On Sun, 11 Jan 2004 02:17:06 -0400 (VET) [EMAIL PROTECTED] wrote: When you added the machine account by hand (the posix part), have you added the $ behind the machine name? Samba expects machines to be like tuqueque$ instead of tuqueque. It's just a quick guess. Btw, smbldap-tools work great for me (they automatically add all the needed groups for example - you'd like that), what exactly is your problem?
Jesore > Hello, > > I have some problems trying to configure a PDC with OpenLDAP backend using Samba > 3.0.1. > > My LDAP server is working fine and has the samba templates. > > I am able to configure users. The procedure I am using is I first create the user in > the LDAP server using posixAccount, shadowAccount, etc. Then, as root, I write > > smbpasswd -a user > > and it works fine. > > I get the same effect if I use > > pdbedit -a -u borra > > The user is able to mount a share in the server. At this point things are working > great. > > My first problem is that I have been unable to add machines. > I tried a similar procedure. First create the machine in the LDAP server (without > sambaSamAccount) and then > > smbpasswd -m -a theMachine > > I have tried everything including pdbedit and smbldap-tools 0.8.2. > I get the following errors when trying to add a machine called tuqueque using > > smbpasswd -m -a tuqueque -D256 > > Netbios name list:- > my_netbios_names[0]="BOA" > Trying to load: ldapsam:ldap://localhost > Attempting to register passdb backend ldapsam > Successfully added passdb backend 'ldapsam' > Attempting to register passdb backend ldapsam_compat > Successfully added passdb backend 'ldapsam_compat' > Attempting to register passdb backend smbpasswd > Successfully added passdb backend 'smbpasswd' > Attempting to register passdb backend tdbsam > Successfully added passdb backend 'tdbsam' > Attempting to register passdb backend guest > Successfully added passdb backend 'guest' > Attempting to find an passdb backend to match ldapsam:ldap://localhost (ldapsam) > Found pdb backend ldapsam > Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ICALUZ))] > smbldap_search_suffix: searching > for:[(&(objectClass=sambaDomain)(sambaDomainName=ICALUZ))] > smbldap_open_connection: ldap://localhost > smbldap_open_connection: connection opened > ldap_connect_system: Binding to ldap server ldap://localhost as > "cn=Manager,dc=ica,dc=luz,dc=ve" > ldap_connect_system: succesful connection to the LDAP server > The LDAP server is succesful connected > pdb backend ldapsam:ldap://localhost has a valid init > Attempting to find an passdb backend to match guest (guest) > Found pdb backend guest > pdb backend guest has a valid init > smbldap_search_suffix: searching > for:[(&(uid=tuqueque$)(objectclass=sambaSamAccount))] > smbldap_open: already connected to the LDAP server > ldapsam_getsampwnam: Unable to locate user [tuqueque$] count=0 > Finding user tuqueque$ > Trying _Get_Pwnam(), username as lowercase is tuqueque$ > Trying _Get_Pwnam(), username as uppercase is TUQUEQUE$ > Checking combinations of 0 uppercase letters in tuqueque$ > Get_Pwnam_internals didn't find user [tuqueque$]! > > > The smbldap-tools 0.8.2 do not work at all. They do not even work for adding users > (which I already solved using smbpasswd). > > I have other questions: > I have read that I have to create some groups (Domain Admins, Domain Users, Domain > Guests), but the procedure for doing that when using LDAP is not clear. I tried > adding the groups to the LDAP server and then using something like > > net groupmap modify ntgroup="Domain Admins" unixgroup=domadmin > > I get the following message: > > NT Group Domain Admins doesn't exist in mapping DB > > > Can somebody help me? > > Here is my smb.conf: > [global] > hosts allow = 172.17.6.0/255.255.255.0 > netbios name = BOA > workgroup = ICALUZ > security = user > encrypt passwords = yes > preferred master = yes > domain master = yes > local master = yes > domain logons = yes > os level = 33 > > ldap suffix = dc=ica,dc=luz,dc=ve > ldap admin dn = "cn=Manager,dc=ica,dc=luz,dc=ve" > > idmap backend = ldap:ldap://localhost > idmap gid = 10000-20000 > idmap uid = 10000-20000 > ldap idmap suffix = ou=Idmap > > passdb backend = ldapsam:ldap://localhost > ldap ssl = off > ldap delete dn = no > ldap user suffix = ou=Personas > > ldap group suffix = ou=Grupos > ldap machine suffix = ou=Computadoras > #ldap filter = (&(uid=%u)(objectclass=sambaSamAccount)) > ldap filter = (uid=%u) > > logon path = \\%N\profiles\%u > logon drive = H: > logon home = \\homeserver\%u\winprofile > logon script = logon.cmd > > #logging > log level = 2 > log file = /var/lib/samba/%m.log > > [netlogon] > path = /var/lib/samba/netlogon > read only = yes > write list = ntadmin > > [profiles] > path = /var/lib/samba/profiles > read only = no > create mask = 0644 > directory mask = 0755 > > [test] > path=/tmp > writeable=yes > public=yes > > > I have tried to follow the documentation, but it is somewhat confising when it > refers to LDAP. It is never clear whether they are talking about the new style or > the old Samba 2.x style. Maybe it is not completely updated. > Any help is appreciated. > > Regards, > VS > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
