Well... I've got this in the /etc/ldap.conf: nss_base_passwd ou=People,dc=jome?one nss_base_shadow ou=People,dc=jome?one nss_base_group ou=Group,dc=jome?one nss_base_hosts ou=Hosts,dc=jome?one
I added the nss_base_passwd ou=Hosts,dc=jome?one but nothing seems to change... I don't know if I removed properly the nscd cache when retying... I rebooted the computer... Is that ok or do I have to do something else? Thanks for everything 2008/2/29, Jerome Tournier <[EMAIL PROTECTED]>: > Hi, > just one idea: have you configured nss_ldap to resolve account in > ou=Computers ? > ie, in /etc/ldap.conf, have you the 2 lines: > nss_base_passwd ou=Users,......?sub > nss_base_passwd ou=Computers,......?sub > > If not, add ou=Computers and remove any nscd cache before re-trying. > -- > Jérôme > > > On Mon, Feb 4, 2008 at 4:33 PM, Frank J. Pellegrino > <[EMAIL PROTECTED]> wrote: > > We have just setup Samba 3.0.28 with LDAP support. We are using a Sun One > > 5.2 LDAP server. > > > > We are having a problem when a new machine joins the domain. > > Here is a snippet of our smb.conf file > > add machine script = /usr/local/sbin/smbldap-useradd -w "%m" > > ldap machine suffix = ou=computers > > ldap user suffix = ou=People > > > > When a new machine attempts to join the domain a new entry is created in > > ou=computers as expected. This entry has only the posixAccount > information > > and no Samba info. However, the machine reports that it failed to join > the > > domain. Log entries on both samba and LDAP tell me that after the entry > is > > created, samba is trying to find that entry in ou=people instead of > > ou=computers. > > > > Attempting to add the machine again gives us an error that the machine > > already exists. > > > > I modified smbldap-useradd to include the sambaSamAccount information when > > the entry is created. The first attempt to join the domain still fails, > > however trying again succeeds. > > > > In another test, I removed the modifications from smbldap-useradd and > > modified the smbldap.conf file so that it thought the machines container > > was ou=people. With this change the new machine was able to join the > > domain on the first try. The problem here is that we don't want the > > machines mixed in with the users. > > > > So from this I determined that after creating the new entry for the > > machine, Samba then goes and looks for that entry in ou=people instead of > > ou=computers. My guess is that there is a bug in the code that looks at > > the wrong configuration entry. > > > > I have tried looking through the C code on my own. I'm only familiar with > > C so I haven't made as much progress as I'd like. > > > > Is this a known bug? Is it possible that we have a configuration wrong > > somewhere? > > > > Can anyone point me to the correct C file so I can try and fix this? > > > > I'd appreciate any help I can get. > > > > Thanks. > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > > > > > -- > Jérôme > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
