Mother always told me that there'd be days like this. She just didn't tell me that they go on for weeks.
OK - John's book suggests that we're not complete in this arena here...Yeah, I bought the Samba 3 How-to-guide - Borders/Phoenix had 3 on the shelf (now 2) - and also an LDAP book for reference. It's been a fun weekend ;-) problemo... # smbpasswd -x -i MULLEN ldapsam_delete_entry: Could not delete attributes for uid=mullen$,ou=People,o=Mullen,c=US, error: Object class violation (object class 'person' requires attribute 'cn') Failed to delete entry for user MULLEN$. Failed to modify password entry for user MULLEN$ [must check - yes, cn=MULLEN$ is there, but the $ is probably kinking the hose...dunno - it found it in simple search further down email] # net rpc trustdom list Password: The username or password was not correct. [2003/12/21 23:08:46, 0] utils/net_rpc.c:rpc_trustdom_list(2028) Couldn't connect to domain controller [too tired to figure this last one out] # ldapsearch -x -h localhost -b 'o=Mullen,c=US' '(uid=MULLEN$)' version: 2 # # filter: (uid=MULLEN$) # requesting: ALL # # mullen$, People, Mullen, US dn: uid=mullen$,ou=People,o=Mullen,c=US uid: mullen$ cn: mullen$ sn: mullen$ mail: [EMAIL PROTECTED] objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: kerberosSecurityObject objectClass: sambaSamAccount krbName: [EMAIL PROTECTED] loginShell: /bin/false uidNumber: 1001 gidNumber: 1001 homeDirectory: /home/mullen sambaSID: S-1-5-21-3186189368-1246494298-1334198317-3002 sambaPrimaryGroupSID: S-1-5-21-3186189368-1246494298-1334198317-3003 sambaPwdCanChange: 1072073389 sambaPwdMustChange: 2147483647 sambaLMPassword: the-names-have-been-changed sambaNTPassword: to-protect-the-innocent sambaPwdLastSet: 1072073389 sambaAcctFlags: [I ] yes, there's an entry in /etc/passwd for MULLEN$ (had to hand edit after adding the user mullen) interdomain trust was working earlier today - but I ended up purging the LDAP one last time because I had to get rid of SID's from original domain captured by net rpc vampire and create a new SID for the second domain. wanted to just delete the trust from LINUX-DOMAIN to WINDOWS-DOMAIN to start over. Trust from WINDOWS-DOMAIN to LINUX-DOMAIN seems OK. Learning Samba 3 (so much has changed from 2.2x) simultaneously with LDAP has been a numbing experience. Methinks that there are config stuff for smb3 that aren't in LDAP db - possibly in secrets.tdb - sort of samba's equiv to the Windows registry. Don't mind passwords, but where do they hide the things like group mapping and domain trusts? I probably should have 'nuked' the secrets.tdb but I'm tired, chicken and perhaps someone will shine light in the dark corners. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
