[Samba] Problems with Samba 3.4 under Opensolaris snv_111b

Mon, 07 Sep 2009 14:50:41 -0700 

Hi List,
I compiled Samba 3.4 for Opensolaris because the samba SUNWsmba shipped my SFW did not work properly. 


Now I had to realize, that the Problems are still there so I beleve  
that it is a common Problem with Solaris (?)



I have samba running as PDC with a Sun Directory Server as backend.  
All Authentication to Unix Clients work well with DSEE but Samba seems  
so have some trouble:



First, Password modify extended operation does not work so no  
smbpasswd <username> is possible when "ldap passwd sync" is set to  
yes. But exop basically works when I change the password using  
ldappasswd as user Manager.


The corresponding Error from smbpasswd is:


"ldapsam_modify_entry: LDAP Password could not be changed for user  
admin: Invalid syntax"

"Encountered an unexpected requestValue sequence element tag."


The workaround is to set the passwd and smbpasswd in one skript. But  
that is not a good idea, since users have to change their passwords  
for unix and windows seperately.



Second, joining a Windows XP host to the domein is sometimes possible,  
sometimes not. When I add a machine account using "smbpasswd -a -m  
host$" sometimes it fails with:



"pdb_default_create_user: failed to create a new user structure:  
NT_STATUS_NO_SUCH_USER"



The user exists then as created by the corresponding ldapadd script,  
but the samba related attributes are missing. I use the ldapscripts  
from sf.net. My ldap stuff in smb.conf is shown below.


Has anybody some expierience how to make samba/ldap/M$ ready for production?
Any hints would be greatly appreciated

Best regards

Ralf

  ########
  # LDAP #
  ########
  passdb backend = ldapsam:ldap://127.0.0.1/
  ldap ssl = Off
  invalid users = root
  ldap admin dn = cn=Directory Manager
  ldap suffix = dc=daheim,dc=int
  ldap group suffix = ou=group
  ldap user suffix = ou=people
  ldap machine suffix = ou=machines
  ldap passwd sync = no

  # scripts ldap
  # by default we add users to group
  add machine script = /usr/local/sbin/ldapaddmachine '%u' 1003
  add user script = /usr/local/sbin/ldapadduser '%u' 1001
  add group script = /usr/local/sbin/ldapaddgroup '%g'
  add user to group script = /usr/local/sbin/ldapaddusertogroup '%u' '%g'
  delete user script = /usr/local/sbin/ldapdeleteuser '%u'
  delete group script = /usr/local/sbin/ldapdeletegroup '%g'

  delete user from group script =  
/usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'

  set primary group script = /usr/local/sbin/ldapsetprimarygroup '%u' '%g'
###########################


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to