subject:"\[Samba\] samba with ldapsam\: first net join always fails, second succeeds"

[Samba] samba with ldapsam: first net join always fails, second succeeds

2006-09-12 Thread Helge Bahmann

Created an add machine script that basically looks for an unused
uid/rid, and then creates a stub LDAP entry for the machine; the first
time I issue net join, the script is invoked and creates the LDAP entry
correctly, but the join operation fails nevertheless:

f1sa:~# net -U winadmin join
winadmin's password:
[2006/09/08 10:19:40, 0] utils/net_ads.c:ads_startup(191)
  ads_connect: No results returned
Creation of workstation account failed
Unable to join domain FAK1.

The following log file entries are generated for this operation:

SASL/GSSAPI authentication started
SASL username: samba/[EMAIL PROTECTED]
SASL SSF: 56
SASL installing layers
[2006/09/08 09:53:15, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1781)
  ldapsam_add_sam_account: User 'f1sa$' already in the base, with samba
attribut
es
[2006/09/08 09:53:15, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350)
  could not add user/computer f1sa$ to passdb.  Check permissions?

(the SASL/GSSAPI part is the output from my add machine script; basically
I see here that it is working correctly)

However when I call net join a second time:

f1sa:~# net -U winadmin join
winadmin's password:
[2006/09/08 10:22:16, 0] utils/net_ads.c:ads_startup(191)
  ads_connect: No results returned
Joined domain FAK1.

It succeeds, the LDAP entry is updated accordingly and nothing is logged

Can someone tell me what is wrong here, or where I should have done
something differently?

(Samba version is 3.0.14a from debian sarge)
Best regards
-- 
Helge Bahmann [EMAIL PROTECTED] /| \__
The past: Smart users in front of dumb terminals   /_|\
 _/\ |   __)
Wer im finally-Block sitzt, sollte nicht \\ \|__/__|
mit exceptions werfen.\\/___/ |
|

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba with ldapsam: first net join always fails, second succeeds

2006-09-12 Thread Felipe Augusto van de Wiel

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/08/2006 05:26 AM, Helge Bahmann escreveu:
 Created an add machine script that basically looks for an unused
 uid/rid, and then creates a stub LDAP entry for the machine; the first
 time I issue net join, the script is invoked and creates the LDAP entry
 correctly, but the join operation fails nevertheless:
 
 f1sa:~# net -U winadmin join
 winadmin's password:
 [2006/09/08 10:19:40, 0] utils/net_ads.c:ads_startup(191)
   ads_connect: No results returned
 Creation of workstation account failed
 Unable to join domain FAK1.
 
 The following log file entries are generated for this operation:
 
 SASL/GSSAPI authentication started
 SASL username: samba/[EMAIL PROTECTED]
 SASL SSF: 56
 SASL installing layers
 [2006/09/08 09:53:15, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1781)
   ldapsam_add_sam_account: User 'f1sa$' already in the base, with samba
 attribut
 es
 [2006/09/08 09:53:15, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350)
   could not add user/computer f1sa$ to passdb.  Check permissions?
 
 (the SASL/GSSAPI part is the output from my add machine script; basically
 I see here that it is working correctly)

Ok, AIUI, you are adding machine information to an account
that already exists?


 However when I call net join a second time:
 
 f1sa:~# net -U winadmin join
 winadmin's password:
 [2006/09/08 10:22:16, 0] utils/net_ads.c:ads_startup(191)
   ads_connect: No results returned
 Joined domain FAK1.
 
 It succeeds, the LDAP entry is updated accordingly and nothing is logged
 
 Can someone tell me what is wrong here, or where I should have done
 something differently?

If the answer to the question I made above is yes, then
the second try to join the domain will find the correct fields
and will be able to join the machine, I'm not sure why the first
try didn't suceed but I have a strong feeling that it is related
with the fact of messing with already existing accounts.


 (Samba version is 3.0.14a from debian sarge)
 Best regards

Kind regards,

- --
Felipe Augusto van de Wiel [EMAIL PROTECTED]
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFBqFcCj65ZxU4gPQRAgLAAKDHH+rAWRqPkx8AMBvE0J4yodPrdgCfcmvi
xpJrCJKFECs25Yn7Yexy8DI=
=b7Pg
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba with ldapsam: first net join always fails, second succeeds

Re: [Samba] samba with ldapsam: first net join always fails, second succeeds

2 matches

Site Navigation

Mail list logo

Footer information