On Wednesday 06 August 2008 04:51:19 Michał Adamczyk wrote: > Hi, > > I have running LDAP + SAMBA as PDC on gentoo and I have problem with > adding machine account. > > Whem I try add machine account with pdbedit -am 'hostname' I have this > error: > > smbldap_search_domain_info: Searching > for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE.KENS.PL))] > smbldap_open_connection: connection opened > ldap_connect_system: succesful connection to the LDAP server > smbldap_search_domain_info: Searching > for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE.KENS.PL))] > smbldap_open_connection: connection opened > ldap_connect_system: succesful connection to the LDAP server > Cannot locate Unix account for hostname$
How is your /etc/ldap.conf file configured? Do you have the following in this file?: nss_base_passwd ou=People,ou=Users,dc=yourzone,dc=org?one nss_base_passwd ou=Computers,ou=Users,dc=yourzone,dc=org?one nss_base_shadow ou=People,ou=Users,dc=yourzone,dc=org?one nss_base_shadow ou=Computers,ou=Users,dc=yourzone,dc=org?one nss_base_group ou=Groups,dc=yourzone,dc=org?one Instead of searching each directory sub-tree, you could do a sub-search from the top down, like this: nss_base_passwd dc=yourzone,dc=org?sub nss_base_shadow dc=yourzone,dc=org?sub nss_base_group ou=Groups,dc=yourzone,dc=org?one > I added first machine account with smbldap-useradd -w 'localhost' > (host has been created in LDAP tree in right ou), There is no need to do the above. Samba never refers to itself as "localhost". > the /etc/nsswitch.conf looks like these: > > passwd: ldap > shadow: ldap > group: ldap For the above you might want: passwd: files ldap shadow: files ldap group: files ldap This permits resolution of system accounts at boot time and before LDAP is enabled. > hosts: files dns > networks: files dns > > services: db files > protocols: db files > rpc: db files > ethers: db files > netmasks: files > netgroup: files > bootparams: files > > automount: files > aliases: files > > But sill the same error. > > That error disappers after change /etc/nsswitch.conf to: > > passwd: compat > shadow: compat > group: compat The compat model is good, but then you need to add to your /etc/nsswitch.conf file: passwd_compat: ldap group_compat: ldap > > and run: adduser hostname$ > and then: pdbedit -am 'hostname' > > Also it works fine when I use: smbldap-useradd 'localhost$', but then > I have mixed Users and Computers, and I dont want this kind of mess. > > My questions are: Why I must create Unix account for machine account > before pdbedit create it? Why pdbedit doesn't see Unix accounts for > computures in ou=Computers, only in ou=Users? > > -- > Best Regards, > > Michał Adamczyk Cheers, John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
