On Thu, 4 Apr 2013, Andrew Bartlett wrote: > On Thu, 2013-04-04 at 15:30 +0800, David Adam wrote: > > Hi all, > > > > We have a somewhat crufty Samba 3 PDC NT-style domain backed on to an > > OpenLDAP server that we use for both Linux and Windows 7 authentication, > > thanks to the magic of ldapsam and smbk5pwd. > > > > So, what has happened is that I've forced on the 'ldapsam:trusted' in > our classicupgrade script, as it makes it much, much easier to set up a > migration, as you don't have to set up nss_ldap and then tear it down > again. > > I had assumed that almost all installations of Samba as a DC on LDAP > would store the unix account with the Samba account.
Your psychic powers were accurate; for some reason we still have a few machine accounts in /etc/passwd on the PDC and not in LDAP, even though we have ldapsam:trusted set. (I'm surprised that works.) Deleting the entries in /etc/passwd and rejoining the machines to the domain helps immensely. Thanks David [email protected] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
