John, I appreciate your reaction, but could you explain this error ?
[2005/05/27 16:19:10, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1479) ldapsam_modify_entry: Failed to add user dn= uid=infobcer$,ou=machines,dc=corman,dc=be with: Already exists [2005/05/27 16:19:10, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1911) ldapsam_add_sam_account: failed to modify/add user with uid = infobcer$ (dn = uid=infobcer$,ou=machines,dc=corman,dc=be) [2005/05/27 16:19:10, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2398) could not add user/computer infobcer$ to passdb. Check permissions? I use root for adding to my PDC, ldap version : 2.1.25 thanks ----------------------------------- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/05/2005 20:15:05 : > Stéphane, > > The book "Samba-3 by Example" is being reprinted very soon. Up to date builds > of the PDF are available on the Samba web site daily. This document can be > downloaded from: > > http://www.samba.org/samba/docs/Samba-Guide.pdf > > In chapter 5 I have fully documented how Samba-3 can be deployed > with LDAP and > using the smbldap-tools. It works perfectly for me and in many sites that > have given me feedback that it works. Over the past two months I have > received and applied about 40 suggestions for improvement. Every report that > it does not work has been resolved, but given all of this I am 100% certain > that there are still bugs in there. > > I would greatly appreciate if you could test-drive this chapter and report > back any bugs or problems you come across. > > I will personally work with you to resolve any issues that you may find. > > Your claim below that there has been no reaction from the Samba Teamis wrong. > A number of us have worked with Jerome Tournier, that has resulted in the > 0.9.0 release of the smbldap-tools. We do not make a practice of ignoring our > uses. I have been working on updating our documentation also as a result of > feedback an dbug reports. You have never been ignored. > > The smbldap-tools should be configured to handle only the POSIX part of LDAP > based accounts. Samba should handle all the sambaSAM components. > > Please review chapter 5 and give me your feedback. I am anxious to fix any > problem you may have. > > Cheers, > John T. > > > On Thursday 26 May 2005 09:12, [EMAIL PROTECTED] wrote: > > Ok, > > > > I re-read the script and the sambasamaccount is only added with -i option. > > > > My position is : > > - I asked the problem in 2004, I a put a BUG. For some reasons, no > > reaction from samba team for this problem. > > - My solution is modify the smbldap-script for add sambasamaccount > > and add a machine on two step, it's work (until today) > > > > add theses lines after the > > if (defined($Options{'i'})) { > > > > > ... > > > } > > > > if (defined($Options{'w'})) { > > # For machine account > > # Objectclass sambaSAMAccount must be added now ! > > > > my $date=time; > > my $modify = $ldap_master->modify ( > > "uid=$userName,$config{computersdn}", > > changes => [ > > replace => [objectClass > > => ['inetOrgPerson', 'posixAccount', 'sambaSAMAccount']], > > add => [sambaLogonTime > > => '0'], > > add => [sambaLogoffTime > > => '2147483647'], > > add => > > [sambaKickoffTime => '2147483647'], > > add => > > [sambaPwdCanChange => '0'], > > add => > > [sambaPwdMustChange => '2147483647'], > > add => [sambaPwdLastSet > > => "$date"], > > add => [sambaAcctFlags > > => '[W ]'], > > add => [sambaSID => > > "$user_sid"], > > add => > > [sambaPrimaryGroupSID => "$config{SID}-515"] > > ] > > ); > > > > $modify->code && die "failed to add entry: ", $modify->error ; > > } > > > > ask me if problem, I cannot add machine today, but if you can test for me I > > appreciate. > > > > thanks > > > > > > Stéphane Purnelle > > > > ----------------------------------- > > Stéphane PURNELLE [EMAIL PROTECTED] > > Service Informatique Corman S.A. Tel : 00 32 087/342467 > > > > [EMAIL PROTECTED] a écrit > > > > sur 26/05/2005 16:57:49 : > > > [EMAIL PROTECTED] wrote: > > > > I forgot some details. > > > > the script add the sambasamaccount. > > > > could you send me the smbldap-useradd script for see what version you > > > > use ? > > > > > > some smbldap script not add the sambasamaccount, because normally samba > > > > must add it (and is this part which don't work). > > > > the last version seems to add the sambasamaccount attributes and old > > > > version too. > > > > > > Ah! smbldap-useradd in 0.8.7 certainly does not seem to add the > > > sambasamaccount attributes. I just downloaded the latest 0.9.0 and that > > > doesn't seem to either. Not with -w, which as i understand it is the way > > > it should be used. -w just makes the posixaccount and expects samba to > > > do the rest... > > > > > > # MACHINE ACCOUNT > > > if (defined($Options{'w'}) or defined($Options{'i'})) { > > > > > > #print "About to create machine $userName:\n"; > > > > > > if (!add_posix_machine > > > ($userName,$userUidNumber,$userGidNumber,$Options{'t'})) { > > > die "$0: error while adding posix account\n"; > > > } > > > > > > if (defined($Options{'i'})) { > > > ... > > > } > > > > > > $ldap_master->unbind; > > > exit 0; > > > } > > > > > > Should the add machine script set up the samba attributes? It seems a > > > bit mad. Surely samba should be finding that the user exists but doesn't > > > have the samba attributes and then it should modify the user? That's > > > what the code in my original post appears to be trying to do... > > > > > > John > > -- > John H Terpstra > Samba-Team Member > Phone: +1 (650) 580-8668 > > Author: > The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 > Samba-3 by Example, ISBN: 0131472216 > Hardening Linux, ISBN: 0072254971 > Other books in production.-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba