Hi Everyone. I have run across an issue that is driving me crazy. This is a new deployment of Samba v3.6.5 with openldap v2.4.30 and smbldap-tools v0.9.8
When trying to join the domain, on the first attempt the machine account is properly created in the correct ou - e.g. ou=Computers,dc=domain,dc=local But the "failed to join domain" pop-up with reason of "The user name could not be found" is displayed (which really means the machine name was not found in LDAP) and of course the machine is not yet a domain member. However, a 2nd attempt to join the domain with the same credentials, immediately after the failure results in a "Welcome to the X domain" and the machine is now a domain member. Setting the openldap slapd loglevel to 416 to show the queries during this process reveals the following: On 1st join attempt Samba searches the whole directory from dc=domain,dc=local with a scope of 2 (sub) for uid=MyMachine, objectClass=sambaSamAccount. It of course does not find it, so the smbldap-useradd script is called and the machine account is properly added to ou=Computers. Then Samba immediately searches _ONLY_ ou=People,dc=domain,dc=local for the newly created machine account and of course does not find it. And the "failed to join domain" pop-up is displayed on the WinXP machine. On the second join attempt, Samba _ONLY_ searches ou=Computers,dc=domain,dc=local, which is where it SHOULD search for machines as defined everywhere in my configs and it finds the machine and the machine successfully joins the domain. If I set all configs - samba, smbldap etc to be such that computers are in the "People" organizational unit, then joining the domain works on the first try, every time. Also, if I un-join the domain, but leave the machine account in LDAP in ou=Computers and then re-join the domain, this always works on first try too since Samba's initial scope 2 "sub" search of the directory starting at the top will find the machine account under ou=Computers. Can someone offer guidance as to why during the new machine creation process (joining a domain) Samba does not look for the machine in the defined machines ou but always in the People ou? Thank you in advance for any help on this! -- Bill Arlofski Reverse Polarity, LLC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
