian/ lenny main contrib non-free > > deb http://security.debian.org/ lenny/updates main contrib non-free > deb-src http://security.debian.org/ lenny/updates main contrib non-free > > deb http://www.backports.org/debian lenny-backports main contrib non-free > > > Thx for Reading gurus. > > > ………………………………………………………………. > Arnaud Mombrial • faberNovel > > E-mail : [email protected] > Tél. : +33 1 42 72 2004 • Mobile : +33 6 64 20 43 24 > 42, boulevard de Sébastopol 75003 Paris France > 1436 A Howard Street San Francisco CA 94103 USA > Web : www.faberNovel.com > ……………………………………………………………….. > This email is : [ ] bloggable [ ] ask first [X] private > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
