What happens when you run "smbldap-useradd -w MYCOMPUTER$" from the command
line? I've found that useful for debugging machine-account-creation problems.
Ryan
Dan <[EMAIL PROTECTED]> 9/18/2006 5:41:21 PM >>>
Hello All,
I am having a very strange problem with samba 3.0.23c. I upgraded
everything from 3.0.9 and I am able to smbclient to the samba 3.0.23c
PDC with the administrator user just fine. When I go to add a machine
to the domain, it adds the unix machine account to the ou=computers like
it is supposed to but none of the samba entries are added. I get an
error on the windows side of "The user name can not be found." but I
know the administrator user is there. The group mappings are correct
for both the windows and unix groups, both on the PDC machine and in my
openldap backend. I am using the idealx scripts with 'smbldap-useradd
-w '%u' . It was my understanding that the scripts are not supposed
to add the samba stuff anymore but either samba itself or the machine
does that, I am not sure. Is this correct? Has anyone else seen things
like this? I searched and found a bunch of simular things but no real
solutions. I see in the logs where it is searching for the name of the
machine and the sambaSamAccount objectclass and failing because it is
not there, but I can't figure out why it is not getting created. I have
put the relevant log section below and can supply more if needed. I
suspect I am missing something simple. Any help would be greatly
appreciated.
[2006/09/18 18:30:05, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 05 00 00 00 00 00 00 00 ED 1D
0F 45 ........ ....í..E
[010] 8B 7A 00 00 .z..
[2006/09/18 18:30:05, 5]
rpc_server/srv_samr_nt.c:access_check_samr_function(222)
_samr_create_user: access check ((granted: 0x000d067b; required:
0x00000010)
[2006/09/18 18:30:05, 10] rpc_server/srv_samr_nt.c:can_create(2389)
Checking whether [MYCOMPUTER$] can be created
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 10] passdb/lookup_sid.c:lookup_name(64)
lookup_name: MYCOMPUTER$ => (domain), MYCOMPUTER$ (name)
[2006/09/18 18:30:05, 10] passdb/util_wellknown.c:lookup_wellknown_name(154)
map_name_to_wellknown_sid: looking up MYCOMPUTER$
[2006/09/18 18:30:05, 5]
passdb/secrets.c:secrets_fetch_trusted_domain_password(340)
secrets_fetch failed!
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(101) : conn_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/smbldap.c:smbldap_search_ext(1179)
smbldap_search_ext: base => [o=my.domain.com], filter =>
[(&(uid=MYCOMPUTER$)(objectclass=sambaSamAccount))], scope => [2]
[2006/09/18 18:30:05, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1396)
ldapsam_getsampwnam: Unable to locate user [MYCOMPUTER$] count=0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(101) : conn_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/smbldap.c:smbldap_search_ext(1179)
smbldap_search_ext: base => [ou=groups,o=my.domain.com], filter =>
[(&(objectClass=sambaGroupMapping)(|(displayName=MYCOMPUTER$)(cn=MYCOMPUTER$)))],
scope => [2]
[2006/09/18 18:30:05, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213)
ldapsam_getgroup: Did not find group
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 10] rpc_server/srv_samr_nt.c:can_create(2399)
MYCOMPUTER$ does not exist, can create it
[2006/09/18 18:30:05, 5] rpc_server/srv_samr_nt.c:_samr_create_user(2501)
_samr_create_user: can add this account : True
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(101) : conn_ctx_stack_ndx = 0
[2006/09/18 18:30:05, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_nt_user_token(448)
NT user token: (NULL)
[2006/09/18 18:30:05, 5] auth/auth_util.c:debug_unix_user_token(474)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(83)
Trying _Get_Pwnam(), username as given is MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(102)
Checking combinations of 0 uppercase letters in MYCOMPUTER$
[2006/09/18 18:30:05, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals didn't find user [MYCOMPUTER$]!
[2006/09/18 18:30:08, 0] passdb/pdb_interface.c:pdb_default_create_user(368)
_samr_create_user: Running the command
`/usr/local/sbin/smbldap-useradd -w 'MYCOMPUTER$'' gave 0
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_alloc(131)
Finding user MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(75)
Trying _Get_Pwnam(), username as lowercase is MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(83)
Trying _Get_Pwnam(), username as given is MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(102)
Checking combinations of 0 uppercase letters in MYCOMPUTER$
[2006/09/18 18:30:08, 5] lib/username.c:Get_Pwnam_internals(108)
Get_Pwnam_internals didn't find user [MYCOMPUTER$]!
[2006/09/18 18:30:08, 3] passdb/pdb_interface.c:pdb_default_create_user(381)
pdb_default_create_user: failed to create a new user structure:
NT_STATUS_NO_SUCH_USER
[2006/09/18 18:30:08, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_debug(84)
000000 samr_io_r_create_user
[2006/09/18 18:30:08, 6] rpc_parse/parse_prs.c:prs_debug(84)
000000 smb_io_pol_hnd user_pol
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
0000 data1: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
0004 data2: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint16(675)
0008 data3: 0000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint16(675)
000a data4: 0000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint8s(851)
000c data5: 00 00 00 00 00 00 00 00
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
0014 access_granted: 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_uint32(704)
0018 user_rid : 00000000
[2006/09/18 18:30:08, 5] rpc_parse/parse_prs.c:prs_ntstatus(763)
001c status: NT_STATUS_NO_SUCH_USER
[2006/09/18 18:30:08, 5] rpc_server/srv_pipe.c:api_rpcTNP(2305)
api_rpcTNP: called samr successfully
[2006/09/18 18:30:08, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(529)
free_pipe_context: destroying talloc pool of size 302
[2006/09/18 18:30:08, 10]
rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(963)
write_to_pipe: data_used = 76
[2006/09/18 18:30:08, 6] rpc_server/srv_pipe_hnd.c:read_from_pipe(995)
read_from_pipe: 7763 name: samr len: 1024
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
------------------------------------------------------------------------
-------------------------------------------------
This email transmission and any documents, files or previous
email messages attached to it may contain information that is
confidential or legally privileged. If you are not the intended
recipient, you are hereby notified that any disclosure, copying,
printing, distributing or use of this transmission is strictly
prohibited. If you have received this transmission in error,
please immediately notify the sender by telephone or return
email and delete the original transmission and its attachments
without reading or saving in any manner.
The Evangelical Lutheran Good Samaritan Society.
---------------------------------------------------------
