Hi, smbldap-useradd.pl command -w option will append the $ sign to the computer name.
I think its like a user account. getent passwd command will list computer account also. -Sundaram ----- Original Message ----- From: "Jason P Holland" <[EMAIL PROTECTED]> To: "Sundaram Ramasamy" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, January 09, 2004 4:19 PM Subject: Re: [Samba] Samba 3.0 PDC+LDAP Help in Fedora Core 1 > > Thanks for the response. Doesn't the machine account have to have a $ at > the end?? In which case the user and machine account are not the same > right? > > Jason > > On Fri, 9 Jan 2004, Sundaram Ramasamy wrote: > > > Can you put user and computer account in the same tree. > > > > change in smb.conf > > > > ldap machine suffix = ou=User > > > > also change you smbldap_conf.pm file also. > > > > > > ----- Original Message ----- > > From: "Jason P Holland" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Friday, January 09, 2004 3:08 PM > > Subject: [Samba] Samba 3.0 PDC+LDAP Help in Fedora Core 1 > > > > > > > > > > Hello, > > > > > > I am hoping someone will offer some help. I'm currently trying to setup a > > > samba 3 PDC with LDAP authentication backend in Fedora core 1. I've read > > > loads of documentation, including > > > > > > http://www.hilinski.net/samba/ldap_PDC_samba.doc > > > http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html > > > http://samba.idealx.org/samba-ldap-howto.pdf > > > > > > As well as tons of posts in the mailing list archives, but I still cannot > > > get this combination to work. > > > > > > As for the setup, I've installed Openldap 2.1.22, Samba 3.0.0, > > > smbldap-tools-0.8.2. I've run smbpasswd -w to add my slapd.conf password > > > to the secrets.tdb file. I've setup smbldap_conf.pl with my correct SID > > > and ldap dn. I've populated my ldap database using smbldap-populate.pl, > > > everything shows up correctly. I've gone in to the ldap db and fixed > > > roots uid and gid as well as its sambaSID so that it can act as > > > administrator. As far as I can tell, its setup correctly. > > > > > > However, when I go to join a W2k Workstation client, I get "The user name > > > could not be found.". Thats using root-testing combination from my config > > > files. Samba does automatically create the machine account, that looks > > > fine. But it refuses to join the machine. Yes, I'm aware of the registry > > > hack for XP,W2K machines, and that has also been changed. > > > > > > > > > The weird thing is from that client, who I cannot join, I can view shares > > > on the PDC using root-testing user pass combination, so I know the > > > authentication is working correctly through ldap. So what does that > > > user name not found error really mean? > > > > > > Does anyone see anything obviously wrong in my config files that would > > > cause this? I've cut them into the post below. I would appreciate any > > > help as I'm just tired of reading and just can't seem to get past adding > > > a machine. Thanks for any help... > > > > > > Jason > > > > > > > > > --- begin ldap.conf ---- > > > > > > HOST 127.0.0.1 > > > BASE dc=test,dc=edu > > > > > > ---- end ldap.conf ---- > > > > > > > > > --- begin slapd.conf ---- > > > > > > include /etc/openldap/schema/core.schema > > > include /etc/openldap/schema/cosine.schema > > > include /etc/openldap/schema/nis.schema > > > include /etc/openldap/schema/inetorgperson.schema > > > include /etc/openldap/schema/samba.schema > > > > > > pidfile /var/run/slapd.pid > > > argsfile /var/run/slapd.args > > > database bdb > > > suffix "dc=test,dc=edu" > > > rootdn "cn=root,dc=test,dc=edu" > > > rootpw testing > > > > > > directory /var/lib/ldap > > > index objectClass eq > > > index cn pres,sub,eq > > > index sn pres,sub,eq > > > index uid pres,sub,eq > > > index displayName pres,sub,eq > > > index uidNumber eq > > > index gidNumber eq > > > index memberUid eq > > > index sambaSID eq > > > index sambaPrimaryGroupSID eq > > > index sambaDomainName eq > > > index default sub > > > > > > ---- end slapd.conf ---- > > > > > > > > > ---- begin smb.conf ---- > > > [global] > > > passdb backend = ldapsam > > > ldap suffix = "dc=test,dc=edu" > > > ldap machine suffix = ou=Computers > > > ldap user suffix = ou=Users > > > ldap group suffix = ou=Groups > > > ldap admin dn = "cn=root,dc=test,dc=edu" > > > ldap ssl = no > > > idmap backend = ldap:ldap://127.0.0.1 > > > passwd chat debug = Yes > > > passwd program =/usr/local/sbin/smbldap-passwd.pl -o %u > > > passwd chat = *new*password* %n\n *new*password:* %n\ *successfully* > > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > > add machine script = /usr/local/sbin/smbldap-useradd.pl -w %m > > > add user script = /usr/local/sbin/smbldap-useradd.pl -a %u > > > delete user script = /usr/local/sbin/smbldap-userdel.pl %u > > > add group script = /usr/local/sbin/smbldap-groupadd.pl %g > > > delete group script = /usr/local/sbin/smbldap-groupdel.pl %g > > > add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m %u %g > > > delete user from group script = /usr/local/sbin/smbldap-groupmod.pl -x %u > > %g > > > set primary group script = /usr/local/sbin/smbldap-usermod.pl -G %g %u > > > workgroup = TEST > > > netbios name = donald > > > comment = test samba pdc > > > security = user > > > null passwords = yes > > > encrypt passwords = yes > > > logon script=logon.bat > > > logon drive = > > > logon path = > > > domain master = yes > > > domain logons = yes > > > preferred master = yes > > > os level = 33 > > > wins support = yes > > > wins proxy = no > > > log file = /var/log/samba/%m.log > > > public = No > > > browseable = yes > > > writable = No > > > > > > ; necessary share for domain controller > > > [netlogon] > > > path = /netlogon > > > locking = no > > > read only = yes > > > write list = ntadmin > > > > > > ;test share > > > [tmp] > > > writeable = yes > > > public = yes > > > path = /tmp > > > > > > [profiles] > > > path = /profiles > > > read only = no > > > writeable = yes > > > create mask = 0600 > > > directory mask = 0700 > > > > > > ---- end smb.conf --- > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
