Hi all,
Found this thread while searching for the problem you have and have
found a cure that works for me.
Whenever joining the domain from a Windows XP machine it was only
creating the Posix side of the account and not the sambaSamAccount
that's required for a successful account creation. Found the following
in another thread from 2005. Basically, change your add machine script
in smb.conf from:
smbldap-useradd -w "%u"
to
smbldap-useradd -w -d /dev/null -c 'Machine Account' -s /bin/false "%m"
-d sets the home directory of the machine user to "non-existant" (/dev/null)
-c sets the gecos and may not be strictly necessary (haven't tried without)
-s disables sets a non-existent login shell
and most importantly, %m sets the account name to the correct machine
name parameter, not user name.
Ironically, if I now run:
smbldap-usershow jpb-laptop$
after successfully connecting my laptop to the domain, I get no entry
returned. Slapcat'ing my ldap database however, shows the machine
account with all the correct Samba and Posix entries and logins work
fine. Let me know if this works for you and post it as [Solved] if it does.
Cheers,
Jools
Sascha Bieler wrote:
`/usr/sbin/smbldap-useradd -w "blackhawk$"' gave 9
The command smbldap-useradd exit with exit code 9, which means error.
It should exit with error 9, try running something like this:
I know, but this means just that account is created and normally it will be
overwritten. If I have a look inside ldap I see:
dn: uid=blackhawk$,ou=Computers,dc=audio,dc=de
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
cn: blackhawk$
sn: blackhawk$
uid: blackhawk$
uidNumber: 1016
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: inetOrgPerson
entryUUID: 7f9e7c88-9be3-102b-9a0c-c98dc3a52409
creatorsName: cn=admin,dc=audio,dc=de
createTimestamp: 20070521123527Z
entryCSN: 20070521123527Z#000001#00#000000
modifiersName: cn=admin,dc=audio,dc=de
modifyTimestamp: 20070521123527Z
/usr/sbin/smbldap-useradd -w "test123$" and see if there is an error
No error and account is added like this:
dn: uid=blackhawk$,ou=Computers,dc=audio,dc=de
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
cn: blackhawk$
sn: blackhawk$
uid: blackhawk$
uidNumber: 1017
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: inetOrgPerson
entryUUID: a4194154-9c85-102b-9a0f-c98dc3a52409
creatorsName: cn=admin,dc=audio,dc=de
createTimestamp: 20070522075607Z
entryCSN: 20070522075607Z#000001#00#000000
modifiersName: cn=admin,dc=audio,dc=de
modifyTimestamp: 20070522075607Z
While doing net join from running BDC it works, also debian 4.0. Don't really
know what I've done wrong.
Thanks for helping and thinking!
Sascha
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
