Hi Craig I'm new to Samba 3, and I still have problems with LDAP ;o) But maybe i can help on this... I think you want to remove a Workstation (the $ told me that) but there're not the W flag in sambaAcctFlags. Sorry if I'm wrong... Seb.
Selon Craig White <[EMAIL PROTECTED]>: > Mother always told me that there'd be days like this. She just didn't > tell me that they go on for weeks. > > OK - John's book suggests that we're not complete in this arena > here...Yeah, I bought the Samba 3 How-to-guide - Borders/Phoenix had 3 > on the shelf (now 2) - and also an LDAP book for reference. It's been a > fun weekend ;-) > > problemo... > > # smbpasswd -x -i MULLEN > ldapsam_delete_entry: Could not delete attributes for > uid=mullen$,ou=People,o=Mullen,c=US, error: Object class violation > (object class 'person' requires attribute 'cn') > Failed to delete entry for user MULLEN$. > Failed to modify password entry for user MULLEN$ > > [must check - yes, cn=MULLEN$ is there, but the $ is probably kinking > the hose...dunno - it found it in simple search further down email] > > # net rpc trustdom list > Password: > The username or password was not correct. > [2003/12/21 23:08:46, 0] utils/net_rpc.c:rpc_trustdom_list(2028) > Couldn't connect to domain controller > > [too tired to figure this last one out] > > # ldapsearch -x -h localhost -b 'o=Mullen,c=US' '(uid=MULLEN$)' > version: 2 > > # > # filter: (uid=MULLEN$) > # requesting: ALL > # > > # mullen$, People, Mullen, US > dn: uid=mullen$,ou=People,o=Mullen,c=US > uid: mullen$ > cn: mullen$ > sn: mullen$ > mail: [EMAIL PROTECTED] > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: top > objectClass: kerberosSecurityObject > objectClass: sambaSamAccount > krbName: [EMAIL PROTECTED] > loginShell: /bin/false > uidNumber: 1001 > gidNumber: 1001 > homeDirectory: /home/mullen > sambaSID: S-1-5-21-3186189368-1246494298-1334198317-3002 > sambaPrimaryGroupSID: S-1-5-21-3186189368-1246494298-1334198317-3003 > sambaPwdCanChange: 1072073389 > sambaPwdMustChange: 2147483647 > sambaLMPassword: the-names-have-been-changed > sambaNTPassword: to-protect-the-innocent > sambaPwdLastSet: 1072073389 > sambaAcctFlags: [I ] > > yes, there's an entry in /etc/passwd for MULLEN$ (had to hand edit after > adding the user mullen) > > interdomain trust was working earlier today - but I ended up purging the > LDAP one last time because I had to get rid of SID's from original > domain captured by net rpc vampire and create a new SID for the second > domain. > > wanted to just delete the trust from LINUX-DOMAIN to WINDOWS-DOMAIN to > start over. Trust from WINDOWS-DOMAIN to LINUX-DOMAIN seems OK. > > Learning Samba 3 (so much has changed from 2.2x) simultaneously with > LDAP has been a numbing experience. Methinks that there are config stuff > for smb3 that aren't in LDAP db - possibly in secrets.tdb - sort of > samba's equiv to the Windows registry. Don't mind passwords, but where > do they hide the things like group mapping and domain trusts? I probably > should have 'nuked' the secrets.tdb but I'm tired, chicken and perhaps > someone will shine light in the dark corners. > > Craig > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
